Sr. Manager Quality Trust & Compliance (Privacy Compliance)

About Us:
Endpoint is an interactive response technology (IRT®) systems and solutions provider that supports the life sciences industry. Since 2009, we have been working with a single vision in mind, to help sponsors and pharmaceutical companies achieve clinical trial success. Our solutions, realized through the proprietary PULSE® platform, have proven to maximize the supply chain, minimize operational costs, and ensure timely and accurate patient dosing. Endpoint is headquartered in Raleigh-Durham, North Carolina with offices across the United States, Europe, and Asia.
Position Overview:
We are seeking an experienced and strategic Sr. Manager Quality Trust & Compliance (Privacy Compliance) to lead and operationalize privacy programs across our global eClinical technology landscape. This role will serve as a key liaison between our Quality, Global Privacy Office, IT, and Product & Engineering teams, ensuring that data privacy and protection standards are built into the core of our solutions and operations. This role is instrumental in driving cross-functional alignment, conducting privacy audits, implementing controls, and building a culture of privacy-by-design.

Responsibilities:

• Privacy Program Execution & Governance:
• - Partner with Legal/Global Privacy Office and Quality, Trust & Compliance to operationalize privacy compliance frameworks across systems, products, and services.
• - Develop and maintain privacy and data protection policies, standards, and procedures aligned with global regulatory requirements.
• - Drive adoption of privacy-by-design principles across product development and software lifecycle.
• Privacy Audits, Controls & Risk Management:
• - Plan, execute, and oversee internal privacy audits, assessments, and control evaluations across departments.
• - Conduct privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and risk analyses for new systems, vendors, or data processing activities.
• - Identify gaps, recommend corrective actions, and monitor remediation activities.
• Data Protection Officer (DPO) Support Duties
• - Partner with the legal office to assist in the data protection responsibilities; manage communication with supervisory authorities and data subjects.
• - Maintain records of data processing activities (RoPAs) and ensure privacy rights requests are handled timely.
• - Advise senior management on obligations under global privacy regulations.
• Cross-Functional Collaboration & Enablement
• - Lead privacy program integration across product management, engineering, legal, quality, and security teams.
• - Guide teams through regulatory readiness and product-specific compliance for clinical trial software and SaaS platforms.
• - Collaborate on incident response, breach notifications, and mitigation of privacy-related incidents.
• Training & Awareness:
• - Develop and deliver training and awareness programs on privacy topics for internal stakeholders.
• - Promote a culture of compliance, ethics, and trust throughout the organization.

Education:

• Bachelor’s degree in Information Security, Data Governance, Computer Systems, Life Sciences, or a related field

Experience:

• 7+ years of experience in privacy, data protection, or compliance, preferably in the life sciences, healthcare, or SaaS technology sector.
• Demonstrated experience in audits, privacy impact assessments, and building enterprise-wide privacy programs.
• Ability to work in cross-functional, fast-paced, global environments with strong stakeholder engagement.
• Prior experience as a Risk Protection Officer, DPO, or with DPO responsibilities preferred.

Skills:

• Deep understanding of GDPR, HIPAA, CCPA/CPRA, 21 CFR Part 11, and other global privacy regulations.
• Familiarity with clinical trial operations and regulatory technology solutions (e.g., RTSM, eCOA, EDC) preferred.
• Understanding of cloud security and vendor risk as it pertains to privacy compliance preferred.

Endpoint Clinical does not accept unsolicited resumes from search firms or any other third parties. Any unsolicited resume sent to Endpoint Clinical will be considered Endpoint Clinical property, and Endpoint Clinical will not pay a fee should it hire the subject of any unsolicited resume.
Endpoint Clinical is an equal opportunities employer AA/M/F/Veteran/Disability.     Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment, qualified applicants with arrest and conviction records.#LI-MT