Job Description

Ribbon Privacy and AI Risk Analyst

This posting is for a newly created position.

We are seeking a highly motivated and detail-oriented Privacy and AI Risk Analyst to join our global Privacy and AI Risk Governance team. This hybrid role, based in Ottawa, Ontario, offers flexible working hours with an expectation of three in-office days per week.

As a multinational, publicly-listed company with customers around the world and employees across more than 30 countries, we process personal data in the context of technical support, cloud-based services. We are incrementally introducing certain AI-powered capabilities within our products and services and have more recently begun expanding elements of the corporate privacy program to address our growing AI risk management and compliance needs.

This position will play a key role in maintaining Ribbon’s combined global privacy and AI compliance and risk governance program in the context of supporting the company’s product and service offerings as well as employee privacy.

Key Responsibilities:

Corporate Privacy Program

• Conduct privacy impact assessments (PIAs) for products, services, and internal initiatives.

• Support the review and negotiation of privacy and data protection terms in customer and vendor agreements.

• Monitor and interpret global privacy regulations (including GDPR) and support compliance initiatives.

• Assist in the development and maintenance of privacy policies, procedures, contract boilerplates, training materials, and internal guidance documents.

• Collaborate with cross-functional teams including legal, information security, product development, data science and HR to ensure privacy-by-design principles are embedded in products, services and internal business processes.

• Plan and drive assigned privacy-related projects to completion.

Corporate AI Risk Governance Program

• Support the design, implementation and maintenance of the company’s AI risk governance framework.

• Support AI risk assessments and contribute to the development and oversight of AI-specific policies, guardrails, and governance artifacts.

• Assist in the evaluation of AI use cases for ethical, legal, and reputational risks.

• Contribute to internal awareness and training programs on responsible AI practices.

• Track emerging AI regulations and standards landscape (e.g., EU AI Act, NIST AI RMF, ISO/IEC 42001) and support compliance readiness.

• Plan and drive assigned AI risk governance related projects to completion.

Qualifications

Required:

• 3+ years of experience in a privacy, compliance, risk, or legal function, preferably in a corporate setting.

• Strong knowledge of global data protection laws and frameworks (e.g., GDPR, OECD Privacy Principles, NIST Privacy Framework) and some knowledge of information security frameworks including ISO27001.

• Experience conducting risk assessments and reviewing contractual data protection terms.

• Excellent analytical, research, and writing skills with the ability to synthesize complex information.

• Strong interpersonal and collaboration skills; able to work effectively across time zones and cultures.

• Demonstrated interest in AI governance, ethics, or emerging technologies.

Preferred:

• Professional certifications such as IAPP CIPP/E, CIPM, CIPT, or equivalent.

• Familiarity with AI governance frameworks and emerging regulations (e.g., EU AI Act, NIST AI RMF).

• Experience working in a multinational or highly regulated environment.

• Knowledge of telecom or cloud-based service industries.

What We Offer:

• A dynamic, inclusive, and mission-driven work environment.

• Opportunities for professional development and cross-functional learning.

• Competitive compensation and benefits package.

• The chance to shape the future of privacy and AI governance in a global tech company.

The anticipated base pay range for this full-time position in all geographic locations is $80,000.00 - $105,000.00 annually. Actual compensation within the range will be determined based on a variety of factors, including, but not limited to the candidate’s experience, skills and education. The compensation package also includes eligibility for an incentive plan and comprehensive benefits, subject to applicable requirements.

Please Note:

'All qualified applicants will receive consideration for employment without regard to race, age, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, on the basis of disability, or other characteristic protected by applicable law.'