Compliance & Risk Lead in Tremblay-en-France, Île-de-France at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Compliance & Risk Lead in France.

This role sits at the heart of a fast-scaling HealthTech environment focused on enabling secure and compliant access to clinical research worldwide. You will act as the key guardian of trust, privacy, and regulatory integrity across global operations, ensuring that rapid international expansion remains aligned with strict healthcare and data protection standards. Working at the intersection of legal, product, and engineering teams, you will translate complex regulatory frameworks into actionable business and technical requirements. You will also serve as a trusted advisor to enterprise clients and partners, leading high-stakes compliance discussions and strengthening commercial confidence. This is a highly strategic yet hands-on role with direct influence on product development, global market entry, and security governance. It requires strong autonomy, cross-functional leadership, and the ability to operate in a fast-moving, mission-driven organization.

• Lead the compliance and privacy roadmap for international expansion, ensuring adherence to global and local data protection regulations and managing cross-border data transfer requirements.
• Own and manage enterprise security questionnaires, while reviewing and negotiating Data Processing Agreements (DPAs) and Business Associate Agreements (BAAs), including liability and security clauses.
• Act as Data Protection Officer, overseeing GDPR and HIPAA compliance, and maintaining governance of the Information Security Management System in collaboration with technical teams.
• Partner with product and engineering teams to embed privacy-by-design principles into product development and ensure compliant data flows.
• Represent compliance externally by leading client-facing security and trust discussions with enterprise stakeholders and clinical partners.
• Translate regulatory obligations into clear technical and operational requirements for internal teams, enabling secure product delivery.
• Develop compliance documentation, frameworks, and vendor risk management processes to scale organizational trust.

Requirements:

• 7+ years of experience in data privacy, compliance, risk management, or technology law, ideally within SaaS, HealthTech, or life sciences environments.
• Strong expertise in GDPR, HIPAA, and other global privacy frameworks, with the ability to interpret and apply emerging regional regulations.
• Proven experience negotiating complex DPAs, BAAs, and other enterprise-level legal and security agreements.
• Strong ability to translate legal and compliance requirements into technical specifications for engineering and product teams, including experience supporting ISO 27001 environments or audits.
• Excellent communication and stakeholder management skills, with confidence in leading client-facing compliance and security discussions.
• Hands-on, execution-oriented mindset with the ability to independently manage policies, documentation, and compliance operations.
• Experience in fast-paced or startup environments is highly valued.

Benefits:

• Remote-first organization with flexible working arrangements
• Competitive salary ranging from €75,000 to €100,000 plus equity opportunities
• Modern private health insurance coverage
• Compensatory time off (RTT)
• Lunch vouchers and wellness benefits
• Gym membership support
• High-quality equipment provided for optimal remote work
• Access to free books and continuous learning resources