Offer summary

Qualifications:

Bachelor’s degree in Information Security, Data Governance, or related field., 7+ years of experience in privacy, data protection, or compliance., Strong knowledge of global privacy regulations like GDPR, HIPAA, CCPA., Experience in audits, privacy impact assessments, and building enterprise privacy programs..

Key responsibilities:

Lead and operationalize privacy programs across the organization.

Conduct privacy audits, assessments, and manage risk evaluations.

Collaborate with cross-functional teams to ensure privacy compliance.

Develop training programs to promote a culture of privacy awareness.

Job description

About Us:
Endpoint is an interactive response technology (IRT®) systems and solutions provider that supports the life sciences industry. Since 2009, we have been working with a single vision in mind, to help sponsors and pharmaceutical companies achieve clinical trial success. Our solutions, realized through the proprietary PULSE® platform, have proven to maximize the supply chain, minimize operational costs, and ensure timely and accurate patient dosing. Endpoint is headquartered in RaleighDurham, North Carolina with offices across the United States, Europe, and Asia.

Position Overview:
We are seeking an experienced and strategic Sr. Manager Quality Trust & Compliance (Privacy Compliance) to lead and operationalize privacy programs across our global eClinical technology landscape. This role will serve as a key liaison between our Quality, Global Privacy Office, IT, and Product & Engineering teams, ensuring that data privacy and protection standards are built into the core of our solutions and operations. This role is instrumental in driving crossfunctional alignment, conducting privacy audits, implementing controls, and building a culture of privacybydesign.

Responsibilities:Privacy Program Execution & Governance:
Partner with LegalGlobal Privacy Office and Quality, Trust & Compliance to operationalize privacy compliance frameworks across systems, products, and services.
Develop and maintain privacy and data protection policies, standards, and procedures aligned with global regulatory requirements.
Drive adoption of privacybydesign principles across product development and software lifecycle.
Privacy Audits, Controls & Risk Management:
Plan, execute, and oversee internal privacy audits, assessments, and control evaluations across departments.
Conduct privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and risk analyses for new systems, vendors, or data processing activities.
Identify gaps, recommend corrective actions, and monitor remediation activities.
Data Protection Officer (DPO) Support Duties
Partner with the legal office to assist in the data protection responsibilities; manage communication with supervisory authorities and data subjects.
Maintain records of data processing activities (RoPAs) and ensure privacy rights requests are handled timely.
Advise senior management on obligations under global privacy regulations.
CrossFunctional Collaboration & Enablement
Lead privacy program integration across product management, engineering, legal, quality, and security teams.
Guide teams through regulatory readiness and productspecific compliance for clinical trial software and SaaS platforms.
Collaborate on incident response, breach notifications, and mitigation of privacyrelated incidents.
Training & Awareness:
Develop and deliver training and awareness programs on privacy topics for internal stakeholders.
Promote a culture of compliance, ethics, and trust throughout the organization.

Education:
Bachelor’s degree in Information Security, Data Governance, Computer Systems, Life Sciences, or a related field

Experience:
7+ years of experience in privacy, data protection, or compliance, preferably in the life sciences, healthcare, or SaaS technology sector.
Demonstrated experience in audits, privacy impact assessments, and building enterprisewide privacy programs.
Ability to work in crossfunctional, fastpaced, global environments with strong stakeholder engagement.
Prior experience as a Risk Protection Officer, DPO, or with DPO responsibilities preferred.

Skills:
Deep understanding of GDPR, HIPAA, CCPACPRA, 21 CFR Part 11, and other global privacy regulations.
Familiarity with clinical trial operations and regulatory technology solutions (e.g., RTSM, eCOA, EDC) preferred.
Understanding of cloud security and vendor risk as it pertains to privacy compliance preferred.
Endpoint Clinical does not accept unsolicited resumes from search firms or any other third parties. Any unsolicited resume sent to Endpoint Clinical will be considered Endpoint Clinical property, and Endpoint Clinical will not pay a fee should it hire the subject of any unsolicited resume.

Endpoint Clinical is an equal opportunities employer AAMFVeteranDisability. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment, qualified applicants with arrest and conviction records.
#LIMT