We’re looking for you to join our team as a Privacy Engineer to help support and grow our privacy program working across the organization on a wide variety of projects as we expand access to healthcare and people’s understanding of the resources available to them.
This position can be based anywhere in the United States.
You’re looking for a company where you have the opportunity to pursue your interests across functions and guide your career development. You’re looking to quickly make an impact in a place where a job title is not considered the final definition of who you are, but the starting point. You are passionate about privacy and the intersection with healthcare while empowering both the organization and our users.
Castlight Health, Inc. offers a comprehensive software-as-a-service platform that simplifies health benefits navigation for millions of employees. Our platform matches employees to the best resources their employers make available to them – whether they are healthy, actively seeking medical care, or managing a condition – and motivates them to take the best steps for their health. Castlight helps employers generate more value from their benefits investments by helping to improve outcomes, lower health care costs, and increase benefits satisfaction.
About the Role:
- Partner with our legal, product and engineering teams to ensure privacy continues to be a differentiating feature of our applications, operations and approach to healthcare.
- Complete privacy-related deliverables for new projects, including but not limited to privacy impact assessments, development of technically focused risk mitigation strategies in relation to privacy matters, and construction of engineering solutions to privacy problems..
- Perform and help automate ongoing privacy compliance monitoring activities and investigations. Automate evidence gathering, analysis and reporting in coordination with Privacy Officials, Security, Legal and other key stakeholders.
- Architect and implement solutions related to fraud detection and remediation
- Ensure our products make best use of emerging privacy technologies to solve real world problems
- Help relate interpretation of privacy related policies and guidelines to engineering teams to help us resolve product and operational challenges.
- Bring a technical/engineering mindset to the challenge of resolving privacy related issues by partnering with our internal and external teams.
- Solve and escalate operational technical issues, modifying existing tools or processes as needed to allow for efficiency in documenting, tracking, investigating and taking action on issues concerning privacy.
- Ensure we are maintaining organizational compliance with privacy practices, especially focused on technical solutions to maintain our adherence to the principles of privacy by design.
- Initiate, facilitate and promote activities to foster privacy/security awareness within the organization.
- Maintain current knowledge of applicable Federal and State privacy laws and accreditation standards, and monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.
- Maintain responsibility for the timely and accurate assistance to internal stakeholders in relation to security, data, or production incidents. Liaise with incident owners and stakeholders to drive decisions on reportability and other concerns to both regulators and impacted individuals. Adhere to established processes for reporting and receiving information regarding incidents.
- Work across the organization to ensure a high quality capability to respond to Data Subject Access Requests (DSAR), with a focus on updating processes and technology.
You’ll be successful with the following qualifications:
- Bachelor’s Degree: Preferred
- Computer science or related field preferred
- Minimum of 1-3 years related work experience in Privacy, Information Security or Engineering.
- Working with stakeholders to balance ongoing product feature development with consumer privacy needs
- Conducting or being the subject of privacy and/or security audits
- Experience executing on privacy by design principles
- Familiarity with privacy regulations such as GDPR and CCPA
- Effective engineering skills to produce independent projects in cloud-based environments.
- Effective at engaging with teams in various functions and across different levels
- Strong organizational skills and ability to prioritize and manage multiple projects simultaneously
- Excellent analytical and writing skills with an emphasis on communicating complex issues across a wide audience
- Experience operating in environments based on standards such as the NIST Privacy Framework, ISO/IEC 27701, ISO 27001, HIPAA, HITRUST, SOC 2.
Certifications are not required but will help you stand out:
- Google Cloud Certifications
One team. On a mission. Making things happen.
Diversity and Inclusion:
The Castlight culture values and celebrates different backgrounds, perspectives, and points of view. We believe our diversity helps drive creativity and innovation. We strive to make everyone feel included, valued, and engaged; enable them to do their best work; and build their careers here at Castlight. That is why diversity and inclusion are more than just words to us. Rather, they are a commitment to a culture where employees feel respected and empowered to share their ideas and deliver the best results.
Learn more about our continuing commitment to diversity and inclusion.
Castlight is on a mission to make it as easy as humanly possible to navigate healthcare and live happier, healthier, more productive lives. Our health navigation platform connects with hundreds of health vendors, benefits resources, and plan designs, giving rise to the world’s first comprehensive app for all health needs. We guide individuals—based on their unique profile—to the best resources available to them, whether they are healthy, chronically ill, or actively seeking medical care. In doing so, we help companies regain control over rising healthcare costs and get more value from their benefits investments. Castlight revolutionized the healthcare sector with the introduction of data-driven price transparency tools in 2008 and the first consumer-grade wellbeing platform in 2012. Today, Castlight serves as the health navigation platform for millions of people and is a trusted partner to many of the largest employers in the world. We are headquartered in San Francisco, and can be found online at www.castlighthealth.com and on the New York Stock Exchange as CSLT.
Castlight Health provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Castlight Health will provide reasonable accommodations for qualified individuals with disabilities.