Senior Privacy Engineer

About 1Password

1Password is experiencing rapid growth, having surpassed $400M in ARR and consistently earning a spot on the Forbes Cloud 100 for four consecutive years. We are a market leader in enterprise password management and pioneers of Extended Access Management, focusing on a human-centric approach to digital safety. Over 180,000 businesses trust 1Password to secure their teams and facilitate secure adoption of SaaS and AI tools.

We are seeking a Senior Privacy Engineer to join our team, playing a crucial role in building products people trust. Privacy is fundamental to this trust. You will leverage strong data engineering and big data systems experience to develop and manage privacy-preserving data practices at scale, with a particular focus on data ingestion, governance, and pipeline processing in a modern SaaS environment.

As part of the Privacy Engineering group, collaborating closely with Engineering, Product, Data, and Legal/Privacy teams, you will help define how data is collected, processed, stored, accessed, and deleted across various services, telemetry, analytics, support tools, third-party integrations, and emerging AI/ML solutions, translating privacy requirements into durable engineering controls.

This is a remote opportunity available within Canada and the US.

What We're Looking For

• 5+ years of experience in software engineering, data engineering, or data analytics within SaaS companies, with a strong emphasis on data ingestion, governance, and pipeline processing.
• Demonstrated expertise in building and operating production systems at scale, including debugging, ensuring reliability, and assuming operational ownership.
• Experience implementing data access control and data obfuscation layers over data lakes or large analytics environments, covering policy-based access, row/column-level controls, tokenization/masking, and privacy-aware query patterns.
• Proficiency in implementing these controls through commodity governance/authorization offerings (e.g., Databricks Unity Catalog, Okera, Privacera, or similar technologies), including integration into real-world data workflows and enforcement paths.
• Experience performing analytics and investigations using Python and SQL for tasks such as validating data minimization, measuring collection changes, auditing datasets, and supporting privacy reviews.
• Experience building or supporting privacy-safe controls, infrastructure, and analysis for AI/ML solutions (e.g., data provenance and curation, access controls for training/evaluation datasets, inference telemetry hygiene, retention/deletion alignment, and practical leakage risk mitigations).
• Familiarity with DLP-style controls and privacy-aware analytics patterns.
• Proficiency in one or more backend languages (e.g., Go, Rust, Java, TypeScript) and a proven track record of delivering production-quality code.
• Practical privacy engineering experience implementing controls like minimization, access controls, encryption, retention/deletion, and privacy-safe analytics/telemetry.
• Ability to translate privacy requirements (GDPR / CCPA / CPRA concepts) into engineering work, moving beyond “paper compliance.”
• Strong cross-functional communication skills and comfort partnering with Product, Legal/Privacy, Security, Data, and Engineering teams.

Bonus Points For

• Experience building data governance platforms (classification, catalogs, automated retention/deletion, policy enforcement).
• Experience with distributed systems and their operational tradeoffs (availability, performance, observability, rollout safety).
• Security company experience or familiarity with threat modeling and secure development practices.
• Familiarity with compliance/security frameworks and audits (e.g., ISO 27001, ISO 27701, SOC 2) in ways that translate into real engineering controls.

What You Can Expect

You will work on privacy engineering challenges where data scale and data systems are paramount, encompassing pipelines, telemetry/analytics, and data stores that support business needs while maintaining strong privacy protections. You will build practical controls for data access governance and obfuscation in large datasets, improve retention/deletion and logging/telemetry hygiene, and help enable privacy-safe AI/ML use.

Build privacy-by-design into data systems and pipelines

• Partner with Product and Legal/Privacy to translate requirements (e.g., DPIAs/PIAs, consent, data subject rights) into concrete technical controls and deliverable plans.
• Influence the design and evolution of data ingestion and processing pipelines, ensuring privacy-safe collection and downstream use.
• Help teams implement privacy-safe patterns for data flows, access boundaries, and storage decisions.

Implement scalable access controls and data protection in large datasets

• Design and implement policy-based access controls for analytics and data platforms, including row/column-level controls where appropriate.
• Build or improve data obfuscation layers (e.g., tokenization, masking, pseudonymization) and define privacy-aware query patterns that reduce exposure while preserving utility.
• Partner with data/platform teams to ensure controls are reliable, testable, and operationally supported.

Enable privacy-safe AI/ML solutions

• Partner with product and engineering teams to design privacy-safe data flows for AI/ML use cases, including training, evaluation, and inference.
• Implement guardrails that support safe data use in AI/ML systems (e.g., minimization, access controls, dataset curation, logging/telemetry hygiene, retention/deletion alignment).
• Contribute to reviews and analysis that assess privacy risk in AI/ML solutions (e.g., data provenance, leakage risks, and appropriate protections for sensitive data).

Improve lifecycle controls and telemetry hygiene

• Strengthen retention and deletion across production databases, logs, analytics, backups, and relevant third-party systems.
• Improve observability and telemetry practices by tightening protections and ensuring collection remains consent-aware.

Lead through hands-on execution and collaboration

• Provide technical leadership through code reviews, design reviews, and pragmatic guidance across multiple teams.
• Contribute to privacy tooling, service templates, and CI/CD automation that prevent regressions and make safe choices easy.

1Password is a remote-first company founded in 2005. While we embrace remote work, in-person engagement for offsites and team meetings is part of almost all roles. We foster a culture of collaboration, transparency, and a commitment to our core values: keep it simple, lead with honesty, and put people first. We are committed to leveraging AI responsibly and thoughtfully, and encourage team members to identify opportunities to apply AI in meaningful ways.

We offer competitive health and wellbeing benefits, RSU programs, retirement matching, generous PTO, and paid volunteer days.

Key skills/competency

• Data Privacy
• Privacy Engineering
• Data Governance
• Data Security
• Access Control
• Data Obfuscation
• AI/ML Privacy
• GDPR/CCPA/CPRA
• Data Pipeline Processing
• Distributed Systems