At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

MENA – Digital Risk – Data Privacy & Governance – Senior

As part of our Risk Consulting team, you will be part of the focused team to activities related to Data Privacy & Protection for various clients across the MENA region. DPP and Cyber Security are few of the most important risks facing businesses today. We are looking for trusted consultants to enhance the capability. Also, as organizations move forward on their digital journey the cybersecurity risk exposure is increasing and there is a huge demand for trusted privacy consultants. Our clients are overwhelmingly turning to EY for help and guidance on how to enhance the privacy and protect their assets, minimise business disruption and improve security.

The opportunity

We’re looking for looking for a Data Protection & Privacy (DPP) -Senior Consultant level to join our Risk Consulting team in GDS Kerala location. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.

Your key responsibilities

A large part of your role will be engagement delivery and provide support to various stakeholders across MENA region. We’ll expect you to deliver DPP engagements with very minimal supervision. We also expect you to support executives in development of proposals, presentations and other business development activities. You will be responsible for the delivering the requirements with quality of the DPP activities to our client.

You will have responsibility for;

• Delivering privacy engagements including development of privacy governance, risk and compliance activities, development of privacy policies and procedures in line with ISO27701, GDPR, CCPA.
• Knowledge in information security and hands-on experience with key components of cybersecurity consulting incl.:
  • Privacy assessments and road-mapping,
  • Privacy Transformation,
  • Privacy governance, risk and compliance,
  • Privacy Awareness,
  • Implementation experience on ISO 27701 end-to-end.
  • Experience in working independently or as part of a large team to delivery Privacy services on its own or within large complex projects.
  • Practical experience with conducting privacy risk assessments and testing of controls
  • Excellent analytical skills and knowledge of data analytics methods
  • Possession of the CISA, GPDR implementation, ISO 27701 LA certification or equivalent
• Conducting Privacy Impact Assessments, analyse and document assessments, work out questionnaires and standard documentation.
• Supporting the standardization of Risk and IT Control catalogues for regulatory compliance.
• Deploy processes and tools to help detect and prevent privacy breaches.
• Deploying Data leak prevention tools and implementation of endpoint protection.
• Extensive knowledge in GDPR regulation and its requirements. Supporting and guide our clients in adhering to the complex web of relevant national and international regulations.
• Ensuring a harmonized approach towards data protection and privacy by bringing together our client’s stakeholders (e.g. legal, compliance, risk, HR, security, business functions…).
• Assisting clients in privacy related incident response activities.
• Supporting the client’s team by acting as an interim team member (e.g. security officer, security manager, security analyst).
• Support the team with the development of proposals, presentations, etc.
• Contributing to the latest thought-leadership and industry research relating to cyber security
• Excellent interpersonal, written, verbal, communication, and presentation skills
• Excellent command in written and spoken English
• Experience in managing professional service project teams

Your role will broadly constitute 80% engagement delivery and 20% business development.

Skills and attributes for success

An existing track record of successful engagement delivery in data protection & privacy is expected of all candidates for this role. A Big 4 background or comparable consulting experience is highly advantageous. A broad background across DPP and security is expected with specific experience in two or more of the following areas, essential;

• At least 4-6 years of sound industry experience in one or more of the following areas: Privacy governance, assessment, remediation, policies, procedures, data retention concepts and Data Classification implementation knowledge,
• Familiar with GDPR regulatory requirements and other privacy regulations (MENA preferred)
• Security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27701, NIST, SANS etc.
• Data privacy, implementation of data protection / GDPR programmes to address confidentiality and security over customer, employee or patient data.
• Privacy awareness programmes, design and delivery of privacy awareness programmes to executive level or wider organisation
• Excellent command in written and spoken English
• Experience in managing professional service project teams

To qualify for the role, you must have

• A bachelor's or master's degree
• 6-9 years of experience in GDPR/ISO 27701/DPP implementation and knowledge in Data Privacy
• Certifications like ‘Certified Information Privacy Professional (CIPP)’ or ‘Certified Data Privacy Solutions Engineer’, GDPR implementation certified will be highly preferred
• Security related qualifications such as ISO 27001 LI/LA, ISO27701, CISA
• Excellent communication skills with consulting experience preferred
• A valid passport for travel.

What working at EY offers

You’ll need to be highly motivated, a self-starter and a strong communicator with the ability and experience to discuss technical content in business language to board level. You’ll also need to be a team player who is not only looking to enhance their own career but recognises the value in developing others and strengthening the team. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.