Lead for Platform Security & Data Privacy (CX)

Job Description

Strategic Leadership

• Design and implement a comprehensive data privacy and access control architecture that addresses multi dimensional classification, dynamic permissions, and information barriers.
• Tech lead a small dedicated team focused on privacy-preserving access controls and coordinate with cross-functional teams including data ingestion, knowledge mapping, and automation developers.
• Develop and enforce security and privacy standards, policies, and best practices throughout the product development lifecycle.

Technical Implementation

• Architect a multi-layered access control model combining Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and purpose-based limitations.
• Oversee implementation of fine-grained data classification frameworks using NLP and other technologies.
• Design and validate permission propagation mechanisms for graph data models and derived insights.
• Establish security boundaries for autonomous AI agents, ensuring proper context isolation and privilege controls.

Cross-Team Coordination

• Work closely with engineering teams to integrate privacy controls into the data pipeline, knowledge graph, and AI components.
• Collaborate with product management to balance privacy requirements with usability and functionality.
• Coordinate with customer success to address client-specific privacy and compliance needs.
• Influence and guide development teams to prioritize privacy-by-design principles.

Qualifications

• 5+ years of experience in information security, data privacy, or access control systems.
• Proven track record designing and implementing complex security architecture.
• Strong knowledge of modern authorization frameworks, RBAC/ABAC systems, and data classification methodologies.
• Experience leading teams and influencing cross-functional stakeholders.
• Technical background with understanding of databases, APIs, and enterprise software architecture (knowledge also in implementation and development - Python).
• Understanding of data privacy regulations (GDPR, CCPA) and their technical implementation requirements.
• Proficiency in English language (B2+/C1 level).

Nice to have 

• Knowledge of AI/ML systems and the unique privacy challenges they present.
• Familiarity with LLMs and the privacy implications of their use in enterprise contexts.
• Understanding of vector databases and embedding-based systems.
• Experience in regulated industries (finance, healthcare, legal) with complex information barrier requirements.
• Background in data lineage and provenance tracking systems.

Additional Information

If You applied for this position the Controller of your personal will be  ACT DIGITAL POLSKA Sp. z o.o., with its registered office at Przyokopowa 31, 01-208 Warsaw. The personal data provided by you will be processed for the purpose of the recruitment process and for future recruitment processes. You will have the right too choose one or both options on next page.

You have the right to access the content of your data, request their rectification, erasure, restriction of processing, the right to data portability, the right to object to the processing of your data and the right to lodge a complaint to the President of the Personal Data Protection Office.