Program Manager, Compliance & Risk

Compliance & Risk Program Manager

Spinwheel is revolutionizing how consumers manage and optimize debt through AI-powered tools and real-time financial data. Our platform is live, scaling fast, and backed by a strong Series A. 

We’re looking for a Compliance & Risk Program Manager to strengthen Spinwheel’s governance foundation by building the programs, systems, and feedback loops that keep us compliant, resilient, and scalable. This is a high-impact role that bridges compliance, operations, analytics, and strategy.

You’ll design and operationalize a data-driven compliance and risk framework that gives the organization visibility into control health, audit readiness, and exposure trends—helping Spinwheel move faster and safer as we grow.

This role is ideal for someone who thrives at the intersection of compliance, operations, risk analytics, and program design — your work will help ensure Spinwheel meets its regulatory and contractual obligations while enabling smarter, faster, and more transparent decision-making across teams.

What You’ll Do

1.  Design and Own the Compliance & Risk Framework

• Build and maintain Spinwheel’s integrated compliance and risk management framework—defining how operational, regulatory, and partner risks are identified, scored, and tracked.
• Maintain the risk and controls register, ensuring risks and controls have clear ownership, mitigation plans, and measurable progress.
• Partner with Compliance and Legal to translate regulatory requirements (FCRA, GLBA, SOC 2, PCI DSS, CCPA) into operational policies and controls.
• Lead periodic reviews to ensure internal policies, procedures, and control mappings remain current with business and regulatory change.

2.  Build Compliance Monitoring and Data Feedback Loops 

• Create structured feedback loops that synthesize insights from incidents, audits, consumer operations, and partner reviews.
• Identify trends and emerging risks early, translating findings into corrective actions and control enhancements.
• Translate signals into data-backed narratives that drive prioritization and roadmap decisions across Product, Engineering, and Operations.
• Work with RevOps and Engineering to instrument key metrics within internal tools to track exposure, SLA performance, and trend data.
• Use AI to classify, summarize, and detect trends across incidents, audits, logs, partner issues, and CRA signals.
• Build AI-assisted models to highlight anomalies, risk concentration, and recurring control failures.

3. Develop Reporting, Analytics, & Governance Infrastructure

• Build and maintain dashboards and reporting that visualize compliance metrics, control performance, and mitigation progress.
• Define and monitor risk metrics tied to partner experience, compliance SLAs, and business resilience.
• Deliver recurring summaries and insights for leadership and board-level visibility—connecting risk exposure to business and operational outcomes.
• Use AI to convert raw compliance data into actionable insights, themes, and executive-ready summaries.
   

4. Partner Cross-Functionally to Embed Compliance Enablement

• Partner with Product, RevOps, Engineering, Legal, and Compliance to embed compliance considerations into new initiatives, control design, and launch readiness.
• Understand how requirements and design choices may impact systems across multiple areas
• Support audit and partner assessments by ensuring risk coverage aligns with compliance and contractual expectations.
• Collaborate with cross-functional teams to surface root-cause patterns from issues and enable continuous improvement rather than reactive response.
   

5. Enable Operational Maturity & Tooling

• Own compliance tooling and automation for policy attestations, risk tracking, audit evidence, and SLA monitoring.
• Identify and implement system enhancements that improve data accuracy, reporting cadence, and time-to-insight.
• Support the rollout of compliance training, control testing routines, and issue-management workflows to mature the function.

You Might Be a Fit If You…

• Bring 6–10 years of experience in compliance program management, risk management, or audit operations in fintech or financial services.
• Are highly organized, detail-oriented with effective organizational and analytic skills
• Are fluent with compliance frameworks like SOC 1/2, PCI DSS, FCRA, GLBA, and CCPA, and can translate them into practical operational processes.
• Have built or owned risk or controls frameworks that improved process, product, or customer outcomes.
• Thrive in ambiguity—able to connect signals across data, systems, and people to uncover root causes.
• Enjoy building structure — systems, dashboards, templates — that bring clarity and scalability to complex operations.
• Communicate well across technical and business teams and can influence without direct authority.