Data Security Engineer

Back to jobs New Data Security Engineer San Francisco, CA Apply 🚀 Join the Future of Commerce with Whatnot!  Whatnot is the largest livestream shopping platform in North America and Europe to buy, sell, and discover the things you love. We’re re-defining e-commerce by blending community, shopping, and entertainment into a community just for you. As a remote co-located team, we’re inspired by innovation and anchored in our  values . With hubs in the US, UK, Ireland, Poland, and Germany, we’re building the future of online marketplaces—together. From fashion, beauty, and electronics to rare collectibles like trading cards, comic books, and even live plants, our live auctions have something for everyone. And we’re just getting started! As one of the  fastest growing marketplaces , we’re looking for bold, forward-thinking problem solvers across all functional areas. Check out the latest Whatnot updates on our  news  and  engineering  blogs and join us as we enable anyone to turn their passion into a business, and bring people together through commerce. 💻 Role  The Data Security Engineer is responsible for developing and overseeing technology security systems to help protect those systems and associated ones from the effects of various kinds of cybercrime. Advance our customers' access to our applications and services by offering seamless access control mechanisms, advanced authentication methods, progressive profiling, and a consolidated identity. Developing plans for increased security across the systems. Putting various protections into place. Testing and re-testing systems for known vulnerabilities. Monitoring systems for security breaches. Investigating those breaches and any other anomalies. Design and implement scalable data protection solutions (e.g., encryption, tokenization, DLP, data masking) for structured and unstructured data. Support and enforce data classification, labeling, and handling policies aligned with regulatory and business needs (e.g., PCI-DSS, GDPR, CCPA). Manage data loss prevention (DLP) systems and drive incident response for data exfiltration or unauthorized access events. Integrate data security controls into CI/CD pipelines and DevSecOps frameworks. Perform risk assessments and threat modeling for data-related systems and flows. Collaborate with Infrastructure, Cloud, and AppSec teams to secure data at rest, in transit, and in use across diverse environments. Monitor emerging data security threats and recommend technical and procedural controls to mitigate risk. Partner with Compliance and Legal teams to ensure audit readiness and support data privacy initiatives. Maintain detailed documentation of data security architecture, standards, and controls. US Based: Team members in this role are required to be within commuting distance of our San Francisco hub. 👋 You  Curious about who thrives at Whatnot? We’ve found that low ego, a growth mindset, and leaning into action and high impact goes a long way here. As our Data Security Engineer you should have a minimum of 7+ years of relevant experience in security preferably in a large enterprise environment, plus: Bachelor’s degree in Computer Science, computer engineering, cybersecurity, a related field, or equivalent work experience. 7+ years of experience in cybersecurity, with at least 2 years focused specifically on data security. Hands-on experience with one or more of the following: DLP platforms, encryption and key management, CASB, and data tokenization/masking tools. Strong understanding of data privacy regulations and standards (e.g., GDPR, CCPA, SOX, NIST). Familiarity with cloud platforms (AWS, GCP) and securing cloud-based data stores (e.g., S3, RDS, Snowflake). Ability to write and review secure infrastructure-as-code (e.g., Terraform, CloudFormation) and scripting (e.g., Python, Bash). Excellent communication skills with the ability to translate technical risks into business language. Self-motivated and creative problem-solver able to work independently with minimal guidance. Strong ability to work collaboratively across teams during high-stress situations. Ability to manage multiple competing priorities and use good judgment to establish an order of priorities on the fly. 💰Compensation $215,000/year to $260,000/year + benefits + equity. The salary range may be inclusive of several levels that would be applicable to the position. Final salary will be based on a number of factors including, level, relevant prior experience, skills, and expertise. This range is only inclusive of base salary, not benefits (more details below) or equity. 🎁 Benefits  Flexible Time off Policy and Company-wide Holidays (including a spring and winter break) Health Insurance options including Medical, Dental, Vision Work From Home Support Home office setup allowance Monthly allowance for cell phone and internet Care benefits Monthly allowance for wellness Annual allowance towards Childcare Lifetime benefit for family planning, such as adoption or fertility expenses Retirement; 401k offering for Traditional and Roth accounts in the US (employer match up to 4% of base salary) and Pension plans internationally Monthly allowance to dogfood the app All Whatnauts are expected to develop a deep understanding of our product. We're passionate about building the best user experience, and all employees are expected to use Whatnot as both a buyer and a seller as part of their job (our dogfooding budget makes this fun and easy!). Parental Leave 16 weeks of paid parental leave + one month gradual return to work *company leave allowances run concurrently with country leave requirements which take precedence. 💛 EOE  Whatnot is proud to be an Equal Opportunity Employer. We value diversity, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, parental status, disability status, or any other status protected by local law. We believe that our work is better and our company culture is improved when we encourage, support, and respect the different skills and experiences represented within our workforce. Apply for this job * indicates a required field First Name * Last Name * Email * Phone * Resume/CV * Attach Attach Dropbox Google Drive Enter manually Enter manually Accepted file types: pdf, doc, docx, txt, rtf Cover Letter Attach Attach Dropbox Google Drive Enter manually Enter manually Accepted file types: pdf, doc, docx, txt, rtf Preferred First Name * Preferred Last Name * LinkedIn Profile * Website How did you hear about this job? * At the time of hire, will you be located within 50 miles of one of our hubs? If so, please select which location. If not, please select “N/A” and input your city and state/province in the field below. * Select... Please list the city and state/province you are located in today. * Are you legally authorized authorized to work in the United States? * Select... Will you now or in the future require visa sponsorship to work in the United States? Select... Optional Demographic Questions Hi there! Here at Whatnot, we want to empower every employee to reach their full potential, regardless of race, gender, ethnicity, sexual orientation, or background. We also believe that building an organization with many dimensions of diversity is an important key to short and long-term success. We collect anonymous demographic information to help us achieve our goal of building a diverse company. This information is anonymous and will not be tied back to your application. The data will only be used in aggregate for reporting or learning purposes. With what Race/Ethnicity do you identify? * Select... Do you belong to the LGBTQ+ community? * Select... How you would describe your gender identity? * Select... How would you describe your disability status? * Select... How would you describe your veteran status? * Select... Submit application