E
Posted 13 hours ago
Head of Compliance & Privacy
ePayPolicyHead of Compliance & Privacy
Perks & benefits
Education AllowanceCommissionHealth InsurancePaid Leave
Requirements
5 years compliance experience in FinTech/Payments, PCI-DSS audit leadership experience, Data privacy program management (GLBA, CCPA, PIPEDA), Knowledge of NACHA and AML protocols
Skills
PCI DSSFintechData privacy
About the role
About the Company
Founded in 2014, ePayPolicy helps over 10,000 insurance companies modernize their payment collection through secure ACH and credit card tools. Based in Austin, TX, the company has grown over 300% in the last three years and provides an integrated suite of features including point-of-sale financing and check reconciliation.
Responsibilities
- Maintain and audit internal frameworks to ensure alignment with NACHA Operating Rules
- Monitor compliance with Visa, Mastercard, Discover, and American Express rules
- Track state-by-state money transmission laws and FinCEN requirements
- Serve as the primary coordinator for annual AML audits
- Manage the annual PCI-DSS Level 1 certification and act as the liaison with external QSAs
- Build and scale the data privacy compliance framework (GLBA, CCPA/CPRA, PIPEDA)
- Conduct data inventory mapping and Privacy Impact Assessments (PIAs)
- Collaborate with IT and Engineering on compliance control testing and vulnerability scans
- Perform Third-Party Risk Management (TPRM) by reviewing vendor SOC reports
- Draft internal policies, Incident Response Plans, and Business Continuity policies
- Provide compliance guidance to Product, Engineering, and Sales teams
Requirements
- 5 years of dedicated compliance experience in payments, FinTech, InsurTech, or PayFac
- Hands-on experience leading PCI-DSS compliance audits (Level 1 or 2)
- Practical experience managing data privacy programs (GLBA, CCPA/CPRA, or PIPEDA)
- Deep understanding of NACHA Operating Rules, card network regulations, and BSA/AML protocols
- Strong ability to translate regulatory concepts for non-legal stakeholders
Preferred Qualifications
- Professional certifications such as CIPP/US, CIPP/C, CAMS, or CISA
- Experience with US-Canada cross-border payment compliance
- Experience integrating compliance tooling into GRC platforms or Salesforce
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeHead of Compliance & Privacy
ePayPolicy · Austin
