Head of Compliance & Privacy

· Remote

Location

Remote

Type

Full Time

Job Description

ePayPolicyJobs
Head of Compliance & Privacy

Head of Compliance & Privacy

Posted Yesterday
Be an Early Applicant
Austin TX USA
Hybrid
Senior level
Fintech • Insurance • Payments • Software
ePayPolicy builds intuitive modern tools to simplify payments for the entire insurance industry.
The Role
Lead and operationalize payments regulatory security compliance and data privacy programs. Manage PCI-DSS Level 1 certification NACHA and card network compliance AML/FinCEN coordination privacy frameworks (GLBA CCPA/CPRA PIPEDA) vendor risk audits policy drafting and cross-functional advisory for Product Engineering and Sales.
Summary Generated by Built In

Every day ePayPolicy helps over 10000 insurance companies speed up incoming and outgoing payments. By helping them move from manual outdated forms of payment collection to modern payment tools we help their companies work faster and more efficiently. (Check out our almost 5-star customer reviews.)

How do we do it? With powerful payment tools that just work. Our secure online ACH and credit card payment page is the core product for many of our companies. But we also provide an integrated suite of helpful features for insurance companies of all sizes including point-of-sale financing payables network tools and check reconciliation all within a single dashboard.

Our expert live support team helps deliver exceptional care every day with an industry-leading 97% customer retention rate. Our customers love us. We love them.

Founded in 2014 our growing team is based in Austin TX and has clients in all 50 US states. We’ve grown over 300% in the last three years - with big plans for the future.

Overview

We are seeking a highly motivated hands-on Head of Compliance & Privacy to lead scale and operationalize our payments regulatory technical compliance and data privacy programs. Reporting directly to the Sr. Director of Legal & Compliance you will own the day-to-day operations of our compliance and privacy frameworks in a fast-paced fintech/insurtech environment.

You are the ideal candidate if you are deeply knowledgeable about the nuances of payment processing (specifically ACH and credit card) possess a proven track record managing PCI-DSS audits understand the strict data privacy mandates governing financial and consumer data and enjoy turning complex regulatory requirements into practical scalable business workflows.

KEY RESPONSIBILITIES

1. Payments & Regulatory Compliance Oversight

  • ACH & NACHA Operations: Maintain update and audit internal frameworks to ensure 100% alignment with NACHA Operating Rules (including Phase 2 monitoring and compliance).

  • Card Network & PayFac Compliance: Monitor and enforce compliance with Visa Mastercard Discover and American Express rules with a particular focus on merchant surcharge regulations and state-level limits.

  • Licensing & Regulatory Monitoring: Track state-by-state money transmission laws FinCEN requirements and coordinate required regulatory filings reports and disclosures.

  • AML Compliance & Audit Coordination: Serve as the primary point of coordination for annual AML audits managing timelines and cross-functional responses in close partnership with the Payment Operations and Risk teams.

2. Security Compliance PCI-DSS & Data Privacy Ownership

  • PCI-DSS Level 1 Maintenance: Serve as the internal program manager for our annual PCI-DSS Level 1 certification. Act as the primary liaison with our external Qualified Security Assessor (QSA).

  • Privacy Program Management: Build maintain and scale ePayPolicy's data privacy compliance framework. Ensure strict compliance with applicable US federal laws (GLBA Regulation E/EFTA) state-level privacy mandates (such as CCPA/CPRA and state insurance laws) and Canadian privacy legislation (PIPEDA).

  • Data Mapping & Impact Assessments: Conduct regular data inventory mapping lead Privacy Impact Assessments (PIAs) for new system integrations and manage consumer privacy rights response workflows (DSARs).

  • Audit Readiness & GRC: Work closely with our internal IT Security (InfoSec) and Engineering teams to manage ongoing compliance control testing penetration testing schedules and vulnerability scans.

  • Third-Party Risk Management (TPRM): Collaborate on the annual assessment calendar for vendors reviewing vendor SOC reports vendor security profiles and privacy practices to evaluate third-party data sharing risks.

3. Policy Drafting Procurement & Business Enablement

  • Contractual & Procurement Reviews: Review inbound procurement requests from a compliance and contractual perspective and update client-facing compliance terms including Data Processing Agreements (DPAs) and Proprietary Information Agreements (PIAs).

  • Internal Policies: Draft update and manage company-wide compliance manuals Incident Response Plans Business Continuity policies and external-facing Privacy Policies.

  • Cross-Functional Advisory: Provide practical high-judgment compliance and privacy guidance to Product Engineering and Sales teams during the development of new products regional expansions (such as Canadian setup) and third-party integrations (Salesforce DocuSign etc.).

REQUIRED QUALIFICATIONS

  • Experience: 5-7 years of professional legal experience plus 2-3 years of dedicated compliance experience within the payments FinTech InsurTech or Payment Facilitator (PayFac) space.

  • Technical Compliance & PCI-DSS: Direct hands-on experience leading a company through a PCI-DSS compliance audit (ideally Level 1 or Level 2) and managing relationships with external QSAs.

  • Data Privacy Expertise: Practical experience implementing and managing data privacy programs under GLBA CCPA/CPRA and/or PIPEDA within a financial services or cloud software context.

  • Regulatory Knowledge: Deep understanding of NACHA Operating Rules card network operating regulations FinCEN compliance and BSA/AML protocols.

  • Strategic Thinker Practical Executor: Strong execution skills; you are comfortable rolling up your sleeves to draft policies map data flows audit logs and test controls yourself.

  • Communication Skills: Excellent written and verbal communication skills. Ability to translate dense regulatory and privacy concepts into digestible insights for non-legal stakeholders.

  • Adaptable Mindset: An "Optimistic Grit" and "No Ego Amigo" attitude thriving in a high-growth fast-paced environment where priorities dynamically evolve.

  • Education: Juris Doctor (J.D.) degree from an accredited law school active membership in a State Bar and license to practice law in good standing.

PREFERRED QUALIFICATIONS

  • Professional privacy or compliance certifications (e.g. CIPP/US CIPP/C CAMS CISA or equivalent) preferred.

  • Experience with cross-border payment compliance and international privacy rules (specifically US-Canada payment operations) is a major asset.

  • Experience integrating compliance tooling into GRC platforms Salesforce or client-onboarding workflows.


Why ePayPolicy

  • Competitive salary

  • Comprehensive benefits package with employer-paid basic life and disability premiums

  • 401K

  • Flexible Paid Time Off Policy (FTO)

  • Company-sponsored quarterly “ePayItForward” initiatives 

  • Supportive and inclusive company culture with a focus on work/life balance

  • Fully-stocked kitchen

  • Lunch stipend when working onsite

  • Open communication (We won’t box you in! If you have a cool idea for a product improvement or a suggestion on how to improve the customer experience let’s talk about it. We value everyone’s ideas and opinions.)

  • Huge opportunity for growth


We operate on a hybrid schedule for in-office employees. Standard schedules are three days per week in the office however the cadence and days are determined by each team and manager. 

We value diversity here at ePayPolicy and understand the importance of creating a safe and comfortable work environment encouraging individualism and authenticity in every member of our team. We strive to create an accessible and inclusive experience for all candidates. If you need an accommodation during the application or recruiting process please submit a request to our team via this Interview Accommodation form: https://forms.gle/xKppyKTSqfTUi7hz5

Skills Required

  • 5-7 years professional legal experience plus 2-3 years dedicated compliance experience in payments FinTech InsurTech or PayFac
  • Juris Doctor (J.D.) degree from an accredited law school and active State Bar membership in good standing
  • Direct hands-on experience leading PCI-DSS compliance audits (Level 1 or Level 2) and managing relationships with external QSAs
  • Practical experience implementing and managing data privacy programs under GLBA CCPA/CPRA and/or PIPEDA
  • Deep knowledge of NACHA Operating Rules card network operating regulations FinCEN compliance and BSA/AML protocols
  • Ability to draft policies perform data mapping conduct PIAs manage DSAR workflows and run compliance control testing
  • Strong written and verbal communication skills with ability to advise Product Engineering and Sales teams
  • Professional privacy or compliance certifications (CIPP/US CIPP/C CAMS CISA or equivalent)
  • Experience with cross-border US-Canada payment compliance and international privacy rules
  • Experience integrating compliance tooling into GRC platforms Salesforce or client-onboarding workflows

What the Team is Saying

Evy
Andrew
Omar
Roger
Jorge
Haley
Gopal
Kim
Christian
Divyesh
Juanita
Tyler
Robin
Koula
Jen
Sheena
Melanie
Matthew
Naresh
Zak
Deanna
Isaac
Hersson
Sushma
Alex
Navar

ePayPolicy Compensation & Benefits Highlights

  • Leave & Time Off BreadthFlexible/unlimited PTO paid holidays sick leave bereavement and paid volunteer time are publicly listed. A hybrid work model and flexible schedules complement the time-off breadth.
  • Parental & Family SupportGenerous parental leave a return-to-work program family medical leave childcare benefits and an onsite Mother’s Room are highlighted. Company-sponsored family events further reinforce family support.
  • Strong & Reliable IncentivesPerformance bonuses are part of the package and incentive structures in sales roles are described as offering meaningful upside when attainment is strong. Feedback suggests variable compensation can materially enhance total rewards for certain segments.

ePayPolicy Insights

Am I A Good Fit?
beta
Expert contributor network
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Austin TX
155 Employees
Year Founded: 2014

What We Do

ePayPolicy offers easier payment tools built just for insurance. ePayPolicy's products bring insurance payments up to speed for agencies carriers MGAs and PFCs with secure online payment pages automated check processing accounting reconciliation and more. 11000+ insurance companies trust ePayPolicy and their expert support team to handle their payments every day.

Why Work With Us

ePayPolicy is the only payment platform built by insurance pros for insurance pros. We’re a "unicorn" culture where autonomy meets impact. Our team thrives on "No Ego Amigo" and genuine collaboration. If you want your ideas supported and your work to make a tangible difference in a supportive innovative environment you belong here.

Gallery

ePayPolicy Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Our hybrid approach captures the best of both worlds by providing flexibility with the chance to connect face to face & feel part of something larger.

Typical time on-site: Flexible
HQAustin TX
The office sits in the shadow of the Pennybacker bridge with direct access to and amazing views of Lake Austin.

Similar Jobs

ePayPolicy

Account Manager

Fintech • Insurance • Payments • Software
Hybrid
Austin TX USA
155 Employees

ePayPolicy

Production Support Manager (Contract)

Fintech • Insurance • Payments • Software
Hybrid
Austin TX USA
155 Employees
70-80 Hourly

ePayPolicy

Enterprise Sales Director

Fintech • Insurance • Payments • Software
Hybrid
Austin TX USA
155 Employees

ePayPolicy

Product Manager

Fintech • Insurance • Payments • Software
Hybrid
Austin TX USA
155 Employees
Apply Now

Date Posted

06/26/2026

Views

0

Back to Job Listings Add To Job List Company Profile View Company Reviews
Neutral
Subjectivity Score: 0
142,000+ Jobs Tracked
12,400+ Companies
1,930 Categories