Manager, Privacy Compliance

Posted 7 Hours Ago
Easy Apply
Be an Early Applicant
Hiring Remotely in United States
Remote
146K-225K Annually
Senior level
Big Data • Fintech • Mobile • Payments • Financial Services
We create honest financial products that improve lives. Ready to make a difference?
The Role
Lead second-line oversight and governance of Affirm's privacy compliance program. Translate regulatory requirements into policies and controls, monitor DSARs, DPIAs, consent, retention, and incident response; review control design, track remediation, support audits and reporting, and partner with Product, Engineering, Legal, and third-party risk to drive compliant outcomes.
Summary Generated by Built In

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

About the Team:

Affirm's Compliance organization supports the company's risk management framework across all three lines of defense, partnering with teams throughout the business to promote a strong culture of compliance and effective risk management. The Privacy Compliance team sits within the second line of defense and is responsible for the independent oversight and governance of Affirm's privacy compliance program. The team partners closely with Legal, Product, Engineering, Operations, and other business functions to establish policies, standards, and control expectations, monitor compliance with regulatory requirements, and provide independent challenge to help ensure privacy risks are effectively managed while maintaining second-line independence.

About the Role: 

The Compliance Manager, Privacy operates within the second line of defense and is responsible for oversight and governance of the Privacy compliance program. This role translates legal and regulatory requirements into policies, standards, and control expectations, and provides independent monitoring and challenge to support effective implementation by first-line teams.

In alignment with the company’s privacy operating model, Legal retains responsibility for regulatory interpretation and legal advisory, while Product, Engineering, and Operations own the implementation and execution of controls. This role partners with those teams to drive compliant outcomes while maintaining second-line independence.

This role does not serve as a designated Data Protection Officer (DPO) and does not hold regulatory accountability for statutory privacy roles.

What You’ll Do:
  • Support oversight of the existing Privacy compliance program across jurisdictions, with primary focus on U.S. requirements and alignment to global privacy obligations, where required suggest improvements. 
  • Translate Legal guidance and regulatory requirements into policies, standards, and control expectations, ensuring clear articulation of compliance requirements for first-line teams.
  • Provide oversight and maintain existing governance frameworks and standards for core privacy program areas, including:
    • Data subject rights (DSAR) processes and SLAs
    • Data protection impact assessment (DPIA) governance and documentation standards
    • Consent and preference management expectations
    • Data retention and deletion requirements
  • Partner with Product and Engineering to advise on and review the design and implementation of privacy controls, ensuring alignment to regulatory expectations while maintaining second-line independence.
  • Provide independent oversight and effective challenge of first-line privacy control environments, including review of control design, identification of gaps, and tracking of remediation actions.
  • Oversee privacy incident and breach response processes from a governance perspective, including review of escalation, documentation, and outcomes, in coordination with Legal on notification requirements.
  • Maintain privacy risk registers and support risk assessment processes, including DPIA oversight, issue identification, and remediation tracking.
  • Monitor adherence to privacy requirements and control expectations, including data subject rights processes, consent management, and regulatory obligations, and escalate issues where gaps are identified.
  • Support audits, regulatory examinations, and bank partner reviews by coordinating second-line input, reviewing materials, and tracking remediation actions.
  • Produce and contribute to privacy monitoring and governance reporting, including metrics and risk summaries for management and risk committees (e.g., RMC, CRMC).
  • Partner with third-party risk functions to provide second-line oversight of privacy considerations in vendor and merchant onboarding and monitoring processes.
  • Collaborate with international compliance and DPO functions to support consistent application of privacy governance frameworks, without assuming DPO accountability.
  • Support privacy training and awareness by defining requirements and reviewing program effectiveness in coordination with first-line execution teams.
What We Look For:
  • 6–10+ years of experience in privacy compliance, regulatory compliance, risk management, or a related control function, preferably within financial services, fintech, or a regulated environment.

  • Strong understanding of U.S. privacy laws (e.g., CCPA/CPRA, GLBA) and familiarity with international regimes (e.g., GDPR, UK GDPR).

  • Experience operating within a second-line of defense model, including governance, oversight, and independent challenge of first-line control environments.

  • Demonstrated ability to translate regulatory requirements into policies, standards, and control expectations (not direct control ownership or legal interpretation).

  • Experience reviewing control design and effectiveness, including participation in audits, regulatory exams, or control testing programs.

  • Strong cross-functional partnership skills, with the ability to influence Product, Engineering, and Operations without direct ownership.

  • Sound judgment and ability to escalate and manage regulatory risk appropriately.

  • Bachelor’s degree or equivalent practical experience; relevant certifications (e.g., CIPP, CIPM) are a plus. 

Pay Grade - L

Equity Grade - 6

Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills.

Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents.)

USA base pay range (CA, WA, NY, NJ, CT) per year: $165,000 - $225,000

USA base pay range (all other U.S. states) per year: $146,000 - $206,000


Please note that visa sponsorship is not available for this position.
#LI-Remote
 

Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities.

We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include: 

  • Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents 
  • Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
  • Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
  • ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount

We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.

[For U.S. positions that could be performed in Los Angeles or San Francisco] Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records.

By clicking "Submit Application," you acknowledge that you have read Affirm's Global Candidate Privacy Notice and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.

Skills Required

  • 6-10+ years experience in privacy compliance, regulatory compliance, risk management, or related control function
  • Strong understanding of U.S. privacy laws (CCPA/CPRA, GLBA) and familiarity with GDPR/UK GDPR
  • Experience operating within a second-line of defense model (governance, oversight, independent challenge)
  • Ability to translate regulatory requirements into policies, standards, and control expectations
  • Experience reviewing control design and effectiveness, including participation in audits or regulatory exams
  • Strong cross-functional partnership and influencing skills with Product, Engineering, and Operations
  • Sound judgment and ability to escalate and manage regulatory risk appropriately
  • Bachelor's degree or equivalent practical experience
  • Relevant certifications (e.g., CIPP, CIPM)

What the Team is Saying

Nupur
Jerry
Adam
Affirm
Affirm
Affirm

Affirm Compensation & Benefits Highlights

  • Healthcare Strength Benefits include comprehensive medical, dental, vision, and robust mental‑health programs, with $0 employee medical premiums for certain plans. Feedback suggests this combination makes coverage both strong and cost‑effective.
  • Parental & Family Support Birth and non‑birth parents receive 18 weeks of fully paid leave plus a four‑week, full‑pay return‑to‑work transition, alongside family‑planning support. Feedback suggests these policies are a standout strength for those planning or growing families.
  • Leave & Time Off Breadth Generous/flexible PTO is augmented by 20 company‑wide Away Days and additional options like “Life Happens Leave.” Feedback suggests the mix enables both collective recharge and personal time away.

Affirm Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: San Francisco , CA
2,200 Employees
Year Founded: 2012

What We Do

At Affirm, we help people say yes to the things that matter with flexible, transparent ways to pay over time. No hidden fees, no compound interest, and no fine print—just a smarter way to spend.

Why Work With Us

Who is an Affirmer? /noun/ Someone who believes finance shouldn’t be complicated. We come from a diverse set of backgrounds and we’re driven by the desire to improve lives through honest financial products. We define success by challenging one another to bring our best ideas to every single project—and we have fun while doing it.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Affirm Offices

Remote Workspace

Employees work remotely.

Affirm is a remote-first company! Our employees can work anywhere in the U.S. but if an office is more your style, we have office locations in San Francisco, Chicago, New York City, and Pittsburgh.

Typical time on-site:
HQSan Francisco, CA
Spain
United Kingdom
Chicago, IL
New York, NY
Toronto, ON
Warsaw, PL
Learn more

Similar Jobs

Affirm Logo Affirm

Director, Platform Accounts Management

Big Data • Fintech • Mobile • Payments • Financial Services
Easy Apply
Remote
United States
2200 Employees
244K-350K Annually

Affirm Logo Affirm

Senior Engineering Manager

Big Data • Fintech • Mobile • Payments • Financial Services
Easy Apply
Remote
United States
2200 Employees
232K-310K Annually

Affirm Logo Affirm

Staff Software Engineer

Big Data • Fintech • Mobile • Payments • Financial Services
Easy Apply
Remote
United States
2200 Employees
232K-310K Annually

Affirm Logo Affirm

Business Development Associate

Big Data • Fintech • Mobile • Payments • Financial Services
Easy Apply
Remote
United States
2200 Employees
66K-105K Annually

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account