ASAPP is hiring a
Data Protection and Privacy Engineer, Remote - United States

Summary

The job is for a Privacy Engineer at ASAPP, a company specializing in Vertical AI and generative AI solutions. The role involves translating global privacy regulatory requirements into technical specifications, designing and implementing data protection processes, maintaining data lifecycle management documentation, providing guidance on personal data protection decisions, driving the Privacy Impact Assessment process, and leading the Data Protection Steering Committee.

Requirements

• At least ten years of cumulative experience in data protection, technology, or software development with minimum of five years in privacy engineering
• Industry experience working in Technology/software/SaaS companies
• Ability to influence across all levels of the organization
• Experience translating privacy requirements into clear engineering objectives and providing guidance to engineering teams to develop and configure privacy controls
• Experience in partnering with research, engineering, product and security teams throughout the product life cycle to address privacy compliance issues and move compliance beyond the checklist
• Ability to exercise good judgment around the balance of compliance and business needs
• Customer-focused mindset
• Working experience in technical product development or previous experience building privacy controls in technology platforms

Responsibilities

• Translate global privacy regulatory requirements (CCPA, CPRA, GDPR, HIPAA, etc.) into technical and product specifications, in close partnership with product and engineering stakeholders
• Work with internal teams to design, implement, and enhance processes and controls in the area of data protection and privacy to standardize and scale across the company (including but not limited to, data obfuscation, retention, data subject requests, usage of data in LLMs)
• Maintain the data lifecycle management documentation, including data flows, policies, procedures, standards and engage in data lifecycle requirements elicitation such as data retention and destruction
• Provide guidance and Data Privacy subject matter expertise to business and technology application owners related to personal data protection decisions, remediation planning, and associated execution activities
• Drive the Privacy Impact Assessment process
• Led Data Protection Steering Committee, enabling the decision making and facilitation, information sharing, and roadmap planning
• Design/architect processes to manage customer and internal data end-2-end (collect, process, store, share, archive, dispose of)

Preferred Qualifications

• CDPSE, CIPT, CIPP certifications are highly preferred
• Privacy SME with previous development/engineering/architecture/technology experience who can clearly communicate privacy expectations with engineering teams and contribute beyond the interpretation of privacy laws and regulations
• Experience with coordinating with Legal to refine regulatory requirements, and contractual obligations and identify operational gaps in order to manage risk with regulatory compliance and contractual compliance

Benefits

• Competitive compensation with stock options
• Comprehensive medical, vision, and dental insurance
• 401k matching
• Fitness and wellness stipend
• Connectivity (mobile phone & internet) stipend
• Mobile phone reimbursement
• Mental well-being benefits
• Professional learning and development stipend
• Parental leave, including adoptive and foster parents
• 3 weeks paid time off (increases with tenure) and unlimited sick leave