{bc}
linkedin

Privacy Program Lead

Fasken
Vancouver, CAN
Full Time
Senior
1 weeks ago
Privacy Impact AssessmentTransfer Risk AssessmentPIPEDAGDPRPOPIAISO 27001
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Privacy Impact AssessmentTransfer Risk AssessmentPIPEDA
Smart Apply

Full Job Posting

About Fasken

  • As a premier law firm with over 900 lawyers worldwide, Fasken is where excellence meets expertise.

Role Summary

  • Fasken’s Information Security Office is seeking a senior, hands on Privacy Program Lead to operationalize and mature the firm’s global privacy program.
  • This role is responsible for executing privacy impact assessments, transfer risk assessments, and data protection reviews.
  • They will partner closely with Legal, Security, IT and business stakeholders to ensure compliance.
  • This role also supports responsible AI adoption by assessing privacy risks associated with AI systems.

What You’ll Deliver In The First 12 Months

  • Conduct Privacy Impact Assessments (PIAs/DPIAs) and Transfer Risk Assessments (TRAs) for priority initiatives and vendor engagements.
  • Establish standardized privacy assessment methodologies aligned to PIPEDA, GDPR, POPIA and client contractual requirements.
  • Build and maintain Records of Processing Activities (RoPA) for high risk processing activities.
  • Establish privacy review and risk assessment processes for AI and GenAI use cases.
  • Reduce privacy review turnaround times though structured workflows and intake processes.
  • Develop measurable privacy KPIs and reporting dashboards for leadership.
  • Support client due diligence and outside counsel guidelines with clear, defensible privacy documentation.
  • Strengthen cross functional collaboration between Legal, Security, IT and business teams to promote Privacy by Design adoption.

Key Responsibilities Privacy Program Execution

  • Lead operational delivery of the firm’s privacy program under the direction of the Chief Privacy Officer.
  • Conduct DPIAs, PIAs, TRAs and privacy risk reviews for new technologies, vendors and business initiatives.
  • Identity privacy risks and coordinate remediation with responsible teams.
  • Maintain privacy risk registers and issue tracking.
  • Develop and deliver firmwide Privacy Training.

Regulatory and Framework Alignment

  • Translate regulatory obligations (including PIPEDA, GDPR, POPIA and applicable provincial and state laws) into actionable controls and guidance.
  • Map privacy controls of ISO 27001, client audit expectations, and internal governance requirements.
  • Monitor emerging regulatory developments and recommend program enhancements.

AI and Emerging Technology Privacy Oversight

  • Conduct privacy risk assessments for AI and generative AI solutions.
  • Evaluate data usage, training inputs, retention and output handling for privacy compliance.
  • Partner with technology and governance teams to ensure AI systems align with privacy, confidentiality and client obligations.
  • Support development of privacy guardrails and review standards for AI deployments.

Data Lifecycle Governance

  • Support data classification, retention, minimization, and lawful use practices across systems and processes.
  • Partner with IT and Security teams to validate that technical controls align with privacy requirements.
  • Advise on cross border data transfers and third party processing risk.

Vendor & Third Party Privacy Reviews

  • Conduct privacy risk assessments for third parties handling personal or confidential data.
  • Evaluate contractual safeguards, transfer mechanisms, and processing obligations.
  • Provide recommendations to Procurement, Legal, and Security teams.

Incident Response Support

  • Participate as privacy SME in investigations involving potential personal data exposure.
  • Assess regulatory and contractual notification obligations.
  • Support post incident lessons learned and control improvements.

Stakeholder Enablement

  • Provide practical privacy guidance to business leaders, attorneys, and operational teams.
  • Deliver targeted awareness sessions promoting privacy by design practices.
  • Support RFP responses, client questionnaires, and audit requests.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Fasken