Crinetics Pharmaceuticals, Inc. is hiring a Senior Director, Global Privacy

Crinetics Pharmaceuticals, Inc. is seeking a Senior Director, Global Privacy to provide enterprise-level leadership for the company's global privacy and data protection. This role serves as a senior legal and strategic advisor responsible for advancing privacy governance and strategy while managing complex privacy risk across clinical development, research pharmacovigilance, and commercial operations.

What You'll Do

• Lead the design, implementation, and ongoing enhancement of Crinetics’ global privacy and data-protection program, including policies, standards, procedures, and controls.
• Establish and chair enterprise privacy and data-governance forums, defining decision rights, escalation pathways, and accountability across functions.
• Provide regular executive-level reporting on privacy risk posture, program effectiveness, and emerging regulatory developments.
• Serve as the company’s senior legal authority on privacy, data protection, and data-use governance, advising executives and cross-functional leaders.
• Translate complex legal requirements into practical operating guidance that supports innovation, patient trust, and responsible data use.
• Provide senior-level oversight of privacy considerations across the clinical-trial lifecycle, including recruitment, informed consent, and data retention.
• Advise on privacy governance for interactions with CROs, investigators, sites, and vendors, ensuring appropriate access controls and contractual protections.
• Lead privacy strategy for cross-border data transfers, including approval and oversight of Standard Contractual Clauses (SCCs) and Transfer Impact Assessments (TIAs).
• Oversee privacy and data-use governance for patient support programs, real-world evidence initiatives, digital health tools, and patient ambassadors.
• Establish controls to maintain appropriate separation between clinical research data and commercial or marketing uses.
• Lead privacy and data-governance oversight for AI, machine learning, and advanced analytics, including review of high-risk use cases.
• Monitor, interpret, and operationalize emerging privacy, cybersecurity, and AI laws and guidance, including GDPR, HIPAA, CCPA/CPRA.
• Oversee the privacy risk-assessment framework, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Provide senior legal oversight of privacy and data-protection provisions in vendor, CRO, collaboration, and commercial agreements.
• Partner with Procurement, IT Security, and Compliance to oversee third-party privacy and security risk management.
• Play a senior leadership role in privacy and data-security incident response, including assessment of regulatory notification obligations.
• Align privacy governance with cybersecurity controls, including data classification, access management, retention, and secure system design.
• Build and lead a high-performing privacy function, including hiring, mentoring, and developing team members as the company grows.
• Drive enterprise-wide privacy training and awareness to foster a culture of accountability, ethical data handling, and privacy by design.

What We're Looking For

• Juris Doctor from an accredited law school.
• 15 years of relevant legal experience, including significant experience in biotechnology, pharmaceutical, or healthcare environments.
• A minimum of 10 years of experience as a supervisor with strong leadership skills and experience managing and developing high-performing teams.
• Ability to influence senior executives and cross-functional teams.
• Demonstrated experience leading an enterprise-level privacy or data-governance program, with accountability for outcomes.
• Deep expertise in HIPAA, GDPR, U.S. state privacy and consumer health data laws, and global data-transfer frameworks.
• Proven ability to influence senior leaders, manage cross-functional stakeholders, and exercise independent judgment on complex risk issues.
• Strong experience negotiating complex commercial, vendor, and clinical research agreements involving data protection.

Nice to Have

• CIPP/US, CIPM, or equivalent privacy certification.
• AI governance or emerging-technology experience (e.g., AIGP or equivalent).
• Experience supporting public companies or late-stage/pre-commercial organizations.

Team & Environment

This role reports to the VP, Global Compliance.

Benefits & Compensation

• Compensation: $216,000 - $270,000
• Discretionary annual target bonus
• Stock options
• ESPP
• 401k match
• Top-notch health insurance plans for employees (and their families) to include medical, dental, vision and basic life insurance
• 20 days of PTO
• 10 paid holidays
• A winter company shutdown

Crinetics is proud to be an Equal Opportunity Employer. We provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of sex, sexual orientation, gender (including gender identity and/or expression), pregnancy, race, color, creed, national or ethnic origin, citizenship status, religion or similar philosophical beliefs, disability, marital and civil union status, age, genetic information, veteran status or any personal attribute or characteristic that is protected by applicable local, state or federal laws.