This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
In this role you will own the strategic design and continuous evolution of risk frameworks, the risk registry, and executive risk narratives for Community Support — translating investigative findings, AI/ML model outputs, operational signals, and emerging threats into decisions and actions that protect Airbnb. A defining element of this role is your close partnership with the Insider Threat program. Together, you will form a complementary unit: you will ensure that investigative outcomes are contextualized within the broader risk ecosystem — informing risk appetite decisions, shaping detection strategy, and driving remediation accountability. You will co-own escalation frameworks, jointly challenge detection model effectiveness, and ensure that the feedback loop between investigations, risk governance, and AI-driven detection is robust and continuously improving.
Job Responsibility
Design and own the CS Risk Appetite Framework
Own and evolve the CS Risk Registry as a living strategic instrument
Develop and stress-test risk assessment standards
Support the evolution of models and processes used in detection triage and investigation
Establish ongoing governance cadences
Collaborate closely with the Insider Threat Investigations
Co-design escalation and review protocols for high-severity investigation findings
Participate in joint case reviews, postmortems, and incident debriefs
Provide strategic risk context to the Investigations team
Coordinate the feedback loop between investigations and AI-driven detection systems
Own the end-to-end lifecycle of root cause resolution
Maintain and govern a centralized root cause and remediation tracker
Distinguish between symptomatic fixes and true root cause resolution
Drive cross-functional remediation workstreams
Track resolution effectiveness over time
Integrate root cause intelligence into the risk registry and risk appetite framework
Report on root cause resolution health to senior leadership
Craft and deliver executive-level risk narratives
Own the reporting architecture
Define and maintain monitoring thresholds and escalation triggers
Translate investigative findings, root cause resolution status, and AI model performance data into actionable risk mitigation recommendations
Drive cross-functional risk alignment
Lead systemic risk reviews
Champion the integration of risk thinking into operational design
Serve as a change agent for risk culture
Provide leadership and mentorship to more junior team members
Design and deliver risk and compliance training
Foster a culture of constructive challenge
Requirements
Bachelor's degree in Business, Risk Management, Finance, Operations, or related field (advanced degree preferred), or equivalent practical experience
10+ years of experience in risk management, compliance, governance, or operational risk — with a demonstrated track record of building and evolving risk frameworks, registries, and reporting programs (not just maintaining them)
Proven program management capability — specifically the ability to drive complex, cross-functional remediation and root cause resolution efforts from identification through verified closure
Experience collaborating with or providing strategic oversight to investigations teams — with a strong understanding of how investigative findings translate into enterprise risk intelligence and governance action
Demonstrated ability to evaluate and govern AI/ML systems from a risk perspective — you do not need to build models, but you must be able to critically assess model assumptions, failure modes, bias risks, and governance requirements
Proven ability to synthesize ambiguous, complex, and sometimes conflicting information into clear risk narratives and strategic recommendations for executive audiences
Strong organizational influence and stakeholder management skills — with a track record of driving cross-functional alignment, navigating ambiguity, and influencing senior leaders without direct authority
Critical thinking and intellectual curiosity — a default posture of healthy skepticism toward automated outputs, historical baselines, and consensus assumptions
Ability to adapt and innovate, challenge the status quo, and identify new solutions while effectively balancing risk, speed, and cost
Nice to have
Experience with AI risk management frameworks (e.g., NIST AI RMF, ISO 42001, EU AI Act compliance frameworks) or direct involvement in governing AI systems in operational environments
Experience developing fraud, safety, or insider threat risk frameworks, strategies, and operational models
Experience with contact center operations in process design and optimization, customer support strategies, and/or quality assurance
Familiarity with GRC platforms, risk management tools, case management systems, or investigation ticketing platforms