Privacy Engineer

Security and Compliance Seattle, Washington Durham, North Carolina

Job Summary

The Privacy Engineer reports to the Corporate Security Team and has three core job functions: 1) conducting data asset and data management assessments; 2) identify privacy gaps in software and database design and advising teams on remediation; 3) provide first line response to privacy inquiries from engineering teams. These responsibilities will require successful candidates to translate internal policies to concrete technical action plans.

Job Duties

  • Analyze software and database design; provide technical recommendations to meet privacy objectives
  • Conduct data asset and data management reviews
  • Develop or implement tools for orchestrating data subject requests
  • Collaborate with the Application Security and Engineering Operations teams to implement privacy by design
  • Vendor data privacy risk assessments
  • Design and implement privacy by design training
  • Triage and escalate privacy inquiries from engineering teams
  • Develop FAQs, training, and documentation to enable self-service privacy response
  • Track, investigate, and assist in responding to privacy incidents
  • Identify gaps in technical and policy documentation with privacy impact; provide drafting assistance and recommendations
  • Collaborate with the Data Sciences team to identify privacy impacts for processing activities


  • Bachelor's degree in computer science or a related field
  • Experience working with a variety of development tools, languages, and environments, including Python, .NET, Java, PHP, Node.js, RDBMS, NosQL, and Amazon Web Services
  • Experience translating legal or contractual requirements into technical controls
  • Operating knowledge of GDPR or other privacy legislation
  • Experience with audit process and methodologies
  • Excellent written, verbal, and presentation skills

Preferred Qualifications

  • Professional experience participating in IT audits (Sarbanes Oxley, SOC 1, SOC 2, ISO 27001)
  • General familiarity with CI/CD, Docker, Kubernetes, and related devops tools
  • Experience with HIPAA
  • Knowledge or experience with any of the following areas: identity and access management, cloud hosting providers, database administration
  • Professional certifications such as CISSP, CIPP, OSCP

About Avalara

Avalara helps businesses of all sizes achieve compliance with transaction taxes, including sales and use, VAT, excise, communications, and other tax types. The company delivers comprehensive, automated, cloud-based solutions designed to be fast, accurate, and easy to use. The Avalara Compliance Cloud® platform helps customers manage complicated and burdensome tax compliance obligations imposed by state, local, and other taxing authorities throughout the world. Avalara offers more than 600 pre-built connectors into leading accounting, ERP, ecommerce and other business applications, making the integration of tax and compliance solutions easy for customers. Each year, the company processes billions of indirect tax transactions for customers and users, files more than a million tax returns, and manages millions of tax exemption certificates and other compliance documents. Headquartered in Seattle, Avalara has offices across the U.S. and overseas in the U.K., Belgium, Brazil, and India. More information at Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law.