Data Privacy Manager

Lendistry is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, or membership in any other group protected by federal, state, or local law.

If you need assistance or accommodation due to a disability, you may contact us at

Lendistry does not accept unsolicited resumes from recruiters, employment agencies, or staffing firms. To conduct business with Lendistry, a Master Services Agreement (MSA) must be executed and confirmed prior to submitting any information relating to a potential candidate. Without a signed MSA, Lendistry shall not be responsible to any individual or entity for any payment relating to any form of fee or compensation.

And, in the event that a resume or candidate is submitted by a recruiter, an employment agency, or a staffing firm without a fully executed MSA, Lendistry has the unrestricted right to pursue and hire any of those candidate(s) without any legal or financial responsibility to the recruiter, agency, and/or firm.

The Data Privacy Manager will lead the enterprise privacy program across Lendistry’s and affiliated and subsidiary entities. Reporting to the VP, Enterprise Security, this role is the organization’s technical data privacy subject matter expert, translating regulatory requirements into concrete technical controls and auditable processes.

You will own the governance, technical, and operational aspects of Lendistry’s privacy program, spanning regulatory obligations under CCPA/CPRA, GLBA, SBA program requirements, state lending and consumer finance law, and evolving state privacy statutes, through day-to-day privacy operations, data subject rights handling, vendor privacy diligence, and privacy-by-design embedded in product development and AI/ML pipelines.

You will partner closely with Security, Legal, Compliance, Product, Engineering, and every business unit and process that collects, processes, or shares personal information, serving as the primary driver of technical implementation of compliance obligations across the organization.

We’re proud to be the nation’s largest minority-led, tech-savvy lender for small businesses and commercial real estate. As a certified Community Development Financial Institution (CDFI) and Community Development Entity (CDE), our mission is all about creating economic opportunities and fueling growth for small business owners and their communities. Join us as we pave the way with innovative financing and financial education!

• Serve as the Data Privacy subject matter expert for the organization.
• Design, implement, and manage solutions to protect personal data, embedding “privacy by design” into the software development lifecycle, product architecture, and AI/ML privacy integration.
• Act as a bridge between Compliance, Legal, and Engineering teams to translate privacy policy and regulatory requirements into (i) actionable requirements such as data minimization, encryption, tokenization, data masking, anonymization, and access controls, and (ii) clearly defined, auditable controls.
• Maintain and continuously update enterprise data flow diagrams and data inventories to map the lifecycle of personal information from ingestion to deletion.
• Lead and document annual privacy risk assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Manage first-line-of-defense compliance with the technical requirements of applicable US state privacy laws (CCPA/CPRA, GLBA Safeguards Rule, and the growing patchwork of state statutes).
• Support incident response activities related to data privacy, including breach assessment, documentation, and regulatory support, in partnership with the Security and Legal.

• Own the governance, technical, and operational aspects of the enterprise privacy program across Lendistry and all subsidiary entities, working cross-departmentally…