Process Risk and Compliance Operations Manager

About Airbnb

Airbnb began in 2007 when two hosts opened their San Francisco home to three guests. Since then, it has expanded to more than 5 million hosts and over 2 billion guest arrivals across nearly every country, helping travelers connect with communities through distinctive stays and experiences.

The team you would join

The Community Support organization manages tens of millions of customer interactions each year across phone, messaging, chat, and social channels. It handles a wide range of case types, including cancellations, account issues, refunds, payments, reservations, extenuating circumstances, booking and listing concerns, safety, and claims. The team operates globally with presence across San Francisco, Dublin, Montreal, Seattle, Singapore, Manila, Gurgaon, and a broad partner network.

Role impact

In this position, you will shape and continuously improve the risk frameworks, risk registry, and executive risk storytelling for Community Support. Your work will convert investigation results, AI/ML outputs, operational signals, and emerging threats into practical decisions and actions that help protect Airbnb.

You will work closely with the Insider Threat program, helping ensure investigation outcomes are interpreted within the wider risk picture. This includes informing risk appetite choices, strengthening detection strategy, and driving accountability for remediation. You will also help connect investigations, risk governance, and AI-based detection through a stronger feedback loop.

In addition to analysis and governance design, you will manage the program for systemic root cause closure. When investigations, incidents, or assessments reveal structural weaknesses, you will ensure they are tracked, assigned, resourced, and carried through to completion across the business.

As Airbnb expands its use of AI and automation in operations, you will act as a risk steward for systems that affect Community Support. The role is not technical, but it requires thoughtful scrutiny of technical outputs, careful questioning of assumptions, and strong governance for AI-supported processes.

This is a new team, offering the chance to help define how it grows and to take on broader leadership responsibilities over time.

What you will do

• Build and own the Community Support risk appetite framework, including guardrails, escalation points, and approved response paths.
• Maintain the risk registry as a live decision-making tool by reprioritizing risks, checking score accuracy, identifying blind spots, and driving remediation ownership.
• Create and pressure-test risk assessment standards, such as KRIs, risk types, and emerging threat scenarios, while questioning whether existing indicators still reflect reality.
• Support the improvement of triage and investigation processes by evaluating assumptions and risk inputs behind models and workflows.
• Set up governance routines such as risk review boards, quarterly reviews, and challenge sessions to test assumptions with cross-functional stakeholders.
• Partner with Insider Threat Investigations to capture, interpret, and fold findings into the broader risk program.
• Design and refine escalation and review paths for severe investigation findings and non-compliant transactions.
• Join case reviews, postmortems, and incident debriefs to identify patterns, control gaps, and changes needed to risk appetite.
• Guide investigators using risk registry trends, KRI movement, and organizational risk priorities.
• Ensure investigative learning is fed back into AI-driven detection and that model performance is monitored and challenged.
• Own the full lifecycle of root cause resolution, from identification through verified closure.
• Run a centralized tracker for root causes and remediation, with clear ownership, milestones, deadlines, and governance review.
• Push teams beyond surface fixes and advocate for durable structural remediation, escalating when needed.
• Coordinate cross-functional remediation workstreams, track blockers, and escalate unresolved items.
• Measure whether fixes actually reduce repeat issues and reopen cases when problems recur.
• Connect root cause trends back into the risk registry, risk appetite framework, KRI design, and strategic priorities.
• Report root cause health to leadership, including aging items, closure rates, recurrence, and accountability metrics.
• Write and present executive risk narratives that explain what the data means, what action is needed, and what trade-offs exist.
• Own reporting design, including what is measured, how it is displayed, and who receives it.
• Work with the Investigations Manager to define monitoring thresholds and escalation triggers that match current operating conditions.
• Convert investigation outcomes, remediation progress, and AI performance into clear mitigation recommendations for leadership.
• Drive alignment across teams so risk is handled holistically rather than in silos.
• Lead systemic risk reviews that uncover design flaws, incentive issues, and structural vulnerabilities.
• Embed risk thinking into operational design and review new processes, tools, and AI deployments before launch.
• Help evolve the organization’s risk culture from reactive compliance to proactive risk awareness.
• Coach junior team members to think critically, challenge data, and communicate effectively with stakeholders.
• Design and deliver training that builds real risk literacy, including awareness of AI risks and limitations.
• Encourage a culture where people question assumptions, surface concerns, and improve the program continuously.

Requirements

• Bachelor’s degree in Business, Risk Management, Finance, Operations, or a related field; an advanced degree is preferred, or equivalent practical experience.
• At least 10 years of experience in risk management, compliance, governance, or operational risk, with hands-on experience building and improving risk frameworks, registries, and reporting programs.
• Strong program management experience with complex, cross-functional remediation and root cause resolution work from start to verified closure.
• Experience working with investigations teams or advising them, and understanding how their findings translate into enterprise risk action.
• Ability to review and govern AI/ML systems from a risk perspective, including evaluating assumptions, failure modes, bias, and oversight needs.
• Comfort challenging technical teams on AI outputs and driving human-in-the-loop controls.
• Strong ability to turn complex and conflicting information into clear executive-level risk recommendations.
• Excellent stakeholder management and organizational influence, including the ability to align senior partners without direct authority.
• Strong critical thinking and intellectual curiosity, with a healthy skepticism toward automated outputs and default assumptions.
• Ability to adapt, innovate, and balance risk, speed, and cost while pushing for better solutions.
• Familiarity with AI risk frameworks such as NIST AI RMF, ISO 42001, or EU AI Act compliance approaches, or experience governing AI in operational settings.
• Experience building fraud, safety, or insider threat risk programs, strategies, or operating models.
• Experience designing or improving contact center operations and process optimization.

Additional information

The role is based in the United States and is remote. It is a full-time position. No salary or stipend amount was provided in the source. No application deadline, start date, duration, or number of openings was specified.