Blend helps lenders maximize their digital agility. Our digital lending platform is used by Wells Fargo, U.S. Bank, and other leading financial institutions to increase customer acquisition, improve productivity, and accelerate the delivery of any banking product across every channel. We process more than $3.5 billion in mortgages and consumer loans daily, helping millions of consumers get into homes and gain access to the capital they need to lead better lives.
As a Privacy Analyst, you will lead privacy program initiatives within the information security team at Blend, and collaborate heavily with Legal, Product and Engineering to improve and maintain privacy-related technology and processes. You will analyze sensitive data storage and transmission both within the Blend platform and with connected third parties. You will ensure that Blend complies with all applicable regulatory requirements regarding privacy, can adequately respond to requests from Blend customers, and manages third-party and customer relationships to prioritize data protection.
Your work will enable the company to continue pushing into new parts of the consumer lending industry while making sure that we keep highly sensitive financial information safe. You will contribute to the overall safety and security of consumer’s personal information, and you’ll ensure that Blend products and services are compliant by design.
How you'll contribute
- Identify privacy issues in our processes, technologies, and data protection approaches, then recommend projects to address the privacy concerns you’ve identified
- Work with our Legal Team to create privacy policies, standards and procedures both internal and external to Blend
- Communicate and evangelize our privacy tools and solutions both internal and externally
- Manage privacy impact assessments and perform reviews of operational processes, new data ingestions and evolving use cases for data analytics
- Design and deploy detective controls for identification of privacy issues
- Build scalable processes for responding to data subject rights requests that account for the growth of the business
- Support audit activities and help the security compliance team with operational responsibilities and answering questions from coworkers, customers and third-parties
Who you are
- Previous experience in a security-related role
- CIPP, CIPM, CIPT or similar certification
- Familiar with CCPA and GDPR requirements and their applicability to Blend’s business
- Proven understanding of privacy fundamentals, regulations and processes
- Experience utilizing data discovery and mapping technologies
- Demonstrated ability to listen, learn and ask thoughtful questions that help surface risk
- Aptitude for working with cloud-based technology and tools (AWS, GitHub, etc.)
- Understanding of cloud security policy and control frameworks (ISO 27001, SOC 2, PCI-DSS, NIST)
- Proficiency in a programming language (we use Typescript, Golang, and Python)
- Working knowledge of Unix computing tools and data querying languages (Linux commands, SQL)
- Experience within fintech or the financial services industry, and familiarity with GLBA requirements.
Benefits and Perks
- Meaningful equity and a 401(k) plan
- Comprehensive health benefits
- Wellness benefits covering a variety of wellness activities, gym memberships, fitness classes and more
- Daily meal stipend for non-regularly remote employees during COVID-19 (and lunch, dinner, snacks, and Pizza Fridays provided in offices outside of COVID-19)
- Diversity and inclusion training
- Weekly mindfulness meditation classWeekly remote company all-hands 4 months of paid parental or personal leave
- Flexible work schedule, with open vacation policy and companywide mental health days during COVID-19
- Work from home office set up stipend and internet stipend during COVID-19