Legal and Compliance Operations Manager

Company Description

Candidly was founded in 2016 to flip the script on what it means to plan, borrow, repay, and save for college. Today, we’re the category leader with the market’s most comprehensive AI-driven student debt and savings optimization platform. We partner with hundreds of top employers, financial institutions, and retirement record keepers, positioning Candidly to serve more than 35 million Americans. 

We’re already achieving incredible results — to date, we’ve helped our users get on track to eliminate more than $1.8B in student debt and pay off their loans 175,000 years quicker — and we’re seeking movers, shakers, innovators, and problem solvers to help take our mission even further. 

Candidly is a high-growth, Series B startup, funded by leading investors including Altos Ventures, Aflac, Salesforce Ventures, UBS, Equal Opportunity Ventures, Impact Engine, Rethink Impact, Unum, and Cercano Management. Our fully remote, international team of 70 (and counting) includes alumni from Google, UBS, Twitter, Plaid, Prudential, LendingTree, Morgan Stanley, Deutsche Bank, and more.

Job Summary

We're looking for an experienced Legal and Compliance Operations Manager to strengthen our legal and regulatory compliance framework while supporting our rapid growth in the financial services sector. In this critical role, you will serve as the operational backbone of our compliance program, ensuring adherence to financial regulations, managing vendor risk assessments, and executing comprehensive contract review processes.

You'll own the complete lifecycle of compliance operations, from contract analysis and vendor due diligence through regulatory reporting and policy implementation. Working closely with our legal, business, and product teams, you'll establish scalable compliance procedures, manage regulatory examinations, and proactively identify and mitigate compliance risks across our fintech operations, leveraging technology and AI-driven tools to enhance efficiency, accuracy, and scalability. Your focus will be on executing BSA/AML procedures, conducting thorough contract reviews, managing vendor risk assessments, and maintaining robust compliance documentation. This role uniquely blends legal expertise with operational compliance management, making it essential to protecting the company while enabling continued growth in the regulated financial services space.

Key Responsibilities

Contract Review & Legal Operations

• Conduct comprehensive contract review and analysis for vendor agreements, partnership contracts, and customer terms

• Draft, review, and negotiate standard commercial agreements including NDAs, service agreements, and vendor contracts

• Maintain contract management systems and ensure compliance with contractual obligations and renewal timelines

• Support legal counsel with document preparation, research, and case management activities

• Coordinate with external counsel and manage outside legal spend and vendor relationships

• Create and maintain legal document templates and approval workflows

• Track and report on contract metrics, key terms, and compliance status

• Assist in managing corporate and board documents, including meeting minutes, resolutions, and corporate filings

• Leverage AI-driven tools and analytics to enhance contract review, compliance monitoring, and risk assessment processes, ensuring efficiency and accuracy in legal and regulatory operations

Compliance Program Execution

• Execute comprehensive BSA (Bank Secrecy Act) and AML (Anti-Money Laundering) compliance procedures

• Conduct vendor risk assessments and ongoing due diligence reviews for third-party service providers

• Maintain and update compliance policies, procedures, and training materials

• Monitor regulatory changes and assess impact on business operations and compliance requirements

• Prepare and submit required regulatory reports and filings

• Support regulatory examinations and audits through documentation preparation and coordination

• Implement and maintain compliance monitoring systems and controls

Customer and Stakeholder Support

• Serve as a subject matter expert on compliance matters for internal teams and customers.

• Handle and respond to customer inquiries regarding legal and compliance issues, which may include joining customer calls to provide expert guidance and support

• Collaborate with cross-functional teams to ensure legal and compliance requirements are integrated into business processes

Vendor Risk Management

• Lead vendor risk assessment process including initial due diligence, ongoing monitoring, and annual reviews

• Evaluate vendor compliance with security, privacy, and regulatory requirements

• Coordinate vendor questionnaires, certifications, and documentation collection

• Maintain vendor risk registry and escalate high-risk findings to appropriate stakeholders

• Collaborate with procurement and business teams on vendor selection and onboarding processes

Requirements

• 5-8 years of operations experience, including a strong background in managing contract review and executing compliance programs in financial services

• Strong background in BSA/AML compliance procedures and regulatory requirements

• Proven experience conducting vendor risk assessments and third-party due diligence

• Experience with payment processing regulations and compliance (preferred)

• Bachelor's degree in business administration, law, or a related field

• Exceptional attention to detail and ability to manage multiple complex projects simultaneously

• Strong analytical skills with ability to identify and assess legal and regulatory risks

• Excellent written and verbal communication skills for cross-functional collaboration

• Proficiency with contract management systems, compliance software, and legal research tools

• Ability to work independently while maintaining high standards of accuracy and thoroughness

Preferred Qualifications

• Experience in fintech, financial services, or regulated technology environments

• CIPP/US certification is a plus, as is experience with global data privacy and protection laws, including GDPR and CCPA

• Familiarity with SOC 2, ISO certifications, and security compliance frameworks

• Previous experience supporting regulatory examinations or audits

• Background working with financial institutions, payment processors, or lending platforms

• Experience with Salesforce, DocuSign, and other business applications

• Experience implementing or managing AI-enabled compliance, risk, or legal operations technologies (e.g., contract review automation, regulatory monitoring platforms, or AI-driven vendor risk tools)

Background and EEOC

Candidly offers for employment are conditioned upon satisfactory completion of our employment screening process (including, but not limited to, a review of past employment and education records, background investigation, and/or credit check & fingerprints).

Candidly strives to foster an environment where every employee can succeed. As an Equal Opportunity Employer we do not discriminate on the basis of race, religion, color, sex, sexual orientation, gender identity, gender expression, national origin, age, non-disqualifying physical or mental disability, veteran status, or any other basis covered by applicable law. All employment is decided on the basis of qualifications, merit, and business need.