Compliance Operations Specialist

Summary

Join AffiniPay as a Compliance Operations Specialist and play a key role in supporting the company's compliance and privacy operations. You will ensure adherence to regulatory frameworks and industry best practices across various products. This position involves collaborating with multiple teams to embed compliance requirements into business processes and protect customer data. Responsibilities include managing compliance obligations, overseeing risk management activities, and handling privacy-related inquiries. The ideal candidate possesses 3+ years of experience in compliance management or a related field, familiarity with relevant regulatory frameworks, and strong communication and analytical skills. AffiniPay offers a comprehensive benefits package, including fully covered medical, dental, and vision insurance, paid time off, 401k matching, bonuses, and professional development opportunities.

Requirements

• 3+ years of experience in compliance management, privacy operations, or a related regulatory role
• Familiarity with regulatory frameworks such as PCI DSS, SOC 2, HIPAA, and privacy laws like CCPA and CPRA
• Hands-on experience with compliance tools (e.g., DataGrail, Vanta) and risk management processes
• Proven ability to manage and track compliance obligations, including audit preparation and evidence collection
• Strong understanding of privacy principles and processes for handling DSARs, consent management, and data classification
• Strong knowledge of regulatory compliance frameworks and data privacy principles
• Ability to collaborate cross-functionally and communicate effectively with both technical and non-technical stakeholders
• Experience managing risk assessment processes and maintaining compliance-related documentation
• Excellent organizational skills and attention to detail, ensuring readiness for audits and regulatory requirements
• Strong problem-solving and analytical skills, with the ability to implement practical solutions

Responsibilities

• Ensure adherence to key regulatory frameworks, including PCI DSS, SOC 2, HIPAA, and privacy laws like CCPA and CPRA
• Collaborate with internal teams to prepare for and support audits, including PCI DSS, SOC 2, and other assessments
• Manage compliance obligations related to secure file transfers, customer data handling, and industry-specific guidelines (e.g., ACH for digital payments, Bar association rules for legal service products)
• Manage and respond to Data Subject Access Requests (DSARs) and other privacy-related inquiries in collaboration with Legal
• Administer privacy tools (e.g., DataGrail) to oversee consent management, data classification, and privacy workflows
• Work closely with Legal to maintain compliance with privacy laws, ensuring all contractual obligations regarding data privacy are met
• Maintain and update the Risk Register, tracking compliance risks and coordinating timely mitigation with internal teams
• Conduct regular risk assessments, including Third-Party Risk Management (TPRM) and internal evaluations
• Align risk management findings with regulatory requirements, implementing improvements to support business operations
• Serve as the primary compliance contact for Legal, Product, IT Ops, and Sales teams, ensuring alignment with compliance objectives
• Collaborate with Product and Engineering teams to embed compliance and privacy requirements into workflows, particularly during new product development cycles
• Partner with internal teams to promote a culture of compliance and awareness through training and enablement

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP)
• Certified Information Privacy Professional (CIPP)
• Payment Card Industry Professional (PCIP)
• Certified Information Systems Auditor (CISA) or equivalent

Benefits

• All employees receive fully covered medical, dental and vision coverage - Choose from our 2 available health plans based on what fits you and/or your family!
• Have some fur babies? - We offer them insurance too!
• RELAX and enjoy your time away with our flexible paid time off policy!
• We will help you plan for your future - 401K, or RRSP if in Canada, with a company match
• Competitive compensation packages that include mid-year and end-of-year bonuses and equity options for all full-time employees
• Health Wellness Program that includes nutrition consultations, mental health apps, and access to discounted memberships
• Have plans to grow your family? - Parental resources, including 16 weeks of paid time off for primary caregivers
• Professional development opportunities including mentorships, leadership programs and our AffiniPayU courses
• We believe it is important to give back with our Matching Gift Program and organized activities focused on donations, volunteerism and supporting the local communities throughout the country
• D&I initiatives provide educational opportunities regarding multicultural issues, tolerance, and celebrating diversity among our entire staff
• An incredible, in-office experience at our headquarters in Austin and San Diego including free lunch delivery, a fully stocked kitchen, and some “sweet” surprises for those afternoon pick-me-ups