Director, Compliance - Deputy Privacy Officer

When you join Sallie Mae, you become a champion for all students.

We’re on a mission to power confidence as students begin their unique journey. To help them plan their higher education, successfully finish, and prepare for life after school. To help them Start smart. Learn big.

Students need guidance navigating this important time in their life. They need someone who acknowledges that their education path is unique. They need a partner willing to evolve and not only meet but surpass their expectations. We’re changing. Because students need a better way.

We’re looking for people who are excited to drive this transformation. To break barriers and think of new ways to adapt, help, and create better experiences for students—and for each other.

This is where diverse backgrounds, beliefs, and perspectives matter. It’s where you’re empowered to bring your authentic self to work.

Feeling your best allows you to do your best. Our benefits take care of the whole you—from physical and mental to financial and professional. You’ll get opportunities to further your education and career, support for you and your family (including your pets!), paid time off to volunteer for the things that matter to you, and more.

We’re obsessed with impact and making a real difference. For us, that means putting relationships first, asking “why not?” when tackling challenges, and continuously learning new skills.

Come do more than join something, change something. For students, for future generations, for the future of education.

This position will report to the Vice President, Privacy Officer and Fair & Responsible Banking Officer. The Director, Privacy Compliance, operates in a deputy privacy officer capacity, supporting all aspects of the Privacy Program and requires the Director to not only fulfill oversight of the program but perform detailed daily tasks to monitor the health of the program. The Privacy Director will lead enterprise privacy risk management across products, marketing/ad-tech, operations, and third parties.

This role designs and executes the privacy program; oversees compliance with evolving state consumer privacy laws; ensures adherence to federal financial privacy obligations (e.g., GLBA/Reg P, FCRA); and orchestrates privacy incident response in partnership with Corporate Security and Legal. The Director will establish policy, perform risk assessments, advise on business initiatives (including digital marketing technologies), and deliver reporting to senior leadership and governance committees.

• Set enterprise standards for cookies, pixels, SDKs, tag managers, advertising IDs, consent banners, and cross-site tracking; implement controls to limit profiling/targeting of minors and sensitive categories.

• Evaluate ad-tech stacks (e.g., CDP/DMP, clean rooms, measurement partners) for lawful bases, consent preferences (opt-in/opt-out), and data minimization; drive vendor due diligence and contractual controls (DPA, SCCs/appropriate safeguards).

• Partner with Marketing, Digital, Data, and Engineering to design consent management, accurate preference signaling, and compliant audience creation/activation; lead periodic audits of trackers and SDKs.

• Build and maintain a multi-state compliance program covering consumer rights (access, deletion, correction, portability), opt-out rights (sale/share/targeted advertising), and risk assessments (DPIAs) as applicable.

• Monitor legislative changes; translate new requirements into policies, standards, and implementation roadmaps for business teams.

• Own program controls for GLBA/Reg P, Interagency Security Guidelines, and FCRA touchpoints (e.g., permissible purpose, adverse action data handling); align notices with model form requirements and internal policy governance.

• Partner with Product, Servicing, and Vendor Management to ensure appropriate use and sharing of NPI/PII, including affiliate sharing boundaries and marketing limits.

• Develop and maintain privacy policies, procedures, and standards; implement training and awareness…