Sr. Manager Quality Trust & Compliance (Privacy Compliance)

Responsibilities:

• Privacy Program Execution & Governance:
• - Partner with Legal/Global Privacy Office and Quality, Trust & Compliance to operationalize privacy compliance frameworks across systems, products, and services.
• - Develop and maintain privacy and data protection policies, standards, and procedures aligned with global regulatory requirements.
• - Drive adoption of privacy-by-design principles across product development and software lifecycle.
• Privacy Audits, Controls & Risk Management:
• - Plan, execute, and oversee internal privacy audits, assessments, and control evaluations across departments.
• - Conduct privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and risk analyses for new systems, vendors, or data processing activities.
• - Identify gaps, recommend corrective actions, and monitor remediation activities.
• Data Protection Officer (DPO) Support Duties
• - Partner with the legal office to assist in the data protection responsibilities; manage communication with supervisory authorities and data subjects.
• - Maintain records of data processing activities (RoPAs) and ensure privacy rights requests are handled timely.
• - Advise senior management on obligations under global privacy regulations.
• Cross-Functional Collaboration & Enablement
• - Lead privacy program integration across product management, engineering, legal, quality, and security teams.
• - Guide teams through regulatory readiness and product-specific compliance for clinical trial software and SaaS platforms.
• - Collaborate on incident response, breach notifications, and mitigation of privacy-related incidents.
• Training & Awareness:
• - Develop and deliver training and awareness programs on privacy topics for internal stakeholders.
• - Promote a culture of compliance, ethics, and trust throughout the organization.

Education:

• Bachelor’s degree in Information Security, Data Governance, Computer Systems, Life Sciences, or a related field

Experience:

• 7+ years of experience in privacy, data protection, or compliance, preferably in the life sciences, healthcare, or SaaS technology sector.
• Demonstrated experience in audits, privacy impact assessments, and building enterprise-wide privacy programs.
• Ability to work in cross-functional, fast-paced, global environments with strong stakeholder engagement.
• Prior experience as a Risk Protection Officer, DPO, or with DPO responsibilities preferred.

Skills:

• Deep understanding of GDPR, HIPAA, CCPA/CPRA, 21 CFR Part 11, and other global privacy regulations.
• Familiarity with clinical trial operations and regulatory technology solutions (e.g., RTSM, eCOA, EDC) preferred.
• Understanding of cloud security and vendor risk as it pertains to privacy compliance preferred.