Key skills
Data engineeringData governanceData pipeline processingPrivacy engineeringPythonSQLBackend languagesData access controlAI/ML solutionsCross-functional communicationTechnical leadershipTypeScriptJavaGoRustAIMLData EngineeringAnalyticsDatabricksSaaSCI/CDLeadershipCommunication
About this role
1Password is a rapidly growing company focused on creating a safe and productive digital future. They are seeking a Senior Privacy Engineer to develop and operate privacy-preserving data practices at scale, ensuring the secure collection, processing, and storage of data across various services and integrations.
Responsibilities:
- Help shape how we collect, process, store, access, and delete data across services, telemetry, analytics, support tooling, third-party integrations, and emerging AI/ML solutions—translating privacy requirements into durable engineering controls
- Work on privacy engineering problems where data scale and data systems matter: pipelines, telemetry/analytics, and data stores that support business needs while maintaining strong privacy protections
- Build practical controls for data access governance and obfuscation in large datasets (policy enforcement, row/column controls, masking/tokenization, privacy-aware query patterns)
- Improve retention/deletion and logging/telemetry hygiene so privacy remains strong as systems evolve
- Help enable privacy-safe AI/ML use by implementing controls, infrastructure, and analysis that reduce data exposure and support responsible product development
- Collaborate across teams to make privacy the default through templates, guardrails, and automation
- Partner with Product and Legal/Privacy to translate requirements (e.g., DPIAs/PIAs, consent, data subject rights) into concrete technical controls and deliverable plans
- Influence how we design and evolve data ingestion and processing pipelines, ensuring privacy-safe collection and downstream use
- Help teams implement privacy-safe patterns for data flows, access boundaries, and storage decisions
- Design and implement policy-based access controls for analytics and data platforms, including row/column-level controls where appropriate
- Build or improve data obfuscation layers (e.g., tokenization, masking, pseudonymization) and define privacy-aware query patterns that reduce exposure while preserving utility
- Partner with data/platform teams to ensure controls are reliable, testable, and operationally supported
- Partner with product and engineering teams to design privacy-safe data flows for AI/ML use cases, including training, evaluation, and inference
- Implement guardrails that support safe data use in AI/ML systems (e.g., minimization, access controls, dataset curation, logging/telemetry hygiene, retention/deletion alignment)
- Contribute to reviews and analysis that assess privacy risk in AI/ML solutions (e.g., data provenance, leakage risks, and appropriate protections for sensitive data)
- Strengthen retention and deletion across production databases, logs, analytics, backups, and relevant third-party systems
- Improve observability and telemetry practices by tightening protections and ensuring collection remains consent-aware
- Provide technical leadership through code reviews, design reviews, and pragmatic guidance across multiple teams
- Contribute to privacy tooling, service templates, and CI/CD automation that prevent regressions and make safe choices easy
Requirements:
- 5+ years of experience in software engineering, data engineering, or data analytics at SaaS companies, with a strong emphasis on data ingestion, governance, and pipeline processing
- Demonstrated expertise building and operating production systems at meaningful scale, including debugging, reliability, and operational ownership
- Experience implementing data access control and data obfuscation layers on top of data lakes or large analytics environments, including policy-based access, row/column-level controls, tokenization/masking, and privacy-aware query patterns
- Experience implementing these controls via commodity governance/authorization offerings (e.g., Databricks Unity Catalog, Okera, Privacera, or similar technologies), including integration into real-world data workflows and enforcement paths
- Experience performing analytics and investigations using Python and SQL (e.g., validating data minimization, measuring collection changes, auditing datasets, and supporting privacy reviews)
- Experience building or supporting privacy-safe controls, infrastructure, and analysis for AI/ML solutions (e.g., data provenance and curation, access controls around training/evaluation datasets, inference telemetry hygiene, retention/deletion alignment, and practical mitigations for leakage risk)
- Familiarity with DLP-style controls and privacy-aware analytics patterns
- Proficiency in one or more backend languages (e.g., Go, Rust, Java, TypeScript) and a track record of delivering production-quality code
- Practical privacy engineering experience implementing controls such as minimization, access controls, encryption, retention/deletion, and privacy-safe analytics/telemetry
- Ability to translate privacy requirements (GDPR / CCPA / CPRA concepts) into engineering work without relying on 'paper compliance'
- Strong cross-functional communication skills and comfort partnering with Product, Legal/Privacy, Security, Data, and Engineering teams
- Experience building data governance platforms (classification, catalogs, automated retention/deletion, policy enforcement)
- Experience with distributed systems and their operational tradeoffs (availability, performance, observability, rollout safety)
- Security company experience or familiarity with threat modeling and secure development practices
- Familiarity with compliance/security frameworks and audits (e.g., ISO 27001, ISO 27701, SOC 2) in ways that translate into real engineering controls