Director, Data Security Engineering (Digital Trust)
Coupang · South Korea
Company Introduction
We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we’re collectively disrupting the multi-billiondollar e-commerce industry from the ground up. We are one of the fastest-growing ecommerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce.
We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day.
Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world.
Job Overview
The Director of Data Security Engineering is responsible for defining and executing the organization’s data protection strategy, ensuring the confidentiality, integrity, and availability of sensitive data across all environments. This leader will build and scale a modern data security engineering program, driving innovations in data protection technologies, automation, and zero trust practices to safeguard enterprise and customer data. This role partners closely with security architecture, privacy, engineering, legal, and business stakeholders to operationalize data security across cloud, SaaS, and on-premises ecosystems.
Key Responsibilities
Responsibilities will include, but not be limited to, the following: Strategy & Leadership
Define and execute the enterprise data security strategy aligned with business objectives and risk posture. Build, lead, and mentor a high-performing data security engineering team. Establish multi-year roadmaps for data protection capabilities (e.g., data discovery, classification, encryption, DLP). Act as a subject matter expert and executive advisor on data security risks and controls.
Data Protection Engineering
Design and implement scalable controls for:
Data discovery, classification, and labeling Data Loss Prevention (DLP) across endpoints, networks, SaaS, and cloud Encryption and key management (at rest, in transit, in use) Tokenization, masking, and anonymization
Lead engineering efforts for securing structured and unstructured data across:
Cloud platforms (AWS, Azure, GCP) SaaS applications (M365, Salesforce, etc.) Data platforms (databases, data lakes, warehouses)
Cloud & Modern Data Security
Drive security integration into modern data architectures (data lakes, AI/ML pipelines, GenAI systems). Implement and mature Zero Trust data access models. Ensure secure data usage in analytics, APIs, and distributed systems.
Risk, Compliance & Privacy Alignment
Align data security controls with regulatory and compliance frameworks Partner with Privacy and Legal teams to embed privacy-by-design and data minimization principles. Support audit readiness and remediation efforts related to data protection.
Threat Protection & Incident Response
Collaborate with threat detection & response teams to identify and mitigate data exfiltration risks. Develop controls and telemetry to detect insider threats and anomalous data access. Lead post-incident reviews related to data security breaches.
Stakeholder Collaboration
Work cross-functionally with:
Security Architecture & Platform Engineering Application & Infrastructure Engineering Data Engineering & Analytics teams Legal, Compliance, and Privacy teams
Communicate risks, strategies, and program maturity to executive leadership.
Essential Requirements
10–15+ years of experience in cybersecurity, with significant focus on data security. 5+ years in a leadership role managing security engineering teams. Deep expertise in:
Data security technologies (DLP, DSPM, encryption, key management) Cloud-native security (AWS, Azure, GCP) Data platforms (Snowflake, Databricks, BigQuery, etc.)
Strong understanding of:
Zero Trust principles Identity and access management (IAM, RBAC/ABAC) Secure data architecture patterns
Experience implementing security in CI/CD and DevSecOps environments. Familiarity with regulatory frameworks and data protection laws. Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
Preferred Requirements
Experience with Data Security Posture Management (DSPM) tools. Background in privacy engineering or working closely with CPO organizations. Knowledge of modern risks related to AI/GenAI and data leakage. Industry certifications (CISSP, CISM, CCSP, etc.). Experience in large-scale enterprise or highly regulated environments. Strategic thinking with strong execution focus Deep technical expertise balanced with business acumen Strong leadership and team-building skills Excellent communication and stakeholder management Problem-solving in complex, distributed environments
Recruitment Process & Others
Recruitment Process
Application Review - Phone Interview - Onsite (or Virtual Onsite) Interview – Offer The exact nature of the recruitment process may vary according to the specific job and may be changed due to scheduling or other circumstances. Interview schedules and the results will be informed to the applicant via the e-mail address submitted at the application stage.
Details to Consider
This job posting may be closed prior to the stated end date for application if all openings are filled. Coupang has the right to rescind an offer of employment if a candidate is found to have submitted false information as part of the application process. Coupang does not discriminate against disabled applicants or those with veteran status. We are proud to offer equal opportunities for all applicants. Job titles and responsibilities may be subject to change depending on the candidate’s overall experience, etc. This will be communicated to the candidate at the appropriate time before the offer.
Privacy Notice
Your personal information will be collected and managed by Coupang as stated in the Application Privacy Notice located below. https://www.coupang.jobs/en/privacy-policy/
Document Return Policy
This notification is given pursuant to Article 11 (6) of the Fair Hiring Procedure Act. A job applicant, who has applied but not been finally selected for a position at Coupang (the “Company”), may request the Company to return his/her hiring documents submitted pursuant to the Fair Hiring Procedure Act. However, this will not apply where the hiring documents were submitted via the website of the Company or e-mail, or where the job applicant submitted those documents voluntarily without a request from the Company. In addition, if the hiring documents were destroyed due to a natural disaster or any other reasons not attributable to the Company, such documents will be deemed to have been returned to the job applicant. A job applicant who wishes to request the return of his/her hiring documents pursuant to the main sentence of paragraph 2 above should fill out a “Request for Return of Hiring Documents” [Annex Form No. 3 in the Enforcement Rule of the Fair Hiring Procedure Act] and submit the request to the Company (Coupang Recruiting Team, Tower 730, 570 Songpa-daero, Songpa-gu, Seoul). In such case, within fourteen (14) days from the date of identifying the receipt of the request, the Company will send the hiring documents to the job applicant’s designated address via registered mail. Please be informed that the job applicant is required to pay the postage on the registered mail. In preparation for a job applicant’s request for the return of hiring documents pursuant to the main sentence of paragraph 2 above, the Company shall retain the original hiring documents submitted by the job applicant for 180 days from the completion of the recruiting process. If no request is made until the end of this period, all of his/her hiring documents will be destroyed immediately in accordance with the Personal Information Protection Act.