Position: Compliance & Privacy Engineer
Location: Cupertino, California
Duration: Contract
Job ID: 176983
About the Role
We are seeking a detail-oriented and proactive Compliance & Privacy Engineer to join our team. This role sits at the intersection of data governance, privacy engineering, and regulatory compliance. The ideal candidate will be responsible for maintaining the integrity of our centralized data registry, enforcing data classification standards, and driving execution of compliance controls across multiple audit and assessment frameworks. This is a hands-on role requiring strong organizational skills, technical aptitude, and cross-functional collaboration.
Key Responsibilities
Data Registry & Privacy Governance:
• Metadata Management: Input, update, and validate metadata for databases and data assets within a centralized data registry, ensuring all entries are current and accurate.
• Data Classification & Tagging: Apply data tags and classifications (e.g., data type, sensitivity level, personal data indicators) in alignment with established privacy and data governance standards.
• Stakeholder Collaboration: Review database documentation and collaborate closely with data owners, engineers, and privacy stakeholders to ensure accurate and comprehensive metadata capture.
• Migration Support: Support migration activities by mapping existing metadata to new registry schemas and standards, ensuring continuity and compliance during transitions.
• Quality Assurance: Perform regular quality checks to ensure completeness, consistency, and accuracy of tagged and classified data across the registry.
Compliance Monitoring & Execution
• Compliance Controls Execution: Monitor, track, and execute compliance controls across all audits and assessments, ensuring timely completion and adherence to regulatory requirements.
• Monthly Controls Management: Track and execute recurring monthly controls including but not limited to Splunk monitoring, GitHub access reviews, patching status verification, and baseline compliance checks.
• Tooling & Platform Monitoring: Actively monitor compliance and governance tools (e.g., Compass, Verdad, Plato) for WPC (Worldwide Privacy & Compliance) operations, flagging issues and ensuring tool health.
• Audit & Project Tracking: Monitor and track all scheduled tickets related to WPC audits and projects, ensuring milestones are met and blockers are escalated promptly.
• Vulnerability & Patch Management: Monitor and track patching cycles, aging vulnerabilities, and vulnerability reports, coordinating remediation efforts with relevant engineering teams.
• Training Compliance: Monitor and track PCI training completion across applicable teams, ensuring all personnel maintain required certifications and awareness.
• Evidence Collection: Assist in collecting, organizing, and submitting evidence required for WPC audits, including but not limited to PCI, PCI PIN, APN, SOX etc assessments.
• Documentation & Project Management: Maintain Confluence and Quip documentation spaces to track all internal compliance projects, issues, progress, and follow-ups. Serve as a project management point of contact for internal compliance initiatives, driving accountability and visibility.
• Cloud Operations: Perform AWS routine operational tasks in support of compliance infrastructure and monitoring.
Required Qualifications
• 10+ years of experience in compliance engineering, data governance, privacy engineering, or a related discipline.
• Hands-on experience with data classification frameworks and metadata management in enterprise environments.
• Familiarity with regulatory and audit frameworks such as PCI DSS, PCI PIN, SOX etc
• Working knowledge of compliance and monitoring tools (e.g., Splunk, GitHub or similar).
• Experience with AWS cloud services and routine cloud operations.
• Strong documentation skills with proficiency in Confluence, Quip, or similar collaboration platforms.
• Excellent organizational and project management skills with the ability to track multiple workstreams simultaneously.
Preferred Qualifications
• Bachelor's degree in computer science, Information Security, Data Engineering, or a related field.
• Experience with data privacy regulations (e.g., GDPR, CCPA) and privacy-by-design principles.
• Familiarity with vulnerability management Tools and patching lifecycle processes.
• Relevant certifications such as CISA, CISM, CRISC, PCI QSA, CIPM/CIPP, or AWS certifications.
• Experience working in large-scale enterprise environments with complex data ecosystems.
• Strong cross-functional communication skills with the ability to engage both technical and non-technical stakeholders.
What We Value
• Attention to Detail — Precision in data tagging, metadata validation, and audit evidence collection.
• Collaboration — Ability to work across engineering, privacy, and compliance teams seamlessly.
• Accountability — Ownership of compliance timelines, controls, and project deliverables.
• Continuous Improvement — A mindset geared toward optimizing processes, tools, and documentation.
#LI-VP1
Pay range: $85-95/hr. on a w2 basis
About PTR Global: PTR Global is a leading provider of information technology and workforce solutions. PTR Global has become one of the largest providers in its industry, with over 5000 professionals providing services across the U.S. and Canada. For more information visit www.ptrglobal.com
At PTR Global, we understand the importance of your privacy and security. We NEVER ASK job applicants to:
Pay any fee to be considered for, submitted to, or selected for any opportunity.
Purchase any product, service, or gift cards from us or for us as part of an application, interview, or selection process.
Provide sensitive financial information such as credit card numbers or banking information. Successfully placed or hired candidates would only be asked for banking details after accepting an offer from us during our official onboarding processes as part of payroll setup.
The specific compensation for this position will be determined by several factors, including the scope, complexity, and location of the role, as well as the cost of labor in the market; the skills, education, training, credentials, and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits, including medical, dental, vision, and 401K contributions, as well as PTO, sick leave, and other benefits mandated by applicable state or localities where you reside or work.
If you receive a suspicious message, email, or phone call claiming to be from PTR Global do not respond or click on any links. Instead, contact us directly at +1 214-740-2424. To report any concerns, please email us at legal@pinnacle1.com