Location: United States

Department: Community Support

Job Description:

Airbnb is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. The Community You Will Join:

As a Data Protection Operations Lead, you will join a\Cross-functional team responsible for creating standardized operational security processes and protocols to ensure proper Risk Governance and Compliance for Community Support teams in specific domains, including product, process, and engineering in accordance with company policies and contractual agreements.

The Difference You Will Make:

As a key member of our team, you’ll drive operational excellence, foster innovation, and champion security and productivity. You’ll play a pivotal role in designing and maintaining provisioning frameworks, collaborating with engineering partners to optimize permission models and tooling, and balancing speed with robust security across all processes.

Your Expertise:

• 8+ years of hands-on experience with Access and Privileged Access Management (PAM) operations in a technology-driven environment.
• Demonstrated experience in PAM operational tasks, including safe creation and management, privileged account onboarding, policy development, and least-privilege access model implementation.
• Solid background in identity and access management (IAM) principles and industry best practices.
• Experience with operationalizing Just-In-Time (JIT) privilege models, role-based access controls (RBAC), and enforcing Segregation of Duties (SoD).
• Working knowledge of authentication protocols (e.g., SAML, OAuth, OpenID Connect, Active Directory, LDAP, Kerberos).
• Familiarity with cloud-based privileged access management, including the classification and management of non-human identities (service accounts, API keys, etc.).
• Strong understanding of security standards and regulatory frameworks (NIST, ISO/IEC, FFIEC) relevant to access management.
• Strong SQL abilities, including querying and dashboard creation.
• Clear, concise communication skills, with a proven ability to collaborate across engineering, security, product, and operational teams without a technical background to drive alignment and best-in-class solutions.
• Experience in documenting policies, procedures, and reporting on PAM-related risk and compliance metrics.
• Demonstrated ownership and accountability for continuous improvement in PAM controls and risk management.
• Proactive in identifying and mitigating security risks related to privileged access.
• Comfortable working in a fast-paced environment and contributing to cross-functional or global initiatives.
• Demonstrated ability to build and coach teams.
• Familiarity with access management challenges specific to cloud-native environments (AWS, GCP, Azure).
• Involvement in developing or maintaining Privileged Access Management strategies that address both human and non-human identities, including business users, developers, and service accounts.

Your Location:

This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity.

Our Commitment To Inclusion & Belonging:

Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply. We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application, please contact us at: reasonableaccommodations@airbnb.com.

Please include your full name, the role you’re applying for and the accommodation necessary to assist you with the recruiting process. We ask that you only reach out to us if you are a candidate whose disability prevents you from being able to complete our online application.

XML job scraping automation by YubHub

Mercury is building a bank and will be connecting our modern, product-focused engineering systems to enterprise core banking systems and payment networks built in a different era, with different assumptions and different interfaces. Our Banking Integration Platform as a Service team is like NASA’s RPOD team, building our integration subsystems that are technically correct and operationally trustworthy.

This is some of the most consequential infrastructure work at Mercury. Every account opening, every monetary transaction, and every balance call will flow through the systems you build. Product teams across the company will depend on clean abstractions that hide the complexity underneath. You'll be one of the few engineers at Mercury who truly understands the full depth of our Bank Core* and all its internal and external integrations.

In this role, you will:

• Build Mercury’s integration with an FFIEC-approved bank core and the connections to payment networks.
• Design internal APIs that give product teams simple, consistent interfaces to complex external systems.
• Handle the messy realities of enterprise integrations such as retries, failures, format mismatches, and downtime.
• Build data pipelines that keep Mercury's systems in sync with our bank core.
• Own monitoring, alerting, and recovery for our most critical external connections.
• Partner with many other teams at Mercury to define clean boundaries and reliable contracts.
• Help shape the technical architecture of Mercury Bank*.

You should:

• Have direct experience with either a bank core that has achieved FFIEC-compliance (such as FIS) or that of a US-based Global Systemically Important Bank (G-SIB).
• Understand how core banking systems work: accounts, transactions, ledgers, and the data models underneath.
• Be a product-minded engineer who thinks about the developers consuming your APIs, not just the systems you’re connecting to.
• Thrive in environments where you're building something new rather than maintaining something established.
• Be comfortable with our tech stack (Haskell and TypeScript) or ready to learn.
• Have strong opinions about building reliable, maintainable systems.

The total rewards package at Mercury includes base salary, equity, and benefits.

Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using the most reliable compensation survey data for our industry. New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers.

Our target new hire base salary ranges for this role are the following:

• US employees (any location): $166,600 - $250,900
• Canadian employees (any location): CAD 157,400 - 237,100

XML job scraping automation by YubHub

Responsibilities: Serve as the designated BSA Officer for our US-regulated entities and serve as the primary point of contact for state applicable regulatory agencies, the OCC and FinCEN. Own and evolve Bridge's global AML/BSA and financial crime program, including policies, risk assessments, and governance. Oversee core operations: customer due diligence, EDD, transaction monitoring, sanctions screening, SARs/CTRs, and investigations. Partner with Product, Engineering, and Risk to ensure controls are effective, scalable, and embedded into workflows. Prepare board/executive reporting, support independent audits/exams, and guide the company through supervisory processes. Lead global financial crime strategy across entities and jurisdictions as Bridge continues to grow. Accountable for regulatory change management, including tracking, interpreting, and operationalizing OCC bulletins, FFIEC updates, and FinCEN rulemaking. Provide oversight of model risk management where transaction monitoring or sanctions screening tools involve machine learning or statistical models, consistent with OCC model risk guidance. Responsibility for ensuring staff training programs meet OCC standards , including board-level AML/BSA training and documentation of attendance/completion.

Requirements: 8+ years leadership experience in AML/BSA, including responsibility for regulator-facing financial crime programs (e.g., MLRO, BSA Officer, Deputy BSA Officer). Strong working knowledge of U.S. BSA/AML, OFAC, OCC expectations, and FFIEC requirements. Comfortable in a startup-like environment , able to move between high-level strategy and hands-on work. Strong communicator who can work cross-functionally and engage confidently with regulators.

XML job scraping automation by YubHub