Data Protection & Privacy (DPP) Consultant (Manager) – Cyber Security

Job description / Role

DPP and Cyber Security are few of the most important risks facing businesses today. Organizations’ data protection & privacy capabilities were tested during COVID19 pandemic and organizations are looking for trusted consultants to enhance the capability. Also, as organizations move forward on their digital journey the cybersecurity risk exposure is increasing and there is a huge demand for trusted cybersecurity consultants. Our clients are overwhelmingly turning to EY for help and guidance on how to enhance the privacy and protect their assets, minimise business disruption and improve security.

The opportunity

At EY we have ambitious plans to expand our already market leading Cybersecurity practice. With investment secured, we continue to build our MENA based cyber practice and anticipate continued growth throughout the next five years. We need excellent people, across all grades, to join us and to be part of our exciting growth strategy.

EY is looking for a Data Protection & Privacy (DPP) Consultant (Manager level) to join our Cyber Security team in Riyadh, KSA. Saudi national candidates will be highly preferred.

Your key responsibilities

A large part of your role will be engagement delivery and provide support to executives for business development. We’ll expect you to lead and deliver DPP and cybersecurity engagements with very minimal supervision. We also expect you to support executives in development of proposals, presentations and other business development activities. You will be responsible for the delivery and quality of the final reports to our clients.

You will have responsibility for;

• Conducting Privacy Impact Assessments, analyze and document assessments, work out questionnaires and standard documentation.
• Supporting the standardization of Risk and IT Control catalogues for regulatory compliance.
• Deploy processes and tools to help detect and prevent privacy breaches.
• Deploying Data leak prevention tools and implementation of endpoint protection.
• Supporting and guide our clients in adhering to the complex web of relevant national and international regulations.
• Ensuring a harmonized approach towards data protection and privacy by bringing together our client’s stakeholders (e.g. legal, compliance, risk, HR, security, business functions).
• Assisting clients in privacy related incident response activities.
• Supporting the client’s team by acting as an interim team member (e.g. security officer, security manager, security analyst).
• Delivering cybersecurity engagements including development of cybersecurity strategy, cybersecurity governance, risk and compliance frameworks, development of cybersecurity policies and procedures in line with ISO 27001 and NCA ECC standards
• You will be required to develop work products and presentations in Arabic
• Support the cyber executives with the development of proposals, presentations, etc.
• Championing EY and the cyber security team, helping to attract and retain world-class talent
• Contributing to the latest thought-leadership and industry research relating to cyber security

Your role will broadly constitute circa 80% engagement delivery and 20% business development.