At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
The Global RM: Area Data Risk Leader is an experienced data protection professional or a compliance professional with data protection experience and a passion for technology and data risk. Comfortable with operational implementation of data risk best practise across business functions and geographical locations, and able to drive delivery across multiple projects within a data risk program. Personal integrity, independence, self-discipline and self-motivation are all key attributes, as well as being a natural collaborator and able to work within a cross-functional team. A good working knowledge and exposure to working with data protection regulatory frameworks and other legislation.
Your key responsibilities, as the Area RM: Data Risk Leader you will:
Take a leading role in driving the cross-functional implementation of global data risk program initiatives within local teams in the Area, to drive consistency and efficiency in data risk response, develop leading practise and coordinate strategic activity. Including: Enhancing local Data Protection processes and guidance; Data landscape, inventory, ROPA and classification; Data incident response and remediation; Data risk compliance and monitoring; Definition and implementation of appropriate guardrails for the use and reuse of data. Supporting Security and Information Security projects to prevent and detect the misuse of data; Evaluating, monitoring and driving regional/country level data risk maturity (including review off associated resourcing requirements and supporting recruitment/onboarding/training of teams). Leverage deep understanding of local data risk priorities and requirements, to ensure these are well represented within global data risk initiatives. Be the go-to thought leader in data risk for the Area, confident in engaging Risk and Business Leaders in the data risk initiatives, trends and requirements. Coordinate and shape local strategy, prioritisation and delivery to ensure data risk approaches continue to mature across the Area. Implement global data risk initiatives to evaluate and respond to data risk within the “First Line of Defence” – supporting EY professionals across Service Lines and within central teams to understand their accountabilities and comply with data protection standards. Coordinate and champion the Data Risk community within the Area and set the tone-at-the-top for data risk activities, including maintaining regular communication and awareness opportunities. Maintain effective collaborative relationships with, and provide data risk expertise to, allied functions in the Area including GCO, Information Security, Technology, and Risk. Provide specialist support to Area and Regional Risk Leaders on data risk topics, including regular planned communication and specific interventions that are responsive to the needs of the business. Provide SME and Area direction to global data risk program initiatives, such as development of global training courses.
Key skills for success as the Global RM: Area Data Risk Leader:
Deep knowledge of data protection (including regulatory frameworks and implementation), information security and/or data governance best practises. Proven track record of delivery, leading programmes that are cross-functional and cross-border. Effective and engaging communication, including the confidence to influence and inspire local leadership teams across business functions. Professional curiosity to explore a complex and dynamic risk landscape. Organisation, prioritisation and agility to respond in operational or project roles.
Key Relationships:
Global Data Protection Leader Area Data Protection Leaders (GCO) Global Data Protection Team (Global PIA Leader, GDS Data Protection Leader) Global TARP team Global RIM Leader Area Risk Leader Area Data Protection GCO Lead Regional Data Protection Leads (RM & GCO) Regional Risk Leaders & identified POCs for data risk. Area InfoSec & Security
Primary Focus:
Cascade down: Maintain understanding & insight into Global DP RM strategy & activities – communicate these effectively across key relationships. Ensure local leaders and teams are aware of, prepared for, and able to execute global initiatives with consistency. Feedback Up: Maintain deep understanding of local requirements within DP RM, including operational challenges, risk appetite and regulatory requirements, to ensure these are well represented in global proposals and initiatives. Implement/Operationalise: Support the Implementation global DP RM initiatives through Regional Data Protection Leads (RM & GCO) and Regional Risk Leaders. Including: Identifying where local leaders should train, engage or recruit to ensure sufficient capability and capacity to manage data risk. Launch and implementation of global data standards or guidance – and facilitate the development of local equivalents where required. Coordinate and champion the evaluation of local data risk in ERM. Ensuring local assessments of data risk are responsive to the needs and risk appetite of the business. For example by promoting consistency of response across local DP teams on key topics. Implement local processes to manage data risk across the engagement lifecycle (including PACE & Data Risk Calculator) by engaging local leaders in global roadmap. Ensure local processes are established or enhanced to respond to key Data Risk topics such as VDD, ROPA, and Incidents. Ensure appropriate management for local risk mitigation activities (eg Data Oversharing)
Notes:
Global RM: Area Data Risk Leaders may participate in the design or development of global DP RM projects as required. Global RM: Area Data Risk Leaders should manage escalations and enquiries from Local DP Leads as required – with a focus on developing capability/capacity within Local or Regional Leads to respond effectively, and by ensuring appropriate connections are made to other members of the Global DP Network. Support for the progression of global PIA evaluations, Attestor completion and Data Subject Rights requests to be provided to GCO DP Area Leaders in EMEIA and APAC.
What we offer
As part of this role, you'll work in a highly integrated, global team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
Please apply to this role only through the ‘Apply’ link (not through the local office). Your application will then be routed to the appropriate recruiting team.
The exceptional EY experience. It’s yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.