Process Risk and Compliance Operations Manager

at Airbnb

📍 United States

USD 156,000-193,000 per year

MIDDLE

✅ Remote

Used Tools & Technologies

Machine Learning

Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value. About proficiency levels:

1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;

3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;

7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;

10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.

Leadership @ 3 Communication @ 3 Prioritization @ 3 Fraud @ 3 Reporting @ 3 Customer Support @ 3 Compliance @ 3 AI @ 3

Details

Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe.

Role overview

You will own the strategic design and continuous evolution of risk frameworks, the risk registry, and executive risk narratives for Community Support — translating investigative findings, AI/ML model outputs, operational signals, and emerging threats into decisions and actions that protect Airbnb. You will partner closely with the Insider Threat program to contextualize investigative outcomes within the broader risk ecosystem, shape detection strategy, and drive remediation accountability. This role combines program management, risk governance, and AI risk stewardship for systems that touch Community Support. It is not a technical engineering role, but requires the ability to interrogate model assumptions, interpret outputs, and ensure governed human-in-the-loop processes.

Responsibilities

Risk strategy, frameworks and AI risk governance

Design and own the Community Support (CS) Risk Appetite Framework: define guardrails, escalation triggers, and pre-approved response actions.
Own and evolve the CS Risk Registry as a living strategic instrument; challenge prioritization and risk scoring.
Develop and stress-test risk assessment standards, including key risk indicators (KRIs), risk typologies, and emerging threat hypotheses.
Support evolution of models and processes used in detection triage and investigation by interrogating model assumptions and sources of risk (without building models).
Establish governance cadences (risk review boards, quarterly risk assessments, challenge sessions).

Investigations partnership and strategic oversight

Collaborate with Insider Threat Investigations to ensure investigative outcomes are captured, contextualized, and integrated into risk governance.
Co-design escalation and review protocols for high-severity findings and risk non-compliant transactions.
Participate in joint case reviews, postmortems, and incident debriefs to extract systemic insights.
Provide strategic risk context to prioritize investigative focus areas based on risk registry intelligence and KRI trends.
Coordinate feedback between investigations and AI-driven detection systems to inform detection improvements and track model performance.

Root cause resolution program management

Own the end-to-end lifecycle of root cause resolution from identification through verified remediation and closure.
Maintain and govern a centralized root cause and remediation tracker with ownership, milestones, and visibility.
Distinguish between symptomatic fixes and true root cause resolution; escalate when organizational inertia prevents remediation.
Drive cross-functional remediation workstreams and hold owners accountable through status reviews and escalations.
Track resolution effectiveness and integrate root cause intelligence into the risk registry and risk appetite framework.
Report on root cause resolution health to senior leadership with metrics (open vs closed, time to resolution, recurrence rates).

Executive reporting and risk communication

Craft and deliver executive-level risk narratives that synthesize ambiguous or incomplete signals into clear decision-ready recommendations.
Own reporting architecture: determine meaningful measures and how they should be presented.
Define monitoring thresholds and escalation triggers in collaboration with Investigations leadership.
Translate investigative findings, root cause status, and AI model performance into actionable mitigation recommendations.

Cross-functional influence and organizational risk culture

Drive cross-functional risk alignment and lead systemic risk reviews to identify structural vulnerabilities and process design flaws.
Champion integration of risk thinking into operational design and serve as a change agent for risk culture.

Leadership, mentorship and capability building

Provide leadership and mentorship to more junior team members; design and deliver risk and compliance training that builds genuine risk literacy across CS teams.
Foster a culture of constructive challenge where assumptions are questioned and concerns are flagged.

Requirements

Bachelor's degree in Business, Risk Management, Finance, Operations, or related field (advanced degree preferred), or equivalent practical experience.
10+ years of experience in risk management, compliance, governance, or operational risk with a demonstrated track record of building and evolving risk frameworks, registries, and reporting programs.
Proven program management capability to drive complex, cross-functional remediation and root cause resolution.
Experience collaborating with or providing strategic oversight to investigations teams and translating investigative findings into enterprise risk intelligence.
Demonstrated ability to evaluate and govern AI/ML systems from a risk perspective (no model building required) and to challenge technical teams on AI outputs and human-in-the-loop governance.
Strong ability to synthesize ambiguous, complex information into clear risk narratives for executive audiences.
Strong stakeholder management and organizational influence skills.
Critical thinking, intellectual curiosity, and a skeptical posture toward automated outputs and historical baselines.
Experience with AI risk management frameworks (e.g., NIST AI RMF, ISO 42001, EU AI Act) or direct involvement in governing AI systems in operational environments.
Experience developing fraud, safety, or insider threat risk frameworks, strategies, and operational models.
Experience with contact center operations, process design and optimization, customer support strategies, and/or quality assurance.
Familiarity with GRC platforms, risk management tools, case management systems, or investigation ticketing platforms.

Your Location

This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed with your manager. Airbnb, Inc. can employ in states where they have registered entities; employees cannot currently be located in: Alaska, Indiana, Nebraska, North Dakota, Ohio, South Dakota, Wisconsin, Alabama, Mississippi, Oklahoma, Delaware, and Rhode Island (this list may change).

How We'll Take Care of You

Job titles may span more than one career level. Base pay depends on factors like training, transferable skills, work experience, business needs and market demands. The role may be eligible for bonus, equity, benefits, and Employee Travel Credits.

Pay Range

$156,000—$193,000 USD

Inclusion & Accessibility

Airbnb is committed to inclusion and encourages all qualified individuals to apply. They provide a disability inclusive application and interview process and offer reasonable accommodation via [email protected].