1Password is a rapidly growing company focused on building a safe digital future through innovative cybersecurity solutions. They are seeking a Privacy Engineer to join their Privacy Engineering team, where the role involves implementing privacy-by-design controls and collaborating with various departments to ensure privacy-preserving practices across their products and platforms.
Responsibilities:
- Build privacy-by-design into product features and services
- Partner with Product and Legal/Privacy to translate requirements (e.g., DPIAs/PIAs, consent, data subject rights) into concrete Privacy Engineering deliverables and implementation plans
- Implement privacy-safe patterns for data flows, access boundaries, storage decisions, and user experiences, driving changes into production systems
- Contribute to technical designs and reviews so privacy is addressed early, with GRC & Security Privacy Engineering providing consistent guidance and reusable patterns
- Build and improve backend controls such as authorization checks, data scoping, encryption usage, and privacy-aware service interfaces in collaboration with Security engineering partners
- Build and improve frontend experiences that support privacy requirements (clear choices, consent signaling, privacy-respecting defaults, and user controls where applicable)
- Improve data handling in logs/telemetry by limiting sensitive fields, and ensuring collection remains consent-aware, supporting goals for visibility without over-collection
- Strengthen retention and deletion across production databases, logs, and relevant third-party systems with an engineering-first approach
- Improve observability practices while reducing exposure (e.g., safer diagnostics, redaction, structured logging patterns)
- Build and maintain tooling and automation (service templates, CI checks, linting/guardrails) that prevent regressions and make safe choices easy across engineering teams
- Contribute production-quality code, tests, and documentation for privacy-related features and controls as a core member of the privacy engineering function
- Participate in code reviews and design reviews, and work with teammates to iterate toward pragmatic solutions
- Learn and apply privacy and regulatory concepts in an engineering context, supported by close partnership with privacy-minded stakeholders
Requirements:
- 3–5 years of experience building and shipping software in a SaaS environment
- Full stack engineering experience delivering customer-facing functionality and supporting backend services (APIs, services, and data flows)
- Proficiency in one or more backend languages (e.g., Go, Rust, Java, TypeScript) and comfort working across the stack
- Experience with modern web application patterns (authentication/authorization concepts, API design, frontend state/data handling)
- Practical experience implementing privacy- and security-adjacent controls such as data minimization, access controls, encryption usage, retention/deletion, and privacy-safe telemetry/logging
- Ability to translate privacy requirements (GDPR / CCPA / CPRA concepts) into engineering tasks
- Strong collaboration skills and comfort partnering with GRC & Security, Product, Legal/Privacy, Data, and Engineering teams
- A track record of writing reliable, maintainable code with testing and operational awareness (debugging, monitoring, incident follow-up)
- Experience building or supporting data subject rights workflows (export, delete, correction) and related automation
- Familiarity with threat modeling, secure development practices, and privacy/security reviews
- Experience with third-party integrations and building safe data handling patterns for vendors and support tooling
- Exposure to compliance/security frameworks and audits (e.g., ISO 27001, ISO 27701, SOC 2) in ways that translate into real engineering controls
- Interest in privacy-safe AI-assisted features (data minimization, provenance, logging/telemetry hygiene, retention alignment)