Privacy Program Lead
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Fasken is seeking a senior Privacy Program Lead to operationalize and mature the firm's global privacy program. The role involves executing privacy impact assessments, transfer risk assessments, and data protection reviews across multiple jurisdictions.
Key Skills for This Role
Responsibilities
- Lead operational delivery of the firm’s privacy program under the direction of the Chief Privacy Officer
- Conduct DPIAs, PIAs, TRAs and privacy risk reviews for new technologies, vendors and business initiatives
- Identify privacy risks and coordinate remediation with responsible teams
- Maintain privacy risk registers and issue tracking
- Develop and deliver firmwide Privacy Training
- Translate regulatory obligations into actionable controls and guidance
- Conduct privacy risk assessments for AI and generative AI solutions
- Support data classification, retention, minimization, and lawful use practices
- Conduct privacy risk assessments for third parties handling personal or confidential data
- Participate as privacy SME in investigations involving potential personal data exposure
- Provide practical privacy guidance to business leaders, attorneys, and operational teams
- Define and track program KPIs/KRIs such as assessment turnaround time, remediation closure rates, risk severity trends
Requirements
- 7–10+ years professional experience in privacy, risk, compliance, or information governance
- Strong working knowledge of privacy laws and frameworks (PIPEDA, GDPR, POPIA, and international transfer requirements)
- Demonstrated experience conducting privacy impact and risk assessments
- Ability to translate legal and regulatory requirements into operational controls
- Experience working cross functionally with Legal, Security, IT, and business stakeholders
- Excellent written and verbal communication skills suitable for regulators, clients, and senior leadership
Full Job Posting
About Fasken
- As a premier law firm with over 900 lawyers worldwide, Fasken is where excellence meets expertise.
Role Summary
- Fasken’s Information Security Office is seeking a senior, hands on Privacy Program Lead to operationalize and mature the firm’s global privacy program.
- This role is responsible for executing privacy impact assessments, transfer risk assessments, and data protection reviews.
- They will partner closely with Legal, Security, IT and business stakeholders to ensure compliance.
- This role also supports responsible AI adoption by assessing privacy risks associated with AI systems.
What You’ll Deliver In The First 12 Months
- Conduct Privacy Impact Assessments (PIAs/DPIAs) and Transfer Risk Assessments (TRAs) for priority initiatives and vendor engagements.
- Establish standardized privacy assessment methodologies aligned to PIPEDA, GDPR, POPIA and client contractual requirements.
- Build and maintain Records of Processing Activities (RoPA) for high risk processing activities.
- Establish privacy review and risk assessment processes for AI and GenAI use cases.
- Reduce privacy review turnaround times though structured workflows and intake processes.
- Develop measurable privacy KPIs and reporting dashboards for leadership.
- Support client due diligence and outside counsel guidelines with clear, defensible privacy documentation.
- Strengthen cross functional collaboration between Legal, Security, IT and business teams to promote Privacy by Design adoption.
Key Responsibilities Privacy Program Execution
- Lead operational delivery of the firm’s privacy program under the direction of the Chief Privacy Officer.
- Conduct DPIAs, PIAs, TRAs and privacy risk reviews for new technologies, vendors and business initiatives.
- Identity privacy risks and coordinate remediation with responsible teams.
- Maintain privacy risk registers and issue tracking.
- Develop and deliver firmwide Privacy Training.
Regulatory and Framework Alignment
- Translate regulatory obligations (including PIPEDA, GDPR, POPIA and applicable provincial and state laws) into actionable controls and guidance.
- Map privacy controls of ISO 27001, client audit expectations, and internal governance requirements.
- Monitor emerging regulatory developments and recommend program enhancements.
AI and Emerging Technology Privacy Oversight
- Conduct privacy risk assessments for AI and generative AI solutions.
- Evaluate data usage, training inputs, retention and output handling for privacy compliance.
- Partner with technology and governance teams to ensure AI systems align with privacy, confidentiality and client obligations.
- Support development of privacy guardrails and review standards for AI deployments.
Data Lifecycle Governance
- Support data classification, retention, minimization, and lawful use practices across systems and processes.
- Partner with IT and Security teams to validate that technical controls align with privacy requirements.
- Advise on cross border data transfers and third party processing risk.
Vendor & Third Party Privacy Reviews
- Conduct privacy risk assessments for third parties handling personal or confidential data.
- Evaluate contractual safeguards, transfer mechanisms, and processing obligations.
- Provide recommendations to Procurement, Legal, and Security teams.
Incident Response Support
- Participate as privacy SME in investigations involving potential personal data exposure.
- Assess regulatory and contractual notification obligations.
- Support post incident lessons learned and control improvements.
Stakeholder Enablement
- Provide practical privacy guidance to business leaders, attorneys, and operational teams.
- Deliver targeted awareness sessions promoting privacy by design practices.
- Support RFP responses, client questionnaires, and audit requests.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Fasken
AI Product Manager
Toronto, CAN
Fasken seeks an AI Product Manager to drive the strategy and adoption of Microsoft 365 and AI technologies, including Copilot. The role involves managing the full lifecycle of M365 and AI solutions, measuring productivit
AI Product Manager
Montreal, CAN
Fasken is seeking an AI Product Manager to drive the strategy and roadmap for Microsoft 365 and AI applications, including Copilot, Teams, SharePoint, and OneDrive. This role involves developing tangible applications tha
AI Product Manager
Calgary, CAN
Fasken is looking for an AI Product Manager to drive the strategy and adoption of Microsoft 365 and AI technologies, including Copilot, across the firm. The role involves managing the full lifecycle of M365 and AI soluti
AI Product Manager
Vancouver, CAN
Fasken is seeking an AI Product Manager to shape how the firm works with Microsoft 365 and AI technologies, including Copilot. The role involves driving employee awareness, adoption, and satisfaction, managing the full l
Privacy Program Lead
Calgary, CAN
Fasken is hiring a senior Privacy Program Lead to operationalize and mature the firm's global privacy program. You will conduct privacy impact assessments, transfer risk assessments, and data protection reviews across mu