Skip to main content

Principal Privacy Engineer

Job DescriptionJob DescriptionCompany Overview

ID.me is the next- digital wallet that simplifies how individuals securely prove their online. Consumers can verify their with ID.me once and seamlessly login across websites without having to create a new login and verify their again. Over 140 million users experience streamlined login and verification with ID.me at 20 federal agencies, 44 state government agencies, and 66 healthcare organizations. More than 600 consumer brands use ID.me to verify communities and user segments to honor service and build more authentic relationships. ID.me's technology meets the federal standards for consumer authentication set by the Commerce Department and is approved as a NIST 800-63-3 IAL2 / AAL2 credential service provider by the Kantara Initiative. ID.me is committed to "No Left Behind" to enable all people to have a secure digital . To learn more, visit https://network.id.me/.

Role Overview

We are seeking a Privacy Engineer with deep expertise in Digital to design and implement privacy-centric solutions across our digital platform - including facilitating data retention, anonymization, and conducting Privacy threshold and impact assessments, as well as providing technical product and engineering consultation. This role requires strong technical knowledge of protocols, privacy-enhancing technologies, and regulatory frameworks. You will help ensure that systems are aligned with global privacy laws and the NIST Digital Guidelines (SP 800-63), emphasizing secure and privacy-respecting authentication, proofing, and federation.

This is an onsite position in one of our hub locations (Mountain View CA or McLean VA)

Key Responsibilities

  • Design and implement privacy-preserving solutions including federated , decentralized identifiers (DIDs), and verifiable credentials.
  • Integrate privacy-by-design into authentication, authorization, and federation workflows (e.g., OAuth2, OpenID Connect, SAML).
  • Assist with conducting privacy impact assessments (PIAs) specifically related to and access management systems.
  • Evaluate and deploy privacy-enhancing technologies (PETs) such as zero-knowledge proofs (ZKPs), secure multi-party computation (SMPC), and anonymization, pseudonymization, and data minimization methods.
  • Develop and enforce technical standards for data minimization, encryption, pseudonymization, and secure storage.
  • Collaborate with IAM and security engineering teams to enhance governance with strong privacy controls.
  • Review architecture and code for systems to ensure compliance with privacy regulations (GDPR, CCPA, eIDAS, etc.).
  • Monitor and assess threats to -related data and respond to incidents involving data exposure.
  • Assist in managing privacy risk assessments and reviews for systems, including digital onboarding, credential issuance, and account recovery flows.
  • Collaborate with security, IAM, DevOps, and compliance teams to build solutions that enforce Privacy-by-Design principles.
  • Review system architecture and source code to ensure privacy and data protection controls are correctly implemented.
  • Contribute to tooling for secure and automated DSAR (data subject access request) verification and privacy dashboards.
  • Participate in incident response planning and investigations for -related security or privacy events.
  • Map and enforce privacy principles (ISO/IEC 29100) including consent, purpose limitation, data minimization, and transparency in digital systems.
  • Develop data lifecycle controls covering collection, processing, retention, and deletion per ISO/IEC and GDPR guidelines.
  • Develop and implement solutions to ensure privacy policies are correctly implemented. The implementations should advance compliance with legal forms of data use as well as support business use of data.

Basic Qualifications

  • Bachelor's or Master's degree in Computer Science, Information Security, Engineering, or related technical field.
  • 4+ years of technical experience in privacy engineering, IAM, or cybersecurity with a focus on digital .
  • 1-2 years - Deep familiarity with NIST SP 800-63, including IAL, AAL, and FAL requirements.
  • 4+ years of experience with protocols (OAuth2, OpenID Connect, SAML, SCIM), authentication systems, and modern IAM platforms.
  • 4+ years of strong programming/scripting skills (e.g., Python, Go, Java, Node.js).
  • 4+ years resulting in proficiency in and data protection standards (e.g., FIDO2, TLS, JWT, PKI, encryption at rest and in transit).

Qualifications

  • Experience with cloud-based (AWS IAM, Azure AD, Okta, Google Platform).
  • Familiarity with decentralized technologies (e.g., Hyperledger Aries/Indy, Sovrin, Entra Verified ID).
  • Certifications: CIPT, CIPP, CISSP, GIAC GLEG, or other privacy/security credentials.
  • Understanding of privacy threat modeling techniques such as LINDDUN.

Key Competencies

  • Deep understanding of privacy risks, mitigations, and best practices in systems.
  • Strong ability to communicate complex /privacy concepts to technical and non-technical stakeholders.
  • Ability to balance usability, security, and privacy in digital architectures.
  • Passionate about user autonomy, data minimization, and ethical practices.

The annual base salary listed does not include a company bonus, incentive for sales roles, equity and benefits which will be determined based on experience, skills, education, relevant training, geographic location and role.

ID.me offers comprehensive medical, dental, vision, health savings account, flexible spending accounts (medical, limited purpose, dependent care, commuter benefit accounts), basic and voluntary life and AD&D insurance, 401(k) with company match, parental leave, ability to participate in unlimited paid time off subject to the terms and conditions of the PTO policy, including 8 company wide holidays, short and long-term insurance, accident and critical illness insurance, referral bonus policy, employee assistance program, pet insurance, travel assistant program, wellbeing and childcare discounts, benefit advocates, and a learning and development benefit.

The above represents the anticipated total rewards package for this job requisition. Final offers may vary from the amount listed based on qualifications, professional experiences, skills, education, relevant training, geographic location, and other job related factors.

U.S. Pay Range$203,183—$255,000 USDMountain View, CA Pay Range$241,098—$278,738 USD

ID.me maintains a work environment free from discrimination, where employees are treated with dignity and respect. All ID.me employees share in the responsibility for fulfilling our commitment to equal employment opportunity. ID.me does not discriminate against any employee or applicant on the basis of , ancestry, , family or medical care leave, or expression, genetic information, marital status, medical condition, , physical or mental , political affiliation, protected veteran status, , , (including ), , or any other characteristic protected by applicable laws, regulations and ordinances. ID.me adheres to these principles in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, social and recreational programs, and discipline. In addition, ID.me's policy is to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations and ordinances where a particular employee works. Upon request we will provide you with more information about such accommodations.

Please review our Privacy Policy, including our CCPA policy, at id.me/privacy. If you provide ID.me with any personally identifiable information you confirm that you have read and agree to be bound by the terms and conditions set out in our Privacy Policy.

ID.me participates in E-Verify.

Principal Privacy Engineer

Free CV Review
ZipRecruiter
Mountain View, CA
Full time

Published on 07/15/2025

Search more jobs

Share this job now