Resource Center / Tools and Trackers / Privacy Engineering: Software Developers and Engineers
Software Developers and Engineers
Privacy Engineering Domains
This resource, developed by the IAPP Privacy Engineering Section Advisory Board and part of the Privacy Engineering Domains series, provides an overview on the role of software developers and engineers.
Last updated: December 2023
This resource provides an overview on the role of software developers and engineers, who assist in ensuring software meets organizational compliance requirements and security objectives.
This resource is part of a wider IAPP series on Privacy Engineering Domains, which facilitates a deeper understanding of and collaboration within the increasingly important field of privacy engineering.
Overview of role
The below section highlights key responsibilities, skills and organizational governance related to the role of software developers and engineers. This resource is available as a chart in PDF format here.
-
expand_more
Tasks
- Perform code development and review to ensure software meets the privacy and security control objectives.
- Evaluate and build tooling to support automation of privacy-risk evaluation and privacy-policy enforcement.
- Align coding practices with company programs and standards and global practices.
- Develop and deploy privacy-enhancing technologies.
- Develop new data-management products.
-
expand_more
Professional profile
Technical competencies:
- Computer science
- Data science
- Encryption
- Anonymization and pseudonymization
- Cookie management
- Identity and access management
- Federated learning
- Data structures
- Algorithms
- Runtime complexity
- Application programming interfaces
- Database design
- Programming
- Cloud computing
- PETs
Areas of expertise:
- Programming
- Data science
- Artificial intelligence
- Systems/database engineering
- Systems and network/cloud architecture
- Secure software development
- Program management
- Business intelligence
- Engineering
- Software research and development
-
expand_more
In the organization
Reports to:
- Head of software engineering/architecture
- Chief technology officer
- Systems architecture and development
Works with:
- Software engineers
- Architects
- Developers
- Quality assurance
- Business operations
- Information technology and security
- Product management
- Risk, audit, assurance
- Supply-chain, procurement
- Legal and compliance
-
expand_more
Strategic drivers
- Developing and maintaining privacy-enhancing frameworks, tools and products to meet privacy and data protection regulatory requirements.
- Detecting and mitigating privacy threats in software throughout development and production.
- Researching and detecting privacy compliance against privacy policies.
-
expand_more
Tools and resources
- Software development platforms and cloud-based code repositories and services.
- Dynamic and static code analysis tools.
- Security and privacy training and certifications.
-
expand_more
Getting it right means
- Privacy-enhancing frameworks, tools and technologies are well developed, maintained and create business value.
- Software developers have the appropriate resources and time to learn and maintain the technical skills necessary to build PETs.
- Strong culture of innovation, with privacy as a business differentiator and enabler in product development.
- Lower attrition of highly skilled developers who are not only privacy-aware, but able to cross disciplines to develop and add value to the organization.