The Team
Upstart's Privacy Engineering team builds the systems, controls, and practices that help protect borrower, applicant, partner, and Upstarter data across our products and platforms. The team works across Engineering, Security, Legal, Compliance, Product, Data, and Machine Learning to embed privacy-by-design into how Upstart builds, uses, retains, and governs data.
As the Senior Manager, Privacy Engineering at Upstart, you will lead the team responsible for building scalable privacy infrastructure and technical privacy controls across Upstart's AI lending marketplace. You will set the team's roadmap, grow and support privacy engineers, and help translate privacy and regulatory requirements into durable engineering systems.
How you'll make an impact
- Lead the Privacy Engineering team's strategy, roadmap, and execution across privacy infrastructure, data governance, and privacy-by-design initiatives
- Hire, coach, and develop a team of privacy engineers while establishing clear operating rhythms, priorities, and technical standards
- Guide the design and delivery of scalable privacy controls, including data discovery, classification, access controls, audit logging, retention, deletion, lineage, encryption, and key management
- Partner with Legal, Compliance, Security, Product, Data, Machine Learning, and Infrastructure teams to translate privacy requirements into practical technical solutions
- Oversee privacy reviews, technical risk assessments, and threat modeling for new products, data flows, models, and platform capabilities
- Define metrics and communicate progress, tradeoffs, dependencies, and risks to technical and cross-functional stakeholder
Minimum Qualifications
- Bachelor's degree in Computer Science, Engineering, Mathematics, or a related field, or equivalent practical experience, and 8+ years of experience in engineering, including at least 3 years of direct people management experience
- Experience leading engineering teams responsible for production software, platform, privacy, security, or data systems
- Experience designing, building, or operating privacy, security, data governance, or data platform capabilities in production environments
- Experience translating privacy, security, compliance, or regulatory requirements into technical controls
- Experience working with cross-functional partners such as Legal, Compliance, Security, Product, Data, or Machine Learning teams
Preferred Qualifications
- Knowledge of privacy-by-design principles, data minimization, purpose limitation, consent, retention, deletion, and data subject rights
- Knowledge of privacy and data protection regulations or frameworks such as GDPR, CCPA/CPRA, GLBA, FCRA, or similar requirements
- Experience with privacy reviews, threat modeling, risk assessments, data inventories, lineage systems, or automated policy enforcement
- Experience building privacy or governance controls for machine learning, AI, financial services, lending, or other regulated data environments
- Ability to communicate technical privacy tradeoffs clearly across engineering, legal, product, security, and business audiences
Travel requirements As a digital first company, the majority of your work can be accomplished remotely. The majority of our employees can live and work anywhere in the U.S but are encouraged to to still spend high quality time in-person collaborating via regular onsites. The in-person sessions' cadence varies depending on the team and role; most teams meet once or twice per quarter for 2-4 consecutive days at a time.
#LI-REMOTE
#LI-MidSenior