Staff Security Engineer (Data Security Engineering)

• 전사 민감 데이터 식별, 분류, 보호, 모니터링을 위한 데이터 보안 프로그램 설계 및 구축 주도
• AI 및 자동화를 활용한 PII 탐지 결과 분석, 탐지 정확도 향상 및 오탐 감소, 신속한 대응 지원 체계 구축
• 데이터 스캐닝, PII 검토, 접근 제어 거버넌스, 리스크 관리를 지원하는 내부 보안 도구 및 플랫폼 설계 및 개발
• 엔지니어링, 데이터 플랫폼, 개인정보보호, 컴플라이언스, 비즈니스 조직과 협업하여 민감 데이터 리스크 식별 및 대응 방안 수립
• 데이터 소유자 및 플랫폼 팀과 협력하여 데이터 파이프라인, 데이터 레이크, 데이터 웨어하우스 및 운영 시스템에 민감 데이터 제어 체계 통합
• 시스템 전반에서 민감 데이터의 수집, 저장, 변환, 공유 및 활용 흐름을 파악하기 위한 데이터 계보(Data Lineage) 분석 지원
• 데이터 탐지, 분류, 마스킹, 토큰화, 접근 제어, 감사 로깅 솔루션에 대한 기술 요구사항 정의
• 불필요한 PII 저장, 평문 민감 데이터, 과도한 접근 권한, 안전하지 않은 데이터 이동 등을 포함한 민감 데이터 노출 리스크 개선 추진

• 보안 검토, PII 분석, 데이터 분류, 오탐 감소를 위해 AI 또는 머신러닝을 활용한 경험을 보유하신 분
• DataHub, OpenMetadata 등 상용 또는 오픈소스 데이터 탐지 도구 활용 경험을 보유하신 분
• 개인정보 보호, 프라이버시 규제, 감사 로깅, 규제 데이터 접근 등 컴플라이언스 요구사항 관련 경험을 보유하신 분
• 대규모 크로스펑셔널 보안 이니셔티브를 리드한 경험을 보유하신 분

We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did I ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we are collectively disrupting the multi-billion-dollar commerce industry from the ground up and establishing an unparalleled reputation for being leading and reliable force in South Korean commerce.

We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurs surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day.

Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world.

We are looking for a Staff Data Security Engineer to lead the design, development, and implementation of data security capabilities across the organization. This role will focus on protecting sensitive data, improving PII discovery and analysis, building internal security tools, and collaborating with cross-functional teams to reduce sensitive data exposure risks. 

• →Lead the development and implementation of data security programs to identify, classify, protect, and monitor sensitive data across the company. 

• →Use AI and automation to analyze PII discovery findings, improve detection accuracy, reduce false positives, and support faster remediation. 

• →Design and build internal security tools, platforms, and workflows to support data scanning, PII review, access governance, and risk management. 

• →Work closely with engineering, data platform, privacy, compliance and business teams to identify sensitive data risks and implement mitigation plans. 

• →Partner with data owners and platform teams to integrate sensitive data controls into data pipelines, data lakes, warehouses, and production systems. 

• →Support data lineage analysis to understand how sensitive data is collected, stored, transformed, shared, and consumed across systems. 

• →Define technical requirements for data discovery, classification, masking, tokenization, access control, and audit logging solutions. 

• →Drive remediation of sensitive data exposure risks, including unnecessary PII storage, plaintext sensitive data, excessive access, and unsafe data movement. 

• Strong experience in data security, security engineering, or related fields. 

• Hands-on experience with PII discovery, data classification, data masking, or access control. 

• Experience working with large-scale data platforms such as S3, Hive, Redshift, RDS, MySQL, PostgreSQL, Kafka, MongoDB, DynamoDB, Elasticsearch, or similar systems. 

• Experience with data lineage, data flow mapping, data governance, or metadata management. 

• Strong programming or scripting skills, such as Python, Bash, Java, or similar languages. 

• Experience building internal tools, automation workflows, APIs, or security platforms. 

• Good understanding of cloud security, especially AWS data services and IAM-based access control. 

• Ability to work cross-functionally with engineering, data, compliance, privacy, and business teams. 

• Strong problem-solving skills and the ability to turn complex security risks into practical technical solutions. 

• Experience using AI or machine learning to support security review, PII analysis, data classification, or false-positive reduction. 

• Experience with commercial or open-source data discovery tools such as DataHub, OpenMetadata, or similar platforms. 

• Experience with compliance requirements related to personal data protection, privacy regulations, audit logging, or regulated data access. 

• Experience leading large cross-functional security initiatives as a staff-level engineer. 

· Application Review - Phone Interview - Virtual Onsite Interview – Offer

· The exact nature of the recruitment process may vary according to the specific job and may be changed due to scheduling or other circumstances.

· Interview schedules and the results will be informed to the applicant via the e-mail address submitted at the application stage.

· This job posting may be closed prior to the stated end date for application if all openings are filled.

· Coupang has the right to rescind an offer of employment if a candidate is found to have submitted false information as part of the application process. · Those eligible for employment protection (recipients of veteran’s benefits, the disabled, etc.) may receive preferential treatment for employment in accordance with applicable laws.

· Job titles and responsibilities may be subject to change depending on the candidate’s overall experience, etc. This will be communicated to the candidate at the appropriate time before the offer.

· Hiring may be restricted in case the legal qualifications required for hiring and work performance is not met. · (Recruiter Note: add in the case of full-time regulars) This is a full-time regular position and includes 12 weeks of probation period; provided, however, the probationary period may be either skipped, shortened or extended if necessary for business purposes. · (Recruiter Note: add if probation period is applicable, for example in the case of contract position of 3 months or longer) This is a contract position and includes 12 weeks of probation period; provided, however, the probationary period may be either skipped, shortened or extended if necessary for business purposes.

· Your personal information will be collected and managed by Coupang as stated in the Application Privacy Notice located below. https://privacy.coupang.com/en/land/jobs/

1. This notification is given pursuant to Article 11 (6) of the Fair Hiring Procedure Act.

2. A job applicant, who has applied but not been finally selected for a position at Coupang (the “Company”), may request the Company to return his/her hiring documents submitted pursuant to the Fair Hiring Procedure Act. However, this will not apply where the hiring documents were submitted via the website of the Company or e-mail, or where the job applicant submitted those documents voluntarily without a request from

the Company. In addition, if the hiring documents were destroyed due to a natural disaster or any other reasons not attributable to the Company, such documents will be deemed to have been returned to the job applicant.

3. A job applicant who wishes to request the return of his/her hiring documents pursuant to the main sentence of paragraph 2 above should fill out a “Request for Return of Hiring Documents” [Annex Form No. 3 in the Enforcement Rule of the Fair Hiring Procedure Act] and submit It by email (recruitingops@coupang.com). In such case, within fourteen (14) days from the date of identifying the receipt of the request, the Company will send the hiring documents to the job applicant’s designated address via registered mail. Please be informed that the job applicant is required to pay the postage on the registered mail.

4. In preparation for a job applicant’s request for the return of hiring documents pursuant to the main sentence of paragraph 2 above, the Company shall retain the original hiring documents submitted by the job applicant for 180 days from the completion of the recruiting process. If no request is made until the end of this period, all his/her hiring documents will be destroyed immediately in accordance with the Personal Information Protection Act.

5. The above paragraphs 1 - 4 shall only apply when the labor-related laws of Korea govern the application. They are otherwise not applicable.