Client Site Cybersecurity Defense Engineer (Data Privacy) - Remote

Job Summary
The Cybersecurity organization is looking for a Client Site Cybersecurity Defense Engineer focused on online tracking technology. This person will be responsible for securing and defending client systems that utilize or manage online tracking tools, including analytics platforms, cookies, web beacons, and user behavior tracking technologies to facilitate compliance with various legal regimes including HIPAA, omnibus state privacy laws, and others. This engineer will ensure that the client s digital footprint, user data, and tracking infrastructures are protected against unauthorized access, data leakage, tampering, and cyber threats. They will provide expertise in privacy compliance and implement defensive measures to safeguard tracking operations and maintain trust with end-users.

Key Responsibilities:

• Monitor, analyze, and defend online tracking systems, including tag management systems, and tracking scripts against cyber threats and exploitation.
• Identify vulnerabilities and risks associated with third-party trackers, cookies, pixel tags, and data collection mechanisms.
• Collaborate with development, marketing, and legal teams to ensure tracking technologies comply with privacy regulations such as HIPAA, GDPR, CCPA, and ePrivacy Directive.
• Detect and respond to threats targeting tracking infrastructure, including data interception, injection attacks, and unauthorized data extraction.
• Configure and manage tools for tracking data encryption, integrity checks, and access controls.
• Perform risk assessments on new tracking technologies and recommend secure implementation best practices.
• Conduct audits of tracking scripts and associated data flows to detect anomalies or malicious manipulations.
• Document incidents, maintain security logs, and prepare reports highlighting tracking system vulnerabilities and remediation progress.
• Educate client teams on secure tracking practices and potential cyber risks related to online behavioral data.
• Provide guidance and technical expertise during development and testing of applications.

Preferred Requirements:

• Bachelor s degree in Cybersecurity, Computer Science, Information Systems, or related field preferred.
• Minimum 3 years of experience in cybersecurity with a focus on web security, online tracking, or digital privacy.
• Strong knowledge of online tracking technologies (cookies, local storage, pixel tags), web analytics platforms, and associated security concerns.
• Experience with security tools relevant to web environments, including Content Security Policy (CSP), HTTP security headers, web application firewalls (WAF), and browser security models.
• Understanding of privacy laws and frameworks (GDPR, CCPA) and their impact on tracking technology.
• Proficiency in scripting languages (JavaScript, Python) for auditing and monitoring tracking scripts.
• Familiarity with network traffic analysis, TLS/SSL, and encryption methods for securing data in transit.
• Ability to collaborate with cross-functional teams and communicate complex cybersecurity risks in non-technical terms.

Preferred Attributes:

• Certifications such as Certified Information Privacy Professional (CIPP), GIAC Web Application Penetration Tester (GWAPT) , or Certified Ethical Hacker (CEH).
• Experience with privacy-enhancing technologies (PETs) and data anonymization techniques.
• Familiarity with browser security models, SameSite cookie policies, and anti-tracking browser features.
• Prior experience working within marketing technology (MarTech) environments or digital advertising ecosystems.
• Strong analytical and problem-solving skills tailored to web-based attack vectors