Director of Data Privacy– Governance, Risk and Compliance (GRC)


With over 400 million connected medical devices worldwide and the value of the healthcare Internet of Things (IoT) market valued at $163 billion, it’s no surprise that venture funding in the Digital Health space has hit record highs year after year. What’s clear is that all of healthcare’s future products – medical devices, combination products, wearables, Software as Medical Device and more – will all be digitally driven.

If you want to become a next-generation disruptive leader in healthcare, you need to be working in Digital Health now. And there’s no better place to get deep experience in Digital Health than with BrightInsight, the VC-backed Silicon Valley startup that provides the leading global regulated IoT platform for the world’s top biopharma and medtech companies.

We are a team of experienced professionals who are passionate about transforming patient outcomes globally by bringing the power of digital technology to healthcare. Our mission is to accelerate regulated digital health innovation for our biopharma and medtech customers through our scalable medical-grade platform.

In the past year, the award-winning BrightInsight Platform was selected as the “Best IoT Healthcare Platform” in the 2019 MedTech Breakthrough Awards, the “2018 Google Cloud Partner of the Year for Healthcare and Life Sciences,” was featured as the cover story for CIOReview Magazine’s “20 Most Promising Biotech Solution Providers 2019," and was included in The Journal of mHealth's “2020 Global Digital Health 100”.

If you enjoy working with solution-oriented, driven colleagues in an agile, bureaucratic-free environment, then come join us at BrightInsight.

Position Summary

The Director of Data Privacy – Governance, Risk and Compliance (GRC) is a remote position and reports to the Chief Information Security Officer / Data Privacy Officer.  This role will lead BrightInsight’s Data Privacy and Risk Management programs accountable for securing sensitive personal and health data.

Here is a glimpse of what you’ll do:

Lead corporate and client data protection strategy and operational activities including: Data Protection Impact Assessment, Data Subject Rights, Data Governance, and User Consent.

Develop and maintain a risk management program which defines how risks are identified, assessed and managed. 

Implement Privacy and GRC technology to improve processes for tracking risks and audit findings.

Manage 3rd party risks, ensuring regular vendor assessments are completed and ongoing security posture is appropriately managed.

Manage audits for achieving and maintaining relevant certifications (HiTrust, ISO 27001, ISO 27017, APEC) to continue BrightInsight’s position as leader in Security and Data Privacy

Manage client audit reviews, articulate control implementation, and establish strategy for applying privacy by design concepts to a technical cloud environment.

Coordinate with legal and security operations on incident investigations, ensure mitigation, determine incident root causes, and work with the impacted client to develop and complete corrective action plans to remediate all privacy violations and minimize the risk of recurrence.

We are looking for someone who demonstrates…

  • Deep understanding of international data privacy laws and practices
  • Intense collaboration
  • Simplifying complex problems
  • Passionate customer focus
  • Fast learner
  • Thoughtful, fast, disciplined execution


Here are a few examples of what you’ll get for the great work you provide…

  • Full range of medical benefits, dental, vision, etc.
  • Life Insurance
  • Matching 401K
  • Paid Time Off


BrightInsight is an Equal Opportunity Employer and employment selection decisions are based on merit, qualifications, and abilities. BrightInsight does not discriminate in employment opportunities or practices on the basis of: age, race, religion, color, sex, national origin, marital status, sexual orientation, gender identity, veteran status, disability, pregnancy status or any other status protected by law. BrightInsight provides reasonable accommodation so that qualified applicants with a disability may participate in the selection process. BrightInsight will contact you if it is determined that your background is a match to the required skills required for this position. Thank you for considering a career with BrightInsight.





Apply for this Job

* Required