Job#: 2067522
Job Description:
Remote
Fulltime
$100,000 - $130,000
Job Overview:
We’re seeking a Data Governance and Compliance Engineer to play a pivotal role in shaping the privacy and compliance posture of our cutting-edge vehicle security and threat detection solutions. This is more than a compliance role—its an opportunity to influence the strategic direction of our privacy framework, partnering closely with engineering, product, and legal teams to build a robust and scalable data governance program.
Your work will have a direct and outsized impact on our business, ensuring customer trust, regulatory alignment, and operational excellence as we redefine the future of automotive security. Youll take ownership of privacy and compliance workflows, enabling us to proactively address evolving security and compliance challenges while helping to shape an industry-leading approach to data protection. If youre a hands-on problem solver who thrives on building collaborative partnerships and driving meaningful change, we’d love to hear from you.
Responsibilities:
Privacy Compliance Operations & Management:
? Support the development and maintenance of the company’s privacy compliance framework by integrating elements from GDPR, CCPA, CPRA, NIST 800-53, and other relevant regulations.
? Assess regulatory requirements and help shape a unified approach tailored to the company’s privacy and security standards.
? Ensure visibility over compliance activities, ensuring assets, data processing activities, vendors, and third parties align with the company’s evolving privacy framework.
Data Mapping & Inventory Management:
? Maintain an up-to-date inventory of data processing activities, data flows, and business processes.
? Ensure all data assets and processing operations comply with regulatory and internal data governance requirements.
Privacy Risk Assessment & Remediation Tracking:
? Conduct privacy impact assessments (PIAs) and vendor risk assessments to evaluate compliance risks.
? Ensure mitigation strategies are documented, assigned, and tracked effectively.
? Work with security and engineering teams to remediate compliance gaps.
Regulatory Monitoring & Compliance Reporting
? Track and document changes in global data privacy regulations and assess their impact on company operations.
? Prepare compliance reports for internal and external stakeholders, including auditors and regulators.
Cross-functional Collaboration
? Partner with Engineering, Security, Legal, and Procurement teams to implement and operationalize privacy controls.
? Integrate company needs with priorities of corporate parent as directed by Legal.
? Provide hands-on support in integrating privacy requirements into product development and business workflows.
Minimum Requirements:
? 5+ years of experience in data governance, data privacy, or compliance engineering, with expertise in implementing and maintaining data governance frameworks.
? Bachelors degree in Computer Science, Information Systems, Data Management, or a related field (or equivalent practical experience).
? Strong understanding of data privacy regulations and frameworks (e.g., GDPR, CCPA, CPRA, NIST 800-53) and the ability to interpret regulatory requirements into internal compliance frameworks.
? Proficiency in OneTrust (mandatory)—ability to configure, manage, and track compliance workflows within the platform.
? Proven experience with privacy management tools, compliance automation, and risk assessment platforms, including managing data processing inventories, vendor risk assessments, and privacy impact assessments (PIAs).
? Ability to evaluate data flows, third-party relationships, and internal processes for privacy risks and implement appropriate privacy controls.
? Experience working cross-functionally with legal, security, engineering, and procurement teams to operationalize compliance through workflows, automation, and policy implementation.
? Familiarity with privacy engineering concepts, security best practices, and compliance-related automation.
? Strong skills in documenting and reporting compliance status, risks, and remediation efforts.
Preferred Qualifications:
? Background in cybersecurity, risk management, or privacy engineering.
? Certifications such as CIPP/E, CIPT, or CIPM (or similar privacy-related credentials).
? Experience with SOC 2, ISO 27001, or other security compliance programs.
Working Conditions For Roles in the US Region only:
? Work is generally performed in a well-lit, temperature-controlled indoor environment with occasional exposure to the outdoors or any number of elements.
? Office or other indoor work that includes sitting, standing, typing, communicating and observing with light physical demands such as occasionally lifting or moving materials less than 20 pounds
? Ability to travel in-state and out-of-state or globally.
? Ability to work irregular shifts and extended hours, including evenings and weekends.
EEO Employer
Apex Systems is an equal opportunity employer.
