Gusto, Inc.
Software Engineer , Privacy
Job Summary
The Privacy Engineer role at Gusto involves designing and implementing systems for data deletion, DSAR integrations, and maintaining privacy management solutions. The position requires experience in privacy engineering, security, or data protection, with proficiency in Ruby on Rails, Python, and AWS. The engineer collaborates with legal, product, and engineering teams to ensure compliance with privacy laws like GDPR and CCPA, and works on data discovery and mapping tools. The focus is on sustaining privacy-preserving solutions that support regulatory compliance and data privacy best practices.
Required Skills
Benefits
Job Description
About Gusto
Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 400,000 businesses nationwide.
Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy.
About the Role:
As a Software Engineer on the Privacy Team at Gusto, you will play a crucial role in maintaining and enhancing our privacy programs. You will leverage your technical expertise to ensure privacy considerations are integrated into product design, development, and compliance processes. Your focus will be on developing and maintaining privacy solutions, particularly related to data deletion systems, Data Subject Access Rights (DSAR) integrations, and the upkeep of our privacy management system and Data Discovery Scanners.
About the Team:
Our Privacy Engineering team, as part of Gusto’s Security organization, focuses on designing and implementing privacy-preserving product and internal solutions.The Security team’s mission is to be the most trustworthy place for customer data, and Privacy Engineering provides the technical expertise to achieve that goal. Members of the team are champions for user privacy. We collaborate closely with legal and product engineering teams to translate legal requirements into engineering solutions and ensure our products meet the highest standards for privacy.
Here’s what you’ll do day-to-day:
- Privacy Solutions Development: Design and implement systems for data deletion and DSAR integrations within our privacy management platforms. Ensure these solutions are scalable, efficient, and compliant with global privacy regulations.
- Privacy Systems Maintenance: Oversee the maintenance and updates of our privacy management system, orchestration tools, and infrastructure ensuring it aligns with the latest privacy laws and company policies. Work closely with cross-functional teams to implement changes and improvements.
- Data Discovery and Mapping: Manage and enhance Data Discovery Scanners to ensure accurate mapping and inventory of personal data across business systems. Use these tools to support compliance with HIPAA, GDPR, CCPA, CPRA, and other relevant regulations.
- Technical Compliance Integration: Translate privacy laws and requirements into technical specifications for development teams. Ensure that privacy by design is incorporated into all stages of product and system development.
- Collaboration and Support: Partner with legal, compliance, engineering, and product teams to provide technical support and guidance on privacy-related projects. Act as a liaison to ensure seamless integration of privacy solutions across various departments.
Here’s what we're looking for:
- Minimum 5 years of experience in technical privacy engineering, security engineering, or data protection roles and minimum 3 years of experience in software engineering roles.
- Proficiency in developing and maintaining privacy management systems and data discovery tools.
- Proficiency in Ruby on Rails, Python, and AWS infrastructure
- Strong understanding of privacy laws and technical compliance measures, including experience with DSAR orchestration processes.
- Excellent problem-solving and communication skills, with the ability to work collaboratively across teams.
Nice to Have:
- Experience with privacy management platforms like OneTrust.
- IAPP Certified Information Privacy Technologist (CIPT) certification or equivalent.
- Familiarity with data anonymization, pseudonymization, and encryption techniques.
Our cash compensation amount for this role is targeted at $175,000/yr to $190,000/yr in Denver & most remote locations, and $210,000/yr to $230,000/yr in New York & San Francisco Bay Area. Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.
Gusto has physical office spaces in Denver, San Francisco, and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role). The same office expectations apply to all Symmetry roles, Gusto's subsidiary, whose physical office is in Scottsdale.
Note: The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.
When approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required.
Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.
Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. We want to see our candidates perform to the best of their ability. If you require a medical or religious accommodation at any time throughout your candidate journey, please fill out this form and a member of our team will get in touch with you.
Gusto takes security and protection of your personal information very seriously. Please review our Fraudulent Activity Disclaimer.
Personal information collected and processed as part of your Gusto application will be subject to Gusto's Applicant Privacy Notice.
Gusto, Inc.
A platform offering payroll, benefits, and HR management services tailored for small and medium-sized businesses.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.