Data Privacy Manager
$118.5k - $152.5kLendistry
Lendistry is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, or membership in any other group protected by federal, state, or local law. If you need assistance or accommodation due to a disability, you may contact us at View email address on click.appcast.io. Lendistry does not accept unsolicited resumes from recruiters, employment agencies, or staffing firms. To conduct business with Lendistry, a Master Services Agreement (MSA) must be executed and confirmed prior to submitting any information relating to a potential candidate. Without a signed MSA, Lendistry shall not be responsible to any individual or entity for any payment relating to any form of fee or compensation. And, in the event that a resume or candidate is submitted by a recruiter, an employment agency, or a staffing firm without a fully executed MSA, Lendistry has the unrestricted right to pursue and hire any of those candidate(s) without any legal or financial responsibility to the recruiter, agency, and/or firm. A Day in the Life The Data Privacy Manager will lead the enterprise privacy program across Lendistry’s and affiliated and subsidiary entities. Reporting to the VP, Enterprise Security, this role is the organization’s technical data privacy subject matter expert, translating regulatory requirements into concrete technical controls and auditable processes. You will own the governance, technical, and operational aspects of Lendistry’s privacy program, spanning regulatory obligations under CCPA/CPRA, GLBA, SBA program requirements, state lending and consumer finance law, and evolving state privacy statutes, through day-to-day privacy operations, data subject rights handling, vendor privacy diligence, and privacy-by-design embedded in product development and AI/ML pipelines. You will partner closely with Security, Legal, Compliance, Product, Engineering, and every business unit and process that collects, processes, or shares personal information, serving as the primary driver of technical implementation of compliance obligations across the organization. Lendistry: Who We Are We’re proud to be the nation’s largest minority-led, tech-savvy lender for small businesses and commercial real estate. As a certified Community Development Financial Institution (CDFI) and Community Development Entity (CDE), our mission is all about creating economic opportunities and fueling growth for small business owners and their communities. Join us as we pave the way with innovative financing and financial education! What You’ll Be Doing Data Privacy & Protection Serve as the Data Privacy subject matter expert for the organization. Design, implement, and manage solutions to protect personal data, embedding “privacy by design” into the software development lifecycle, product architecture, and AI/ML privacy integration. Act as a bridge between Compliance, Legal, and Engineering teams to translate privacy policy and regulatory requirements into (i) actionable requirements such as data minimization, encryption, tokenization, data masking, anonymization, and access controls, and (ii) clearly defined, auditable controls. Maintain and continuously update enterprise data flow diagrams and data inventories to map the lifecycle of personal information from ingestion to deletion. Lead and document annual privacy risk assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs). Manage first-line-of-defense compliance with the technical requirements of applicable US state privacy laws (CCPA/CPRA, GLBA Safeguards Rule, and the growing patchwork of state statutes). Support incident response activities related to data privacy, including breach assessment, documentation, and regulatory support, in partnership with the Security and Legal. Privacy Strategy & Program Ownership Own the governance, technical, and operational aspects of the enterprise privacy program across Lendistry and all subsidiary entities, working cross-departmentally with Legal, Compliance, and Engineering to set privacy strategy. Serve as Lendistry’s point of contact for Legal and Compliance on privacy matters involving regulators, banking partners, auditors, and consumers. Set the privacy roadmap, including annual program priorities, investment requests, and measurable objectives tied to business and regulatory risk. Report regularly to VP, Security and executive leadership on privacy posture, material risks, regulatory developments, incidents, and program maturity. Privacy by Design & AI Privacy Embed privacy by design in the product development lifecycle, reviewing new features, data flows, retention changes, and vendor integrations before they ship. Partner with the AI team to set privacy guardrails on Lendistry’s AI systems, including data minimization, PII redaction before inference, model training data governance, and consumer disclosure for automated decisioning. Contribute to Lendistry’s responsible AI posture alongside Legal, Compliance, Security, and the AI team, with attention to fair lending, consumer disclosures for AI-driven decisions, and alignment with the NIST AI Risk Management Framework. Third-Party & Vendor Risk Support third-party risk assessments with a focus on data handling, privacy, and regulatory exposure. Review vendor security and privacy documentation (SOC reports, SIGs, DPAs). Maintain and update the data inventory and data flow diagrams to reflect new tools or changes in the use case of existing tools, ensuring the vendor data map accurately tracks who receives Lendistry personal data, for what purpose, under what contractual protections, and with what track record. Track controls and remediation items and ensure vendors meet contractual and regulatory obligations. Training & Culture Work with Compliance and Training and Development teams to administer privacy training, including role-based training for engineering, credit, servicing, marketing, and customer-facing teams, plus executive-level education. Build a privacy-aware culture where data questions prompt conversation rather than workarounds. Serve as a credible, accessible partner to every business unit that handles personal information. Cross-Functional Collaboration Work closely with Security, Engineering, Product, Legal, Compliance, and Operations teams. Provide practical guidance that balances compliance, risk reduction, and business velocity. Assist with regulator, auditor, and customer due-diligence inquiries. AI Governance & Responsible Use Lendistry expects its AI privacy team to be among the most thoughtful users of AI tools in the company. This role will collaborate with Legal, Compliance, AI and Engineering leadership to set AI use standards and strategy for privacy operations. Stay current on AI capabilities and limitations as they relate to privacy operations. Assist the Legal, Compliance and AI teams in shaping the policies, training, and controls that govern AI use across the organization. Your Areas of Knowledge and Expertise Core Experience 5+ years in privacy, data protection, or a closely adjacent field, with a clear pattern of growing program ownership and regulatory accountability. Hands-on experience supporting regulatory and compliance programs, including SOC 2 and GLBA Safeguards Rule, along with familiarity with U.S. state privacy laws (CA, CO, VA, CT, UT, TX, OR, MT, NJ, TN, IA, IN, DE, NE, NH, MD, MN) and global frameworks such as GDPR, PIPEDA, LGPD, or DPDPA. Demonstrated ability to perform privacy and security risk assessments — PIAs, DPIAs, and data security risk assessments — with strong documentation and evidence-management practices. Hands-on experience developing and maintaining data inventories, data maps, and data flow diagrams to support privacy compliance and regulatory obligations. Deep working knowledge of CCPA/CPRA, including consumer rights, sensitive personal information, service provider vs. third-party distinctions, opt-out signals, and CPPA enforcement expectations. Deep working knowledge of GLBA (Privacy Rule and Safeguards Rule) and how GLBA interacts with state privacy laws for financial institutions. Technical & Program Skills Understanding of privacy engineering and secure system design, including familiarity with privacy-enhancing technologies such as differential privacy, federated learning, and secure multi-party computation (particularly in AI/ML pipelines). Working knowledge of data mapping and automation tools used to manage data subject rights requests and privacy operations workflows (e.g., OneTrust, Archer, TrustArc, Transcend, Osano, or equivalent). Experience embedding privacy into product development — reviewing features, data flows, and vendor integrations at the point of design rather than at launch. Experience overseeing privacy for AI or automated decisioning systems — data minimization, training data governance, consumer disclosure, and fair lending intersections. Strong analytical, organizational, and documentation skills, with the ability to manage multiple compliance initiatives independently and communicate effectively across technical and business stakeholders. Required Certifications CIPT or CDPSE required. CIPM and CISSP preferred. Preferred Qualifications CIPP/US, CIPP/E, CIPM, CIPT, or FIP privacy certifications. Experience in SBA lending, CDFI operations, or other federally regulated financial institutions. Experience with state lending examinations, CFPB matters, or other consumer-protection regulator engagement. Experience with the NIST Privacy Framework and NIST AI Risk Management Framework. Experience building privacy programs across multiple legal entities or operating subsidiaries. Experience with cross-border operations. Why You’ll Love Working Here Comprehensive Medical, Dental, and Vision Insurance Generous Paid Time Off Birthday Day Off 12 Paid Company Holidays 401(k) Match FSA and HSA Paid Life Insurance Paid Disability Insurance Pet Insurance Employee Assistance Program (EAP) Professional Development Courses In Office Provided Snacks and Drinks Gym Facilities (LA & Tustin/CEC Offices) In Office Engagement Activities Compensation Range The US base salary range for this full-time position is $118,500 - $152,500 annually. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum base salary for new hires for the position across all US locations. Within the range, individual pay is determined by multiple factors like job-related skills, experience, and state of residence. Your recruiter can share more about the specific salary range during the interview process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include any variable compensation elements. Physical Requirements This is a stationary position that requires frequent sitting (approximately 95%), repetitive wrist motions, grasping, speaking, listening, close vision, and the ability to adjust focus. It also may require occasional standing, lifting, carrying of 20lbs or less, walking, kneeling, bending/stooping, twisting, pulling/pushing, and reaching above the shoulder. Employees in this position must be physically able to efficiently perform the essential functions of the position.
ACKNOWLEDGEMENT
B.S.D. Capital, Inc. dba Lendistry is an equal employment opportunity employer committed to providing its employees, applicants and other covered persons with equal opportunities without regard to race, color, age (40 or older), religious creed (including religious belief, practice or dress and grooming practices), national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender (including pregnancy, childbirth or medical condition related to pregnancy or childbirth), gender expression, gender identity, sexual orientation, military or veteran status (including past, current or prospective service), or any other characteristic protected under applicable federal, state or local law. #J-18808-Ljbffr Lendistry- Lendistry is seeking a Data Privacy Manager to lead its enterprise privacy program and ensure compliance with complex regulations like CCPA/CPRA and GLBA. This role demands close collaboration with Security, Legal, Compliance, and Engineering teams to implement effective...Suggested
$100k - $107k
General Summary The Data Governance Officer is responsible for providing data governance/data management support to the data domains and business units. Under minimal supervision... ...please review our California Job Applicant Privacy Policy. If you need assistance with...SuggestedFull timeWork experience placementFlexible hours- ...the kind of direct access and development opportunities that larger firms rarely offer at this level. Looking for 5-7+ years in data privacy and cybersecurity. Background in technology transactions, software licensing, fintech, or healthtech is a plus. Compensation is...SuggestedWork at officeFlexible hours
$220k - $240k
Position Overview Data Privacy Litigation Associate with three to four years of experience preferred. Candidates should reside in California... ...unit. Responsibilities Conduct factual investigations, manage discovery, and prepare pleadings and motions. Take and defend...Suggested$100k - $107k
Cathay Bank is seeking a Data Governance Officer based in El Monte, California. This role involves providing data governance support, creating documentation, and producing governance dashboards. The ideal candidate should have at least 2-3 years of experience, a Bachelor...Suggested$102.17k
...for you! Trinnex is a visionary company that is transforming the way water resources are managed and protected. By combining cutting‑edge digital technologies, such as sensor/IoT data, models, geospatial data, and AI/machine learning, we create innovative, smart, and...H1b- Trinnex is looking for a Senior Cyber Security Analyst in Los Angeles to secure critical software systems supporting water utilities. The role involves advanced security monitoring, vulnerability assessments, and collaboration with engineering teams to enhance security...
$80k
...Portfolio. The Health PMO support contract provides IT program management, project management, technical management, financial... ...Authority to Operate (ATO). Coordinate and lead security and privacy activities within project teams and develop security and privacy...Permanent employmentContract workWork at officeRemote work$85k - $115k
...developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars. INFORMATION SYSTEM SECURITY MANAGER SpaceX is seeking a classified cyber assurance practitioner to drive the SpaceX classified cyber assurance program forward. The...Permanent employmentTemporary workRemote workWeekend work$95k - $105k
...functions to analyze and protect IT and OT systems, network, and data across the enterprise. The role is technical and requires an in... ...investigate Intrusion Detection System (IDS) alerts Incident management, forensic investigation, response, and reporting. Education and...Full timeLocal areaRemote work- ...remediation through to closure and ensure risk is continuously managed. Additionally, You’ll Partner with infrastructure teams to perform... ...file transfers, hardware and software configuration management, data integrity containment, and investigations on internal affairs...Remote workRelocation
- ...Koitecc Solutions is seeking a Sr Project Manager - Information Security to lead critical cybersecurity initiatives. This role involves managing complex projects, collaborating with senior leaders, and delivering on time within budget. With 8-10 years of experience required...
- Fox Rothschild is seeking a Senior Analyst to support Cybersecurity Operations in Los Angeles. This role involves improving the Firm's Cybersecurity Operations & Response program, performing vulnerability assessments, and monitoring security incidents. The ideal candidate...
- kozmetickesluzby.vecnakraska.sk - Jobboard is seeking a Cyber Triage and Forensics Incident Analyst to lead security incident responses at EY. The role involves performing forensic analysis, malware analysis, and investigating security incidents, ensuring robust incident...Flexible hours
- ...negotiate requirements, and develop integration and test plans across the satellite lifecycle. You will collaborate with program managers and engineering teams to ensure successful mission execution, participate in design reviews, and support proposals through to on‑orbit...
$198k - $248k
...business imperatives. You evangelize our industry leading solutions in Security Intelligence and Automation, XDR, Attack Surface Management, SOAR and Incident Response that establish Palo Alto Networks as a customer’s cybersecurity partner of choice. Your Impact Collaborate...Remote work$165k - $190k
Tatari is looking for an Application Security Engineer to define the security architecture for their SaaS platform. The successful candidate will work closely with engineering teams to identify vulnerabilities and build secure development tools. The role requires significant...Work at office2 days per week- ...Conduct security control implementation, validation, and assessment activities. Perform and document system audits and risk analysis. Manage and execute Continuous Monitoring (ConMon) tasks to ensure compliance throughout the system lifecycle. Support configuration...Full timeLocal areaImmediate startRemote workFlexible hours
- EY’s Cyber Triage and Forensics Analyst role sits within EY Information Security to monitor, detect, and respond to security events, supporting the organization’s cyber defense capability. The role emphasizes front‑line monitoring, real‑time log analysis, and collaboration...
- ..."Acceptable Use" standards for Artificial Intelligence (AI), automated tools, and remote work infrastructure. Approval Pipeline Management: Navigate the administrative approval process, incorporating feedback from the City Attorney, Labor Relations, and ITA Leadership...Work at officeImmediate startRemote work
$130k - $180k
...cyber assurance program against industry standards, contractual and regulatory requirements, and organizational needs. Governance - Manage and spearhead governance to interpret and drive implementation of industry standards, contractual and regulatory requirements, and...Permanent employmentTemporary workRemote workWeekend work- CNA Insurance is seeking an experienced senior underwriter to manage a highly complex book of cyber insurance risk. The role emphasizes technical expertise, pricing strategy, and leadership in a fast-paced environment with a broad scope across districts and territories...
- CNM LLP, a specialized boutique consulting firm located in Woodland Hills, is seeking IT consultants to join their team. The role involves assisting with new IT capabilities, conducting assessments, and actively pursuing career growth while working with a variety of clients...
- ...a Senior Mission Payload Engineer for National Security Programs to lead payload integration on our satellite bus platform. You’ll manage interfaces, develop test plans, and coordinate across engineering teams and customers to ensure mission success. The ideal candidate...
$130k - $180k
...technical execution -- validating that controls are in place, risks are managed, and requirements are met for both internal and customer-facing... ...assessments and audit efficiency through system integration, data utilization, and process improvement. Support third-party risk...Permanent employmentTemporary workRemote workFlexible hoursWeekend work- ...involves ensuring compliance with security standards and requires a Top Secret security clearance with SCI access. Candidates will manage security documentation, perform audits, and support diverse cybersecurity and IT tasks. Ideal applicants have 1-2 years of experience...Full time
- The Aerospace Corporation in Los Angeles seeks an experienced EM&C Program Lead to drive cybersecurity in cloud-based ground systems. You will collaborate with military and contractor teams, lead strategic engagement, and ensure robust cybersecurity policies while establishing...For contractors
- Nexlogica is seeking an IT Security Incident Response Manager in Downey, CA to oversee incident response processes. This position requires experience in incident documentation, first responder analysis, and managing business-impacting situations. Candidates should have...
- ...communications and updates are provided for incident management and root‑cause scenarios. Ability to work directly with data asset owners and business response plan owners... ...Security Manager (CISM), Certified Information Privacy Professional (CIPP), GIAC Certified Incident...
$111.04k - $145k
...alternative application process. Information Technology Security Manager- Hybrid Full Time Gardena, CA, US 5 days ago Requisition ID: 12... ...organization to protect systems, networks, and sensitive member data. You’ll work alongside executive leadership and play a key role...Full timeLocal areaMonday to FridayWeekend work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Data Privacy Manager. Be the first to apply!
- data operator Los Angeles, CA
- ntt data Los Angeles, CA
- alliance data Los Angeles, CA
- data officer Los Angeles, CA
- data intern Los Angeles, CA
- clinical data Los Angeles, CA
- master data coordinator Los Angeles, CA
- data governance Los Angeles, CA
- voice and data technician Los Angeles, CA
- sap data migration Los Angeles, CA

