If you have a bank account or a credit card, chances are good that you’ve seen our platform in action. By running the cash-back rewards programs for Chase, Bank of America, Wells Fargo and other financial institutions, we place targeted, relevant, measurable ads in front of more than 150 million U.S. consumers – more than Twitter, Pinterest, and Snapchat.
At Cardlytics (NASDAQ: CDLX), we see one in every two card swipes across the U.S., covering $3.3T in purchases. This puts us in a unique position to help marketers predict consumer shopping behavior based on actual purchase data. We then use that data to reach bank customers with offers they love, which drives measurable, incremental purchases for our advertisers.
About the Role
Cardlytics is seeking a Compliance Specialist to join the Legal & Compliance team and help manage internal compliance programs for the organization. The Compliance Specialist will add value and improve overall operations in an advisory role by bringing a systematic approach to our risk management, control and governance processes. An understanding of IT and business process controls will lead to a successful role in improving the Cardlytics’ compliance program. You'll have a varied project list including privacy regulations (e.g., PCI, GDPR, CCPA), governance (policy and process advisory), SOC project management, and overall control advice and high-level monitoring.
- Collaborate with internal stakeholders to refine policies, processes, and procedures including evaluating adequacy of internal process and IT controls
- Conduct Enterprise Risk Management activities including identifying and defining significant, inherent risks facing the company and developing multi-faceted approaches to monitor, assess, and communicate those risks to executives
- Support the organization in navigating risks associated with unique challenges including business transformation projects, organizational restructuring, GDPR, CCPA and the development of new partner sales channels and product offerings
- Interface with Cardlytics’ internal and external auditors to ensure that the company remains in compliance and manage follow-up on open audit issues and facilitate agreement with internal stakeholders to ensure closure
- Work in collaboration with IT Security team to drive completion of security questionnaires and audits
- A collaborator who will partner across bank and internal organizational lines to drive compliance initiatives and build partnerships to meet shared objectives
- Action oriented and can take on new opportunities and tough challenges with a sense of urgency and enthusiasm
- Curious and always go beyond what is happening to discover why
- An effective communicator with a solution-oriented mindset, and demonstrated ability to work across various levels of seniority while ensuring a balance between advising and tracking progress
- A strategic thinker who can anticipate and respond to bank and other client compliance expectations
- Always learning and actively seek out feedback as a way to improve skills and advance career
You have experience in
- 3+ years of experience in policy governance, including policy drafting, implementation, enforcement and other policy-related communications
- Data & information privacy with experience in the proper handling of data, including classification, rights, retention, disposal, and general familiarity of various privacy regulations (e.g. PCI, CCPA, GDPR)
- Auditing standards & practices and experience working with auditors and/or auditing processes and familiarity of internal/external auditing functions, including Sarbanes Oxley (SOX), SOC1, SOC2, PCI, ITGCs and third-party risk management
- General IT security practices and are knowledgeable in software development and technical management practices (e.g., SDLC concepts, agile methods, change management concepts, asset management concepts, SLAs. separation of duties)