Lead Data Privacy Engineer

About The Position

Requirements

• 7+ years of hands-on experience in security engineering, privacy engineering, privacy enhancing technologies or related fields.
• 7+ years of experience with privacy and data protection regulations (GDPR, CCPA, HIPAA, etc.) and translating them into technical requirements.
• 5+ years of experience in one or more programming or scripting languages (e.g. Python, Java, Go, Rust, or similar).
• 5+ years of experience in designing and implementing cryptographic or data protection systems (e.g. encryption, tokenization, key management).
• 5+ years of experience in performing privacy threat modeling, data flow mapping, and conducting DPIAs/PIAs.
• 5+ years of experience in working in CI/CD environments, Infrastructure as Code (IaC), and automating security/privacy checks.
• 5+ years of data security technology experience, including data classification, DLP, insider risk, encryption, web content filtering and CASB.

Nice To Haves

• Professional Certifications such as CDPSE, CIPP, CIPT, CIPM, CISSP, or equivalent.
• Experience with security controls alignment to key regulations like NIST, FIPS 140-2, ISO, HITRUST, HIPAA, PCI, CPRA, GDPR
• Experience supporting regulatory audits, investigations, or independent assessments.
• Experience building and scaling privacy platforms or features in a fast-paced environment (e.g. developing & automating processes, leveraging AI ML).
• Familiarity with Data Loss Prevention (DLP) systems and data mapping tools.
• Familiarity with cloud platforms (AWS, Azure, GCP) and various data technologies (SQL, NoSQL databases, data lakes, etc.).
• Experience implementing controls at scale in regulated environments.
• Experience aligning technical infrastructure with regulatory obligations.
• Hands-on experience with secure system architecture, data encryption, tokenization, access controls or secure API design.
• Experience in healthcare, insurance, or highly regulated industries.
• Strong analytical abilities, verbal/written communication, and interpersonal skills
• Demonstrated experience in secure system design and alignment with organizational/regulatory requirements.
• Excellent communication and ability to explain complex technical and legal concepts to diverse audiences.

Responsibilities

• Drive strategy, planning, prioritizing, and execution of data security and privacy initiatives to protect unstructured and structured data in hybrid environments.
• Design and Implementation of Privacy Enhancing Technologies (PETs), lead privacy-preserving solutions planning, design, development, implementation, and monitoring.
• Drive and support technical components compliance/audit processes.
• Provide expert guidance on secure systems architecture, design and implementation in alignment with privacy engineering principles.
• Continuous monitoring of emerging technologies, regulatory developments and industry trends to recommend enhancements to organizational privacy posture.
• Develop and maintain data protection dashboard, metrics roadmap, and scorecards.
• Apply threat modeling and risk analysis methodologies to mitigate privacy and security risks.
• Facilitate risk-based approach to develop, manage, and maintain data protection controls.
• Collaborate with engineering, product, legal, and compliance teams to translate privacy and regulatory requirements (e.g., GDPR, CCPA, HIPAA) into technical designs, policies, and guardrails.
• Foster a privacy by design culture and embed privacy requirements into engineering documentation.
• Lead and contribute to enterprise data governance activities, including data discovery, classification, data loss prevention, audit, and incident response.
• Lead project teams of talented professionals to deliver data security capabilities.

Benefits

• This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
• This position also includes an award target in the company’s equity award program.
• This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families.
• The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.