Professional Summary
Staff Privacy Engineer & Architect with 20+ years of enterprise engineering and a decade embedding privacy-by-design into global platforms. Architected Kimberly-Clark’s North America DSAR automation platform from the ground up — submission portals, admin workflows, backend APIs, automated deletion pipelines, and integrations with third parties — ensuring on-time CCPA compliance. Earlier, designed and hardened K-C’s SSOLS authentication system, pioneering modern privacy and security practices years before GDPR/CCPA. Known for turning regulatory requirements into scalable, automated solutions that protect consumers, reduce risk, and save millions.
I also maintain a technical blog (justingengo.com) where I publish hands-on privacy and security experiments, including TLS hardening, compliance automation, and privacy engineering best practices.
Selected Impact Highlights
- Architected & deployed North America’s DSAR automation system (web forms, ticketing/admin portal, APIs, deletion pipelines, email workflows). Built POCs, led daily development, and operationalized the system to achieve CCPA compliance.
- Directed NA migration to OneTrust DSAR: mapped workflows, built privacy portal, guided upgrades, and advised global rollout.
- Built & secured SSOLS authentication platform (40+ websites) with pseudonymization, TLS-only traffic, irreversible password hashing, role-based access, and audit logging.
- Implemented adaptive authentication & breach intelligence: IP heuristics, conditional reCAPTCHA, credential breach checks, and verified email change workflows to prevent account takeovers.
- Partnered with Legal/Security as Privacy SME, embedding privacy by design across 100+ global websites.
- Estimated $32M+ cost avoidance and $1M+ annual savings through privacy-aligned architecture and reusable components.
Core Skills
Privacy Engineering (DSAR Automation, Consent, Deletion, Anonymization, Data Minimization) • GDPR / CPRA / CCPA Compliance Automation • OneTrust DSAR • Threat Modeling (LINDDUN) • Privacy by Design • PETs (pseudonymization, anonymization, differential privacy POCs) • Breach Response Automation • Credential Stuffing Mitigation • Audit Logging & Access Control • Federated Identity (SAML) • Cloudflare TLS/SSL Management • Secure SDLC • CI/CD • Sitecore (v5–10) • C#/.NET, JavaScript, SQL • Python (privacy/security POCs) • Azure DevOps, Git/TFS, Jenkins
Professional Experience
Kimberly-Clark Corporation – Neenah, WI
Lead Solution Architect (Global)
October 2024 – Present
Technical Lead / Solutions Architect (North America)
January 2016 – September 2024
Mobile Application Architect
January 2015 – March 2016
Senior Systems Developer / Technical Specialist
June 2011 – December 2014
- Architected North America’s DSAR automation (CCPA): submission forms, admin workflows, backend APIs, deletion pipelines, and automated emails.
- Directed NA’s OneTrust DSAR migration, built regional portal, and guided global adoption.
- Embedded privacy by design across 100+ consumer websites in NA, EMEA, LAO, and APAC.
- Standardized audit logging, data retention workflows, and access controls in privacy systems.
- Partnered with Legal & Security to conduct privacy risk assessments and threat modeling.
- Prototyped Python-based privacy/security POCs, including data anonymization, credential monitoring, and TLS hardening experiments.
Avastone Technologies, LLC – Little Chute, WI
Tech Lead (Web Team) / Senior Systems Developer
August 2009 – October 2011
- Standardized requirements and shared code library; improved delivery speed and quality across projects.
- Created custom, “bolt-on” admin area for non-programmers to manage all aspects of an Ektron CMS system.
Miles Kimball, Inc. – Oshkosh, WI
Web Analyst
April 2007 – August 2009
- Architected web services with Microsoft Commerce Server & Dynamics; redesigned checkout flow to reduce abandonment; improved site performance.
Avastone Technologies, LLC – Little Chute, WI
Senior Systems Developer
May 2006 – April 2007
- Led major medical app upgrade (.NET 1.0→2.0, SQL Server 2000→2005); provisioned new environments; improved reliability and performance.
F+W Publications, Inc. – Iola, WI
Web Developer
March 2001 – April 2006
- Automated ad placement and built content systems; created newsletter and survey platforms to support marketing campaigns.
Education & Certifications
University of Wisconsin Oshkosh
Bachelor of Science
- Microsoft 70-305 Certified
- Sitecore Certified Developer (v5–9, +Ecommerce)
- Kentico Certified Developer
- Ektron Certified Developer
Professional Development
- Cloudflare TLS Hardening (2025): Migrated personal site from Flexible SSL to Full (Strict) with Origin Certificates, HSTS, and modern TLS configuration, achieving A+ SSL Labs rating.
- Pluralsight Training (Ongoing): Privacy Engineering, Cloud Security, Threat Modeling, Identity & Access Management.
- Target Certification: IAPP CIPT (Certified Information Privacy Technologist), in progress.