Manager, Quality Trust and Compliance; Vendor Qualification

Position Summary

We are seeking an experienced and strategic Manager, Privacy Compliance to lead and operationalize privacy programs across our global eClinical technology landscape. This role will serve as a key liaison between our Quality, Global Privacy Office, IT, and Product & Engineering teams, ensuring that data privacy and protection standards are built into the core of our solutions and operations.

This role is instrumental in driving cross-functional alignment, conducting privacy audits, implementing controls, and building a culture of privacy-by-design.

• Required:
• Bachelor’s degree in Information Security, Data Governance, Computer Systems, Life Sciences, or a related field.
• 7+ years of experience in privacy, data protection, or compliance, preferably in the life sciences, healthcare, or SaaS technology sector.
• Deep understanding of GDPR, HIPAA, CCPA/CPRA, 21 CFR Part 11, and other global privacy regulations.
• Demonstrated experience in audits, privacy impact assessments, and supporting the building of enterprise‑wide privacy programs.
• Ability to work in cross‑functional, fast‑paced, global environments with strong stakeholder engagement.

• Preferred:
• Auditor certification (e.g., ISO 9001, ISO 27001, or equivalent).
• Knowledge of data integrity principles and AI/ML vendor oversight.
• Familiarity with privacy requirements (GDPR, HIPAA) for vendor assessment.

• Bachelor’s or Master’s degree in Life Sciences, Computer Science, Quality, or a related field.

• Minimum 5–8 years of experience in QA, compliance, or validation roles in the life sciences industry.
• 3+ years of direct experience in vendor qualification or third‑party oversight for GxP systems.
• Experience conducting vendor audits and managing supplier CAPAs.
• Strong knowledge of GxP regulations (21 CFR Part 11, EU Annex 11), GAMP 5, and ICH Q10.

• In‑depth understanding of software development life cycles and cloud vendor qualification (e.g., SaaS).
• Strong analytical, communication, and negotiation skills.
• Ability to manage multiple priorities in a fast‑paced environment.
• Proficiency in quality systems and tools (e.g., eQMS, VMS, audit tracking tools).

• Privacy Program Execution & Governance
• Partner with Legal/Global Privacy Office and Quality, Trust & Compliance to operationalize privacy compliance frameworks across systems, products, and services.
• Develop and maintain privacy and data protection policies, standards, and procedures aligned with global regulatory requirements.
• Drive adoption of privacy‑by‑design principles across product development and software lifecycle.

• Privacy Audits, Controls & Risk Management
• Plan, execute, and oversee internal privacy audits, assessments, and control evaluations across departments.
• Conduct privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and risk analyses for new systems, vendors, or data processing activities.
• Identify gaps, recommend corrective actions, and monitor remediation activities.

• Data Protection Officer (DPO) Support Duties
• Partner with the legal office to assist in the data protection responsibilities; manage communication with supervisory authorities and data subjects.
• Maintain records of data processing activities (RoPAs) and ensure privacy rights requests are handled timely.
• Advise senior management on obligations under global privacy regulations.

• Cross‑Functional Collaboration & Enablement
• Lead privacy program integration across product management, engineering, legal, quality, and security teams.
• Guide teams through regulatory readiness and product‑specific compliance for clinical trial software and SaaS platforms.
• Collaborate on incident response, breach notifications, and mitigation of privacy‑related incidents.

• Training & Awareness
• Develop and deliver training and awareness programs on privacy topics for internal stakeholders.
• Promote a culture of compliance, ethics, and trust throughout the organization.