Data Privacy Engineer

Location US-FL-Orlando
ID 2026-48822
Category
Information Systems
Position Type
Full-Time
Remote
No
Address
450 S. Orange Ave

Overview

SUMMARY / OVERALL PURPOSE

 

The Data Privacy Engineer is responsible for designing, building, and operationalizing technical controls that enable the organizations privacy compliance program and support adherence to evolving U.S. state data privacy regulations and industry standards. This role partners with Engineering, IT, Security, and Legal/Compliance to implement privacy-by-design across systems and data flowsincluding data discovery/classification, consent and preference enforcement, retention and deletion automation, and support for consumer data rights requests (DSARs).

The engineer will serve as a key technical liaison between Legal, IT, Marketing, HR, Product, and Compliance teamstranslating privacy requirements into scalable system designs, patterns, and engineering backlog items. This role is critical in reducing regulatory risk, maintaining consumer trust, and enabling responsible data use by embedding privacy controls into the software development lifecycle (SDLC), data platforms, and third-party integrations.

 

ESSENTIAL/PRIMARY DUTIES, FUNCTIONS, AND RESPONSIBILITIES

 

Privacy Compliance & Governance

  • Monitor and interpret evolving data privacy regulations including CCPA/CPRA, Virginia CDPA, Colorado CPA, Connecticut CTDPA, Texas TDPSA, Florida Digital Bill of Rights, and other emerging state privacy laws.
  • Assist in the development, maintenance, and operationalization of the organization's data privacy program, policies, and procedures.
  • Conduct privacy risk assessments and support Privacy Impact Assessments (PIAs) or Data Protection Impact Assessments (DPIAs) for new initiatives involving personal data.
  • Maintain and update data inventories and data flow mappings to ensure visibility into how personal data is collected, stored, processed, and shared.

Consumer Privacy Rights Management

  • Coordinate and manage Data Subject Access Requests (DSARs) and other consumer rights requests including access, deletion, correction, and opt-out requests.
  • Work with internal stakeholders to ensure timely and compliant responses within statutory timelines.
  • Maintain documentation and reporting related to privacy requests and regulatory obligations.

Vendor & Third-Party Privacy Oversight

  • Conduct vendor privacy reviews and assessments to evaluate third-party data protection practices.
  • Support contract reviews and assist Legal in ensuring appropriate data protection and privacy clauses are included in vendor agreements.
  • Monitor vendor compliance with data protection requirements and coordinate remediation efforts where necessary.


Privacy by Design & Business Enablement

  • Collaborate with IT, Marketing, HR, Product, and Digital teams to integrate privacy considerations into new technologies, campaigns, and business initiatives.
  • Provide guidance on data minimization, consent management, retention policies, and responsible data use.
  • Support implementation and operational management of privacy technology platforms (e.g., consent management, DSAR workflow tools, data discovery solutions).


Monitoring, Reporting, and Awareness

  • Track privacy program metrics, including DSAR volumes, response times, and vendor assessment outcomes.
  • Prepare reports for leadership on privacy compliance posture, risks, and program maturity.
  • Assist in developing and delivering privacy training and awareness programs for employees.

JOB REQUIREMENTS (SKILLS & EXPERIENCE)

 

  • Bachelor's degree in Information Security, Privacy, Law, Business, Computer Science, or related field, or equivalent professional experience.


EXPERIENCE

 

  • 3-6+ years of experience in privacy engineering, data engineering, security engineering, or technical privacy/compliance programs.
  • Working knowledge of U.S. state privacy regulations (e.g., CCPA/CPRA and other emerging frameworks) and the ability to translate requirements into technical controls.
  • Experience implementing or supporting DSAR workflows, consent/preference enforcement, retention/deletion processes, and/or data discovery, classification, and data mapping initiatives.
  • Experience partnering with Legal/Compliance, Security, Engineering, IT, and business units to deliver technical solutions under regulatory and delivery timelines.

 

PREFERRED EXPERIENCE

 

  • Experience in hospitality, retail, or consumer-facing industries where large volumes of consumer data are processed, including omnichannel and digital platforms.
  • Hands-on experience with privacy and security tooling such as privacy management/consent platforms (e.g., OneTrust, TrustArc), data discovery/classification (e.g., BigID, Securiti), DLP, IAM, SIEM/logging, and/or ticketing/automation workflows.

 

SKILLS & COMPETENCIES

 

  • Strong understanding of privacy principles and regulatory requirements, with the ability to translate obligations into technical requirements and system controls.
  • Ability to design, implement, and validate privacy controls across applications, APIs, data pipelines, and third-party integrations.
  • Strong delivery skills (planning, prioritization, and execution) with experience working in Agile/SDLC processes and managing work through tickets/backlogs.
  • Strong written and verbal communication skills, including the ability to document technical designs and explain privacy concepts to both technical and non-technical stakeholders.
  • Detail-oriented with strong analytical and troubleshooting skills, including comfort working with datasets, logs, and system behavior to identify gaps and validate fixes.
  • Ability to work independently while collaborating across engineering, security, and business teams to deliver scalable solutions.

 

CERTIFICATIONS (PREFERRED)

 

  • Certified Information Privacy Professional (CIPP/US)
  • Certified Information Privacy Manager (CIPM)
  • Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or related security/cloud certification

 

Strategic Impact

 

This role plays a critical part in protecting the organization from regulatory risk while strengthening consumer trust. By engineering privacy controls into systems and data platforms and automating key processes such as discovery, retention/deletion, consent enforcement, and DSAR fulfillment the Data Privacy Engineer will reduce operational friction, improve auditability, enable responsible data use, and help maintain a strong reputation for protecting customer information.

 

 

WORK ENVIRONMENT AND PHYSICAL DEMANDS:

 

  • Ability to stand, bend, stoop, sit, walk, twist, and turn.
  • Ability to lift up to 25 pounds occasionally.
  • Ability to use a computer keyboard and calculator.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.