Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Data Privacy Manager

$118.5k - $152.5k

Mmc,-LLC-

Lendistry is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, or membership in any other group protected by federal, state, or local law.If you need assistance or accommodation due to a disability, you may contact us at View email address on click.appcast.io does not accept unsolicited resumes from recruiters, employment agencies, or staffing firms. To conduct business with Lendistry, a Master Services Agreement (MSA) must be executed and confirmed prior to submitting any information relating to a potential candidate. Without a signed MSA, Lendistry shall not be responsible to any individual or entity for any payment relating to any form of fee or compensation.And, in the event that a resume or candidate is submitted by a recruiter, an employment agency, or a staffing firm without a fully executed MSA, Lendistry has the unrestricted right to pursue and hire any of those candidate(s) without any legal or financial responsibility to the recruiter, agency, and/or firm.A Day in the LifeThe Data Privacy Manager will lead the administration of the enterprise privacy program across Lendistry’s and affiliated and subsidiary entities. Reporting to the VP, Enterprise Security, this role is the organization’s technical data privacy subject matter expert, translating regulatory requirements into concrete technical controls and auditable processes.You will own the governance, technical, and operational aspects of Lendistry’s privacy program, spanning regulatory obligations under CCPA/CPRA, GLBA, SBA program requirements, state lending and consumer finance law, and evolving state privacy statutes, through day-to-day privacy operations, data subject rights handling, vendor privacy diligence, and privacy-by-design embedded in product development and AI/ML pipelines.You will partner closely with Security, Legal, Compliance, Product, Engineering, and every business unit and process that collects, processes, or shares personal information, serving as the primary driver of technical implementation of compliance obligations across the organization.Lendistry: Who We AreWe’re proud to be the nation’s largest minority-led, tech-savvy lender for small businesses and commercial real estate. As a certified Community Development Financial Institution (CDFI) and Community Development Entity (CDE), our mission is all about creating economic opportunities and fueling growth for small business owners and their communities. Join us as we pave the way with innovative financing and financial education!What You’ll Be DoingData Privacy & ProtectionServe as the Data Privacy subject matter expert for the organization.Design, implement, and manage solutions to protect personal data, embedding “privacy by design” into the software development lifecycle, product architecture, and AI/ML privacy integration.Act as a bridge between Compliance, Legal, and Engineering teams to translate privacy policy and regulatory requirements into (i) actionable requirements such as data minimization, encryption, tokenization, data masking, anonymization, and access controls, and (ii) clearly defined, auditable controls.Maintain and continuously update enterprise data flow diagrams and data inventories to map the lifecycle of personal information from ingestion to deletion.Lead and document annual privacy risk assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).Manage first-line-of-defense compliance with the technical requirements of applicable US state privacy laws (CCPA/CPRA, GLBA Safeguards Rule, and the growing patchwork of state statutes).Support incident response activities related to data privacy, including breach assessment, documentation, and regulatory support, in partnership with the Security and Legal.Privacy Strategy & Program OwnershipOwn the governance, technical, and operational aspects of the enterprise privacy program across Lendistry and all subsidiary entities, working cross-departmentally with Legal, Compliance, and Engineering to set privacy strategy.Serve as Lendistry’s point of contact for Legal and Compliance on privacy matters involving regulators, banking partners, auditors, and consumers.Set the privacy roadmap, including annual program priorities, investment requests, and measurable objectives tied to business and regulatory risk.Report regularly to VP, Security and executive leadership on privacy posture, material risks, regulatory developments, incidents, and program maturity.Privacy by Design & AI PrivacyEmbed privacy by design in the product development lifecycle, reviewing new features, data flows, retention changes, and vendor integrations before they ship.Partner with the AI team to set privacy guardrails on Lendistry’s AI systems, including data minimization, PII redaction before inference, model training data governance, and consumer disclosure for automated decisioning.Contribute to Lendistry’s responsible AI posture alongside Legal, Compliance, Security, and the AI team, with attention to fair lending, consumer disclosures for AI-driven decisions, and alignment with the NIST AI Risk Management Framework.Third-Party & Vendor RiskSupport third-party risk assessments with a focus on data handling, privacy, and regulatory exposure.Review vendor security and privacy documentation (SOC reports, SIGs, DPAs).Maintain and update the data inventory and data flow diagrams to reflect new tools or changes in the use case of existing tools, ensuring the vendor data map accurately tracks who receives Lendistry personal data, for what purpose, under what contractual protections, and with what track record.Track controls and remediation items and ensure vendors meet contractual and regulatory obligations.Training & CultureWork with Compliance and Training and Development teams to administer privacy training, including role-based training for engineering, credit, servicing, marketing, and customer-facing teams, plus executive-level education.Build a privacy-aware culture where data questions prompt conversation rather than workarounds.Serve as a credible, accessible partner to every business unit that handles personal information.Cross-Functional CollaborationWork closely with Security, Engineering, Product, Legal, Compliance, and Operations teams.Provide practical guidance that balances compliance, risk reduction, and business velocity.Assist with regulator, auditor, and customer due-diligence inquiries.AI Governance & Responsible UseLendistry expects its AI privacy team to be among the most thoughtful users of AI tools in the company. This role will collaborate with Legal, Compliance, AI and Engineering leadership to set AI use standards and strategy for privacy operationsStay current on AI capabilities and limitations as they relate to privacy operationsAssist the Legal, Compliance and AI teams in shaping the policies, training, and controls that govern AI use across the organizationYour Areas of Knowledge and ExpertiseCore Experience5+ years in privacy, data protection, or a closely adjacent field, with a clear pattern of growing program ownership and regulatory accountability.Hands-on experience supporting regulatory and compliance programs, including SOC 2 and GLBA Safeguards Rule, along with familiarity with U.S. state privacy laws (CA, CO, VA, CT, UT, TX, OR, MT, NJ, TN, IA, IN, DE, NE, NH, MD, MN) and global frameworks such as GDPR, PIPEDA, LGPD, or DPDPA.Demonstrated ability to perform privacy and security risk assessments — PIAs, DPIAs, and data security risk assessments — with strong documentation and evidence-management practices.Hands-on experience developing and maintaining data inventories, data maps, and data flow diagrams to support privacy compliance and regulatory obligations.Deep working knowledge of CCPA/CPRA, including consumer rights, sensitive personal information, service provider vs. third-party distinctions, opt-out signals, and CPPA enforcement expectations.Deep working knowledge of GLBA (Privacy Rule and Safeguards Rule) and how GLBA interacts with state privacy laws for financial institutions.Technical & Program SkillsUnderstanding of privacy engineering and secure system design, including familiarity with privacy-enhancing technologies such as differential privacy, federated learning, and secure multi-party computation (particularly in AI/ML pipelines).Working knowledge of data mapping and automation tools used to manage data subject rights requests and privacy operations workflows (e.g., OneTrust, Archer, TrustArc, Transcend, Osano, or equivalent).Experience embedding privacy into product development — reviewing features, data flows, and vendor integrations at the point of design rather than at launch.Experience overseeing privacy for AI or automated decisioning systems — data minimization, training data governance, consumer disclosure, and fair lending intersections.Strong analytical, organizational, and documentation skills, with the ability to manage multiple compliance initiatives independently and communicate effectively across technical and business stakeholders.Required CertificationsCIPT or CDPSE required. CIPM and CISSP preferred.Preferred QualificationsCIPP/US, CIPP/E, CIPM, CIPT, or FIP privacy certifications.Experience in SBA lending, CDFI operations, or other federally regulated financial institutions.Experience with state lending examinations, CFPB matters, or other consumer-protection regulator engagement.Experience with the NIST Privacy Framework and NIST AI Risk Management Framework.Experience building privacy programs across multiple legal entities or operating subsidiaries.Experience with cross-border operations.Why You'll Love Working Here:Comprehensive Medical, Dental, and Vision InsuranceGenerous Paid Time OffBirthday Day Off12 Paid Company Holidays401(k) MatchFSA and HSAPaid Life InsurancePaid Disability InsurancePet InsuranceEmployee Assistance Program (EAP)Professional Development CoursesIn Office Provided Snacks and DrinksGym Facilities (LA & Tustin/CEC Offices)In Office Engagement ActivitiesCompensation RangeThe US base salary range for this full-time position is $118,500 - $152,500 annually.Our salary ranges are determined by role, level, and location.The range displayed on each job posting reflects the minimum and maximum base salary for new hires for the position across all US locations. Within the range, individual pay is determined by multiple factors like job-related skills, experience, and state of residence. Your recruiter can share more about the specific salary range during the interview process.Please note that the compensation details listed in US role postings reflect the base salary only, and do not include any variable compensation elements.Physical RequirementsThis is a stationary position that requires frequent sitting (approximately 95%), repetitive wrist motions, grasping, speaking, listening, close vision, and the ability to adjust focus. It also may require occasional standing, lifting, carrying of 20lbs or less, walking, kneeling, bending/stooping, twisting, pulling/pushing, and reaching above the shoulder. Employees in this position must be physically able to efficiently perform the essential functions of the position.ACKNOWLEDGEMENTB.S.D. Capital, Inc. dba Lendistry is an equal employment opportunity employer committed to providing its employees, applicants and other covered persons with equal opportunities without regard to race, color, age (40 or older), religious creed (including religious belief, practice or dress and grooming practices), national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender (including pregnancy, childbirth or medical condition related to pregnancy or childbirth), gender expression, gender identity, sexual orientation, military or veteran status (including past, current or prospective service), or any other characteristic protected under applicable federal, state or local law. #J-18808-Ljbffr

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Data Privacy Manager in Tustin, CA vacancy
  • $130k

     ...IT Security Manager - Bilingual (Korean/English) Contract Benefits Medical Insurance Vision Insurance 401(k) Paid Sick hours The IT Security Manager is responsible for supporting the planning, implementation, and management of the organization's IT security infrastructure... 
    Suggested
    Contract work

    Jobr

    Irvine, CA
    2 days ago
  •  ...years of experience in a SOC or similar security environment. Expertise with SIEM, EDR, CSPM tools; strong skills in SQL/KQL/Cypher for data analysis. Proven ability to lead complex investigations and coordinate across technical and business stakeholders. Solid... 
    Suggested
    Contract work

    Insight Global

    Irvine, CA
    3 days ago
  • $102.17k

     ...for you! Trinnex is a visionary company that is transforming the way water resources are managed and protected. By combining cutting‑edge digital technologies, such as sensor/IoT data, models, geospatial data, and AI/machine learning, we create innovative, smart, and... 
    Suggested
    H1b

    CDM Smith

    Irvine, CA
    2 days ago
  •  ...Full Time Job Description: • 3-5 years of experience in data engineering or analytics roles. • Strong proficiency in...  ....g., SIEM, CSPM, vulnerability scanners). • Knowledge of data privacy and compliance standards (e.g., GDPR, SOC 2). • Experience with... 
    Suggested
    Full time
    Immediate start
    Relocation

    3B Staffing LLC

    Irvine, CA
    4 days ago
  • $130k - $150k

     ...To: VP, Cyber Security and Infrastructure FLSA Status: Exempt Management: No Salary Range: $130,000 - $150,000/yr Location: On-site in Santa...  ...action Operate security awareness phishing simulations Support data loss prevention and data security posture monitoring Support... 
    Suggested
    Work experience placement
    Work at office

    HomeXpress Mortgage Corp

    Santa Ana, CA
    2 days ago
  •  ...Responsibilities: • Design and implement secure configurations for AWS services (e.g., IAM, S3, EC2, RDS, Lambda, etc.). • Deploy and manage CSPM tools to monitor and remediate misconfigurations. • Collaborate with DevOps and engineering teams to integrate security into... 
    Full time

    JConnect Infotech

    Irvine, CA
    8 hours ago
  •  ...and enterprise identity systems. Key Responsibilities Administer, configure, and maintain Palo Alto Networks technologies Manage firewall policies, network segmentation, VPN connectivity, secure remote access, and endpoint security controls Monitor network... 
    Remote work

    Design West Technologies, Inc.

    Tustin, CA
    10 days ago
  • $80k - $120k

     ...two or more years' experience supporting an IT Enterprise environment in a Cyber, system administration, network engineering or management capacity. Additional years of experience accepted in lieu of degree. Candidate should possess a solid understanding of OSI and TCP... 

    SAIC

    Anaheim, CA
    2 days ago
  • $146k - $194k

     ...operating system that turns thousands of data streams into a realtime, 3D command and control...  ...operations. Information Systems Security Managers are in charge of directly supporting...  ...process. To view Anduril’s candidate data privacy policy, please visit #J-18808-Ljbffr... 
    Full time
    Contract work
    Work experience placement
    Relocation package

    Dormont Manufacturing Company

    Costa Mesa, CA
    3 days ago
  •  ...findings, remediation status, and overall security posture. Evaluate data from security monitoring tools, vulnerability scanners, and...  ..., VPNs, and wireless security. Experience with vulnerability management, security monitoring, and incident response. Knowledge of network... 

    Veriipro

    Anaheim, CA
    3 days ago
  • Osi Digital Inc is seeking a skilled Network Engineer to work onsite in Fountain Valley, CA. The ideal candidate will have extensive experience in network and security design principles, with a focus on LAN and WAN deployments in complex environments. The role requires ...

    Osi Digital Inc

    Fountain Valley, CA
    5 days ago
  •  ...program plan—maintaining tasks, owners, dependencies, and milestone dates with rigorous tracking and proactive escalation of blockers. Manage the junior GRC contractor: assign work, review deliverables, provide structured feedback, and ensure quality and consistency across... 
    Contract work
    For contractors

    Planet Pharma

    Aliso Viejo, CA
    3 days ago
  • $80k - $120k

    Saic is seeking a Cybersecurity Analyst for its team in Anaheim, California. This hybrid position will involve monitoring and securing clients' computing systems, leading remediation efforts for security incidents, and evaluating the current security stance. Candidates ...

    Saic

    Anaheim, CA
    3 days ago
  • Dormont Manufacturing Co is seeking a Staff Electrical Engineer located in Costa Mesa, CA. You will focus on full-cycle PCB design, including schematic design and integration with systems. The ideal candidate will possess at least 12 years experience in hardware product...

    Dormont Manufacturing Co

    Costa Mesa, CA
    3 days ago
  •  ...Administrator to oversee the organization's network infrastructure and systems. This full-time position includes responsibilities such as managing daily operations, monitoring system performance, and ensuring security and high availability across environments. The ideal... 
    Full time

    Best Choice Products

    Newport Beach, CA
    4 days ago
  • $150k - $200k

     ...policies, standards, and enforcement mechanisms based on security operation principles such as least privilege and firewall policy management. Collaborate closely with infrastructure, architecture, engineering, and operations teams to embed security capabilities into... 
    Local area
    Worldwide

    TP-Link Systems Inc.

    Irvine, CA
    1 day ago
  •  ...Engineer to support the infrastructure for corporate and retail environments. This includes maintaining Microsoft Windows servers, managing Active Directory, and assisting with cloud resources like AWS and O365. With responsibilities ranging from vulnerability... 

    FashionUnited

    Anaheim, CA
    4 days ago
  • $130k - $168k

     ...background in Java development, support and configuration of secrets management solutions (HashiCorp Vault preferred), cloud technologies (AWS,...  ...and maintain HashiCorp Vault for secrets management and secure data storage. Collaborate with cross-functional teams to integrate... 
    Work experience placement

    LGBT Great

    Newport Beach, CA
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Data Privacy Manager. Be the first to apply!