Process Risk and Compliance Operations Manager

Airbnb

17h•$156,000 - $193,000•Remote

About The Position

In this role, you will own the strategic design and continuous evolution of risk frameworks, the risk registry, and executive risk narratives for Community Support. You will translate investigative findings, AI/ML model outputs, operational signals, and emerging threats into decisions and actions that protect Airbnb. A defining element of this role is your close partnership with the Insider Threat program. Together, you will form a complementary unit: you will ensure that investigative outcomes are contextualized within the broader risk ecosystem — informing risk appetite decisions, shaping detection strategy, and driving remediation accountability. You will co-own escalation frameworks, jointly challenge detection model effectiveness, and ensure that the feedback loop between investigations, risk governance, and AI-driven detection is robust and continuously improving. Beyond analysis and governance design, you will serve as the program manager for systemic root cause resolution — ensuring that when investigations, incidents, or risk assessments reveal structural vulnerabilities, those root causes do not languish in a findings log but are tracked, assigned, resourced, and driven to completion across the organization. This requires the discipline of program management combined with the authority and influence to hold cross-functional teams accountable for closing gaps. Critically, as Airbnb accelerates its use of AI and automation across operations, you will serve as a risk steward for AI systems that touch Community Support — leading governance and discussions of the implications of deploying AI in high-stakes decision-making environments. This is not a technical role; it is a role that requires you to ask the right questions of technical teams, interpret outputs with skepticism, and ensure that AI-driven processes are governed with the same rigor as human-driven ones. You will be joining a new team and have the opportunity to shape its development, taking on a growing leadership role over time. We are looking for someone with the drive to build something from nothing and push for growing excellence.

Requirements

Bachelor's degree in Business, Risk Management, Finance, Operations, or related field (advanced degree preferred), or equivalent practical experience.
10+ years of experience in risk management, compliance, governance, or operational risk — with a demonstrated track record of building and evolving risk frameworks, registries, and reporting programs (not just maintaining them).
Proven program management capability — specifically the ability to drive complex, cross-functional remediation and root cause resolution efforts from identification through verified closure.
Experience collaborating with or providing strategic oversight to investigations teams — with a strong understanding of how investigative findings translate into enterprise risk intelligence and governance action.
Demonstrated ability to evaluate and govern AI/ML systems from a risk perspective — you do not need to build models, but you must be able to critically assess model assumptions, failure modes, bias risks, and governance requirements. Experience challenging technical teams on AI outputs and driving human-in-the-loop governance is essential.
Proven ability to synthesize ambiguous, complex, and sometimes conflicting information into clear risk narratives and strategic recommendations for executive audiences.
Strong organizational influence and stakeholder management skills — with a track record of driving cross-functional alignment, navigating ambiguity, and influencing senior leaders without direct authority.
Critical thinking and intellectual curiosity — a default posture of healthy skepticism toward automated outputs, historical baselines, and consensus assumptions.
Ability to adapt and innovate, challenge the status quo, and identify new solutions while effectively balancing risk, speed, and cost.

Nice To Haves

Experience with AI risk management frameworks (e.g., NIST AI RMF, ISO 42001, EU AI Act compliance frameworks) or direct involvement in governing AI systems in operational environments.
Experience developing fraud, safety, or insider threat risk frameworks, strategies, and operational models.
Experience with contact center operations in process design and optimization, customer support strategies, and/or quality assurance.
Familiarity with GRC platforms, risk management tools, case management systems, or investigation ticketing platforms.

Responsibilities

Design and own the CS Risk Appetite Framework — define guardrails, escalation triggers, and pre-approved response actions.
Own and evolve the CS Risk Registry as a living strategic instrument.
Develop and stress-test risk assessment standards — including key risk indicators (KRIs), risk typologies, and emerging threat hypotheses.
Support the evolution of models and processes used in detection triage and investigation.
Establish ongoing governance cadences — risk review boards, quarterly risk assessments, and challenge sessions.
Collaborate closely with the Insider Threat Investigations to ensure investigative outcomes are systematically captured, contextualized, and integrated into risk governance.
Co-design escalation and review protocols for high-severity investigation findings and risk non-compliant transactions.
Participate in joint case reviews, postmortems, and incident debriefs to extract systemic insights.
Provide strategic risk context to the Investigations team.
Coordinate the feedback loop between investigations and AI-driven detection systems.
Own the end-to-end lifecycle of root cause resolution — from identification through verified remediation and closure.
Maintain and govern a centralized root cause and remediation tracker.
Distinguish between symptomatic fixes and true root cause resolution.
Drive cross-functional remediation workstreams.
Track resolution effectiveness over time.
Integrate root cause intelligence into the risk registry and risk appetite framework.
Report on root cause resolution health to senior leadership.
Craft and deliver executive-level risk narratives.
Own the reporting architecture — determine what should be measured, how it should be presented, and to whom.
Define and maintain monitoring thresholds and escalation triggers.
Translate investigative findings, root cause resolution status, and AI model performance data into actionable risk mitigation recommendations.
Drive cross-functional risk alignment.
Lead systemic risk reviews.
Champion the integration of risk thinking into operational design.
Serve as a change agent for risk culture.
Provide leadership and mentorship to more junior team members.
Design and deliver risk and compliance training.
Foster a culture of constructive challenge.