Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Data Privacy Manager

$118.5k - $152.5k

Lendistry

Lendistry is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, or membership in any other group protected by federal, state, or local law.

If you need assistance or accommodation due to a disability, you may contact us at View email address on click.appcast.io

Lendistry does not accept unsolicited resumes from recruiters, employment agencies, or staffing firms. To conduct business with Lendistry, a Master Services Agreement (MSA) must be executed and confirmed prior to submitting any information relating to a potential candidate. Without a signed MSA, Lendistry shall not be responsible to any individual or entity for any payment relating to any form of fee or compensation.

And, in the event that a resume or candidate is submitted by a recruiter, an employment agency, or a staffing firm without a fully executed MSA, Lendistry has the unrestricted right to pursue and hire any of those candidate(s) without any legal or financial responsibility to the recruiter, agency, and/or firm.


A Day in the Life

The Data Privacy Manager will lead the administration of the enterprise privacy program across Lendistry's and affiliated and subsidiary entities. Reporting to the VP, Enterprise Security, this role is the organization's technical data privacy subject matter expert, translating regulatory requirements into concrete technical controls and auditable processes.

You will own the governance, technical, and operational aspects of Lendistry's privacy program, spanning regulatory obligations under CCPA/CPRA, GLBA, SBA program requirements, state lending and consumer finance law, and evolving state privacy statutes, through day-to-day privacy operations, data subject rights handling, vendor privacy diligence, and privacy-by-design embedded in product development and AI/ML pipelines.

You will partner closely with Security, Legal, Compliance, Product, Engineering, and every business unit and process that collects, processes, or shares personal information, serving as the primary driver of technical implementation of compliance obligations across the organization.

Lendistry: Who We Are


We're proud to be the nation's largest minority-led, tech-savvy lender for small businesses and commercial real estate. As a certified Community Development Financial Institution (CDFI) and Community Development Entity (CDE), our mission is all about creating economic opportunities and fueling growth for small business owners and their communities. Join us as we pave the way with innovative financing and financial education!

What You'll Be Doing

Data Privacy & Protection
  • Serve as the Data Privacy subject matter expert for the organization.
  • Design, implement, and manage solutions to protect personal data, embedding "privacy by design" into the software development lifecycle, product architecture, and AI/ML privacy integration.
  • Act as a bridge between Compliance, Legal, and Engineering teams to translate privacy policy and regulatory requirements into (i) actionable requirements such as data minimization, encryption, tokenization, data masking, anonymization, and access controls, and (ii) clearly defined, auditable controls.
  • Maintain and continuously update enterprise data flow diagrams and data inventories to map the lifecycle of personal information from ingestion to deletion.
  • Lead and document annual privacy risk assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
  • Manage first-line-of-defense compliance with the technical requirements of applicable US state privacy laws (CCPA/CPRA, GLBA Safeguards Rule, and the growing patchwork of state statutes).
  • Support incident response activities related to data privacy, including breach assessment, documentation, and regulatory support, in partnership with the Security and Legal.
Privacy Strategy & Program Ownership
  • Own the governance, technical, and operational aspects of the enterprise privacy program across Lendistry and all subsidiary entities, working cross-departmentally with Legal, Compliance, and Engineering to set privacy strategy.
  • Serve as Lendistry's point of contact for Legal and Compliance on privacy matters involving regulators, banking partners, auditors, and consumers.
  • Set the privacy roadmap, including annual program priorities, investment requests, and measurable objectives tied to business and regulatory risk.
  • Report regularly to VP, Security and executive leadership on privacy posture, material risks, regulatory developments, incidents, and program maturity.
Privacy by Design & AI Privacy
  • Embed privacy by design in the product development lifecycle, reviewing new features, data flows, retention changes, and vendor integrations before they ship.
  • Partner with the AI team to set privacy guardrails on Lendistry's AI systems, including data minimization, PII redaction before inference, model training data governance, and consumer disclosure for automated decisioning.
  • Contribute to Lendistry's responsible AI posture alongside Legal, Compliance, Security, and the AI team, with attention to fair lending, consumer disclosures for AI-driven decisions, and alignment with the NIST AI Risk Management Framework.
Third-Party & Vendor Risk
  • Support third-party risk assessments with a focus on data handling, privacy, and regulatory exposure.
  • Review vendor security and privacy documentation (SOC reports, SIGs, DPAs).
  • Maintain and update the data inventory and data flow diagrams to reflect new tools or changes in the use case of existing tools, ensuring the vendor data map accurately tracks who receives Lendistry personal data, for what purpose, under what contractual protections, and with what track record.
  • Track controls and remediation items and ensure vendors meet contractual and regulatory obligations.
Training & Culture
  • Work with Compliance and Training and Development teams to administer privacy training, including role-based training for engineering, credit, servicing, marketing, and customer-facing teams, plus executive-level education.
  • Build a privacy-aware culture where data questions prompt conversation rather than workarounds.
  • Serve as a credible, accessible partner to every business unit that handles personal information.
Cross-Functional Collaboration
  • Work closely with Security, Engineering, Product, Legal, Compliance, and Operations teams.
  • Provide practical guidance that balances compliance, risk reduction, and business velocity.
  • Assist with regulator, auditor, and customer due-diligence inquiries.
AI Governance & Responsible Use

Lendistry expects its AI privacy team to be among the most thoughtful users of AI tools in the company. This role will collaborate with Legal, Compliance, AI and Engineering leadership to set AI use standards and strategy for privacy operations
  • Stay current on AI capabilities and limitations as they relate to privacy operations
  • Assist the Legal, Compliance and AI teams in shaping the policies, training, and controls that govern AI use across the organization
Your Areas of Knowledge and Expertise
Core Experience
  • 5+ years in privacy, data protection, or a closely adjacent field, with a clear pattern of growing program ownership and regulatory accountability.
  • Hands-on experience supporting regulatory and compliance programs, including SOC 2 and GLBA Safeguards Rule, along with familiarity with U.S. state privacy laws (CA, CO, VA, CT, UT, TX, OR, MT, NJ, TN, IA, IN, DE, NE, NH, MD, MN) and global frameworks such as GDPR, PIPEDA, LGPD, or DPDPA.
  • Demonstrated ability to perform privacy and security risk assessments - PIAs, DPIAs, and data security risk assessments - with strong documentation and evidence-management practices.
  • Hands-on experience developing and maintaining data inventories, data maps, and data flow diagrams to support privacy compliance and regulatory obligations.
  • Deep working knowledge of CCPA/CPRA, including consumer rights, sensitive personal information, service provider vs. third-party distinctions, opt-out signals, and CPPA enforcement expectations.
  • Deep working knowledge of GLBA (Privacy Rule and Safeguards Rule) and how GLBA interacts with state privacy laws for financial institutions.
Technical & Program Skills
  • Understanding of privacy engineering and secure system design, including familiarity with privacy-enhancing technologies such as differential privacy, federated learning, and secure multi-party computation (particularly in AI/ML pipelines).
  • Working knowledge of data mapping and automation tools used to manage data subject rights requests and privacy operations workflows (e.g., OneTrust, Archer, TrustArc, Transcend, Osano, or equivalent).
  • Experience embedding privacy into product development - reviewing features, data flows, and vendor integrations at the point of design rather than at launch.
  • Experience overseeing privacy for AI or automated decisioning systems - data minimization, training data governance, consumer disclosure, and fair lending intersections.
  • Strong analytical, organizational, and documentation skills, with the ability to manage multiple compliance initiatives independently and communicate effectively across technical and business stakeholders.
Required Certifications
  • CIPT or CDPSE required. CIPM and CISSP preferred.
Preferred Qualifications
  • CIPP/US, CIPP/E, CIPM, CIPT, or FIP privacy certifications.
  • Experience in SBA lending, CDFI operations, or other federally regulated financial institutions.
  • Experience with state lending examinations, CFPB matters, or other consumer-protection regulator engagement.
  • Experience with the NIST Privacy Framework and NIST AI Risk Management Framework.
  • Experience building privacy programs across multiple legal entities or operating subsidiaries.
  • Experience with cross-border operations.
Why You'll Love Working Here:
  • Comprehensive Medical, Dental, and Vision Insurance
  • Generous Paid Time Off
  • Birthday Day Off
  • 12 Paid Company Holidays
  • 401(k) Match
  • FSA and HSA
  • Paid Life Insurance

  • Paid Disability Insurance
  • Pet Insurance
  • Employee Assistance Program (EAP)
  • Professional Development Courses
  • In Office Provided Snacks and Drinks
  • Gym Facilities (LA & Tustin/CEC Offices)
  • In Office Engagement Activities


Compensation Range

The US base salary range for this full-time position is $118,500 - $152,500 annually.

Our salary ranges are determined by role, level, and location.

The range displayed on each job posting reflects the minimum and maximum base salary for new hires for the position across all US locations. Within the range, individual pay is determined by multiple factors like job-related skills, experience, and state of residence. Your recruiter can share more about the specific salary range during the interview process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include any variable compensation elements.

Physical Requirements

This is a stationary position that requires frequent sitting (approximately 95%), repetitive wrist motions, grasping, speaking, listening, close vision, and the ability to adjust focus. It also may require occasional standing, lifting, carrying of 20lbs or less, walking, kneeling, bending/stooping, twisting, pulling/pushing, and reaching above the shoulder. Employees in this position must be physically able to efficiently perform the essential functions of the position.

ACKNOWLEDGEMENT
B.S.D. Capital, Inc. dba Lendistry is an equal employment opportunity employer committed to providing its employees, applicants and other covered persons with equal opportunities without regard to race, color, age (40 or older), religious creed (including religious belief, practice or dress and grooming practices), national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender (including pregnancy, childbirth or medical condition related to pregnancy or childbirth), gender expression, gender identity, sexual orientation, military or veteran status (including past, current or prospective service), or any other characteristic protected under applicable federal, state or local law.
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Data Privacy Manager in Los Angeles, CA vacancy
  • $85.2k - $159.3k

     ...career wherever you want it to go. Join EY and help build a better working world. Data Protection and Privacy Supervising Associate – Technology Reviews Ethics, Compliance, and Risk Management (ECRM) supports our people in managing the risks that arise during our daily... 
    Suggested
    Work experience placement
    Summer holiday
    Local area
    Flexible hours

    EY

    Los Angeles, CA
    1 day ago
  • $71k - $81k

     ..., and IT operations. This role will be responsible for monitoring security systems, responding to incidents, supporting endpoint management, maintaining compliance standards, and assisting with IT projects including ERP implementation. The ideal candidate will have hands... 
    Suggested
    Work at office
    Monday to Friday

    Pasona NA

    Los Angeles, CA
    3 days ago
  • MANTECH is seeking a motivated Network/System Administrator (NSA) -III to join our team in El Segundo, CA. This role supports various classified networks and day-to-day operations. The ideal candidate will have 6+ years of experience, a Bachelor's degree in a related field...
    Suggested

    MANTECH

    El Segundo, CA
    6 days ago
  • EY is seeking a Data Protection and Privacy Supervising Associate to manage compliance with legal and regulatory requirements within their technology teams. You will drive initiatives to safeguard data privacy, conducting due diligence, and supporting operational enhancements... 
    Suggested

    EY

    Los Angeles, CA
    2 days ago
  •  ...the kind of direct access and development opportunities that larger firms rarely offer at this level. Looking for 5-7+ years in data privacy and cybersecurity. Background in technology transactions, software licensing, fintech, or healthtech is a plus. Compensation is... 
    Suggested
    Work at office
    Flexible hours

    McClure Harrison, Inc.

    Los Angeles, CA
    3 days ago
  •  ..."Acceptable Use" standards for Artificial Intelligence (AI), automated tools, and remote work infrastructure. Approval Pipeline Management: Navigate the administrative approval process, incorporating feedback from the City Attorney, Labor Relations, and ITA Leadership... 
    Work at office
    Immediate start
    Remote work

    Odesus

    Los Angeles, CA
    4 days ago
  • $87.8k - $160.9k

    Ernst & Young Oman is seeking a Cyber Risk Consultant to identify, evaluate, and manage cyber risks across various organizations. This role emphasizes the importance of working closely with IT, security teams, and business units to align risk postures with business objectives... 

    Ernst & Young Oman

    Los Angeles, CA
    1 day ago
  • $110k - $140k

     ...maintain our cybersecurity certification. This operational core role manages alert triage across our cybersecurity tool stack, coordinates...  ...serve as core compliance evidence. Identify patterns in alert data and surface recurring issues to the InfoSec Engineer for remediation... 
    Permanent employment
    Immediate start

    Varda Space Industries

    El Segundo, CA
    2 days ago
  • A leading ticketing company is seeking a Security Analyst to enhance the security of its global platform. The role requires a minimum of 4 years in cybersecurity and offers a hybrid work model in Beverly Hills, CA. Key responsibilities include detecting security incidents...

    EVENTIM

    Los Angeles, CA
    2 days ago
  • $104k - $156k

     ...rigor, and rapid response. This role works closely with the Senior Manager of Enterprise Security and cross-functional engineering teams to...  ...that span perimeter, network, host, application, identity and data layers, ensuring and maintaining effectiveness of controls at... 
    Remote work

    Relativity

    Los Angeles, CA
    3 days ago
  • $85k - $95k

     ...Gurucul is seeking an entry-level Associate Product Manager to join our team in El Segundo, CA. In this role, you will help shape and deliver product capabilities across our cybersecurity platform, working closely with cross-functional teams. The ideal candidate will have... 

    GuruCul

    El Segundo, CA
    2 days ago
  • $198k - $248k

     ...business imperatives. You evangelize our industry leading solutions in Security Intelligence and Automation, XDR, Attack Surface Management, SOAR and Incident Response that establish Palo Alto Networks as a customer’s cybersecurity partner of choice. Your Impact Collaborate... 
    Remote work

    Palo Alto Networks

    Los Angeles, CA
    4 days ago
  •  ...approximately ten members, including analysts, engineers, and project managers. This role is integral to identifying, analyzing, and responding...  ...for Endpoint (MDE), Cloud Security Posture Management (CSPM), Data Loss Prevention (DLP), Microsoft Baseline Environment (MBE),... 
    3 days per week

    Insight Global

    Los Angeles, CA
    4 days ago
  • $80k - $110k

     ...Conduct security control implementation, validation, and assessment activities. Perform and document system audits and risk analysis. Manage and execute Continuous Monitoring (ConMon) tasks to ensure compliance throughout the system lifecycle. Support configuration... 
    Full time
    Work experience placement
    Local area
    Immediate start
    Remote work
    Flexible hours

    Areté

    Los Angeles, CA
    1 day ago
  • $120k - $150k

     ...This critical role will focus on building and maintaining robust data ingestion pipelines into our AWS Data Lake, primarily leveraging...  ...Fluent Bit & AWS Security Data Lake): Architect, implement, and manage scalable and reliable data ingestion pipelines from various... 

    Dormont Manufacturing Co

    Culver City, CA
    3 days ago
  • $102.17k

     ...for you! Trinnex is a visionary company that is transforming the way water resources are managed and protected. By combining cutting‑edge digital technologies, such as sensor/IoT data, models, geospatial data, and AI/machine learning, we create innovative, smart, and... 
    H1b

    Trinnex

    Los Angeles, CA
    4 days ago
  • $138k - $201k

     ...information security, engineering, and cloud-based infrastructure environments. 4 years of experience with identity and access management, directory services, cloud computing platforms, network security, and cloud architecture. Ability to travel up to 25% of the time... 
    Remote work

    Google Inc.

    Los Angeles, CA
    3 days ago
  •  ...involves ensuring compliance with security standards and requires a Top Secret security clearance with SCI access. Candidates will manage security documentation, perform audits, and support diverse cybersecurity and IT tasks. Ideal applicants have 1-2 years of experience... 
    Full time

    Arete

    Los Angeles, CA
    1 day ago
  • kozmetickesluzby.vecnakraska.sk - Jobboard is seeking a Cyber Triage and Forensics Incident Analyst to lead security incident responses at EY. The role involves performing forensic analysis, malware analysis, and investigating security incidents, ensuring robust incident...
    Flexible hours

    kozmetickesluzby.vecnakraska.sk - Jobboard

    Los Angeles, CA
    2 days ago
  • $130k - $180k

     ...technical execution - validating that controls are in place, risks are managed, and requirements are met for both internal and customer-facing...  ...assessments and audit efficiency through system integration, data utilization, and process improvement. Support third‑party risk... 
    Permanent employment
    Temporary work
    Remote work
    Flexible hours
    Weekend work

    SPACE EXPLORATION TECHNOLOGIES CORP

    Hawthorne, CA
    19 hours ago
  • Trinnex is looking for a Senior Cyber Security Analyst in Los Angeles to secure critical software systems supporting water utilities. The role involves advanced security monitoring, vulnerability assessments, and collaboration with engineering teams to enhance security ...

    Trinnex

    Los Angeles, CA
    3 days ago
  • $130k - $180k

     ...cyber assurance program against industry standards, contractual and regulatory requirements, and organizational needs. Governance - Manage and spearhead governance to interpret and drive implementation of industry standards, contractual and regulatory requirements, and... 
    Permanent employment
    Temporary work
    Remote work
    Weekend work

    SPACE EXPLORATION TECHNOLOGIES CORP

    Hawthorne, CA
    4 days ago
  • $144.9k - $265.8k

     ...Perform capability maturity and benchmarking assessments Analyze IAM data and provide actionable insights Develop IAM strategy and...  ...services (e.g., provisioning, authentication, authorization, identity management) Design and re‑engineer processes for centralized cloud access... 
    Work experience placement
    Summer holiday
    Flexible hours

    Ernst & Young Oman

    Los Angeles, CA
    2 days ago
  • $50 per hour

    Odesus, Inc. is seeking a Professional Consultant in Downtown Los Angeles, CA. This role is focused on leading the comprehensive update of the Information Security Policy and related standards. The consultant will be responsible for conducting policy gap analyses and facilitating...
    Hourly pay
    Contract work

    Odesus, Inc.

    Los Angeles, CA
    5 days ago
  • Astrion is seeking a Cyber Acquisition Program Manager in El Segundo, CA to lead cybersecurity efforts for the U.S. Space Force's FORGE program. This full-time position requires a strong background in cybersecurity, program management, and handling complex projects. The... 
    Full time

    ASTRION, INC.

    El Segundo, CA
    3 days ago
  • $111.04k - $145k

     ...alternative application process. Information Technology Security Manager- Hybrid Full Time Gardena, CA, US 5 days ago Requisition ID: 12...  ...organization to protect systems, networks, and sensitive member data. You’ll work alongside executive leadership and play a key role... 
    Full time
    Local area
    Monday to Friday
    Weekend work

    Northrop Grumman Federal Credi

    Gardena, CA
    2 days ago
  • Astrion is seeking a Cyber Acquisition Program Manager based in El Segundo, California, to oversee cybersecurity for the FORGE program. This role involves coordinating with technical teams and ensuring timely delivery of cyber solutions while meeting budget and compliance... 

    ASTRION, INC.

    El Segundo, CA
    1 day ago
  • The Aerospace Corporation, located in El Segundo, California, is seeking a Cyber Architect to analyze system requirements and oversee cybersecurity for space programs. Candidates should possess a Bachelor's degree in a technical field and at least eight years of relevant...

    The Aerospace Corporation

    El Segundo, CA
    5 days ago
  • GCS Recruitment is seeking an experienced IT Program Manager in Los Angeles, California, to lead complex enterprise-wide IT programs. The role emphasizes security audit readiness and compliance remediation, ensuring seamless integration across workstreams. The ideal candidate... 

    GCS Recruitment

    Los Angeles, CA
    2 days ago
  • $131.55k - $164.44k

     ...calling that drives us forward every day. Job Overview The Manager, Cyber Security Services (CSS) will be responsible for...  ...and standards. This position will partner closely with Legal, Privacy, Compliance, and IT GRC to ensure alignment on cybersecurity risks... 
    Flexible hours

    AltaMed Health Services

    Commerce, CA
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Data Privacy Manager. Be the first to apply!