Top Benefits
About the role
Position Summary
The Sr Analytics Engineer architects, builds, and operates secure, scalable data pipelines and analytics integrations within a governed AWS cloud environment. This role carries direct accountability for data quality, privacy-preserving engineering, and compliance with HIPAA, SOC 2, GDPR, and CCPA. The individual serves as the technical authority on analytics engineering standards and partners with Security, Legal, and Compliance teams to ensure all data products meet enterprise governance requirements.
AWS Technology Stack
Deep hands-on expertise required across the following AWS service areas:
- Data Storage & Lake: S3, Lake Formation, Glue Data Catalog, DynamoDB
- Processing & ETL: Glue (PySpark), Lambda, Step Functions, EMR
- Analytics & Query: Athena, Redshift / Redshift Serverless, QuickSight
- Integration & Streaming: Kinesis, API Gateway, Transfer Family, AppFlow
- Security & Encryption: KMS, IAM, Secrets Manager, Macie, GuardDuty, CloudTrail
- Monitoring & Compliance: CloudWatch, AWS Config, X-Ray, Systems Manager
- Networking & Isolation: VPC, PrivateLink, AWS Clean Rooms
Governance & Compliance Responsibilities Regulatory Compliance
- Design data architectures compliant with HIPAA (PHI encryption, minimum necessary access, audit retention), GDPR/CCPA (DSAR automation, right-to-erasure, consent management), SOC 2 Type II (access reviews, change management, continuous monitoring), and PCI DSS where applicable.
- Implement data residency and sovereignty controls ensuring data remains within approved AWS Regions.
Data Governance & Quality
- Enforce data classification standards (Public, Internal, Confidential, Restricted) via Macie and Lake Formation LF-Tags. Implement automated data quality frameworks with freshness, completeness, and accuracy SLAs.
- Maintain data lineage documentation, data retention/purge policies via S3 Lifecycle Rules and DynamoDB TTL, and participate in Data Governance Council reviews and compliance audits.
Security & Access Governance
- Implement least-privilege access models with quarterly reviews, IAM Access Analyzer scans, and encryption-at-rest/in-transit standards with KMS key policy management.
- Design masking, tokenization, and anonymization pipelines for non-production environments. Enforce IaC governance via CloudFormation/Terraform with security review gates and drift detection.
Similar Jobs
Top Benefits
About the role
Position Summary
The Sr Analytics Engineer architects, builds, and operates secure, scalable data pipelines and analytics integrations within a governed AWS cloud environment. This role carries direct accountability for data quality, privacy-preserving engineering, and compliance with HIPAA, SOC 2, GDPR, and CCPA. The individual serves as the technical authority on analytics engineering standards and partners with Security, Legal, and Compliance teams to ensure all data products meet enterprise governance requirements.
AWS Technology Stack
Deep hands-on expertise required across the following AWS service areas:
- Data Storage & Lake: S3, Lake Formation, Glue Data Catalog, DynamoDB
- Processing & ETL: Glue (PySpark), Lambda, Step Functions, EMR
- Analytics & Query: Athena, Redshift / Redshift Serverless, QuickSight
- Integration & Streaming: Kinesis, API Gateway, Transfer Family, AppFlow
- Security & Encryption: KMS, IAM, Secrets Manager, Macie, GuardDuty, CloudTrail
- Monitoring & Compliance: CloudWatch, AWS Config, X-Ray, Systems Manager
- Networking & Isolation: VPC, PrivateLink, AWS Clean Rooms
Governance & Compliance Responsibilities Regulatory Compliance
- Design data architectures compliant with HIPAA (PHI encryption, minimum necessary access, audit retention), GDPR/CCPA (DSAR automation, right-to-erasure, consent management), SOC 2 Type II (access reviews, change management, continuous monitoring), and PCI DSS where applicable.
- Implement data residency and sovereignty controls ensuring data remains within approved AWS Regions.
Data Governance & Quality
- Enforce data classification standards (Public, Internal, Confidential, Restricted) via Macie and Lake Formation LF-Tags. Implement automated data quality frameworks with freshness, completeness, and accuracy SLAs.
- Maintain data lineage documentation, data retention/purge policies via S3 Lifecycle Rules and DynamoDB TTL, and participate in Data Governance Council reviews and compliance audits.
Security & Access Governance
- Implement least-privilege access models with quarterly reviews, IAM Access Analyzer scans, and encryption-at-rest/in-transit standards with KMS key policy management.
- Design masking, tokenization, and anonymization pipelines for non-production environments. Enforce IaC governance via CloudFormation/Terraform with security review gates and drift detection.