Our global data protection team is seeking a qualified data protection lawyer to be the GDS Privacy Leader. The GDS Privacy Leader will advise on and coordinate data protection matters for the Global Delivery Services (GDS) locations.
The global data protection team is responsible for the implementation of EY’s privacy compliance program, which include Binding Corporate Rules. The team works closely with all parts of the business on data protection matters.
The GDS are various service delivery centers from which EY Client Service and Enablement Services teams operate to deliver strategic support to EY member firms. GDS spans all geographies, practices, services lines, sectors and competencies within EY to deliver deeply-integrated services that result in efficient and world-class solutions.
As the GDS data protection leader you will be responsible for the implementation of EYs data protection compliance framework across the GDS centers in Poland, India, China, Argentina and the Philippines. You will be working closely with the other members of the global data protection team, EY Regional/Local Privacy Leaders as well as (internal and external) data protection resources in the GDS locations.
Essential functions of the job:
- Implement EY’s privacy compliance program (including EY’s Binding Corporate Rules) in GDS;
- Communicate effectively and consistently with key stakeholders (GDS management, GDS Data Protection Officer, General Counsel’s Office, Risk Management, Talent, IT and Service Line representatives);
- Lead and build a team of data protection resources in the GDS jurisdictions;
- Raise awareness among GDS staff regarding the importance of compliance with data protection regulations and EY’s own privacy compliance program;
- Identify legal and regulatory risks surrounding data protection issues in the GDS jurisdictions and implement solutions to mitigate such risks;
- Conduct Data Protection Impact Assessments (PIAs) for applications and processes that support the GDS business;
- Handle requests from individuals and complaints under applicable data protection legislation;
- Manage the data breach process for all GDS locations and cooperate with other EY Privacy Leaders to assess whether breaches have to be notified;
- Escalate to the Global Privacy Leader, GDS Data Protection Officer and GDS management any significant compliance issues and plans for their resolution, as well as implications of local data protection regulations applicable in the GDS jurisdictions;
- Provide general support to the global data protection team.
Knowledge, competency and skill requirements:
- Must be legally qualified and holding a practicing certificate in the jurisdiction to which the candidate is located in;
- Minimum of 5 years of relevant experience in a Legal role (proven experience in the field of data protection and the implementation of a privacy compliance program such as the drafting of policies, privacy notices, conducting PIAs, dealing with data breaches etc.);
- Expert knowledge in EU data protection legislation (specifically the GDPR) and ideally familiarization with the legislation of one or more other GDS jurisdictions;
- Ideally, internationally recognized privacy certification, such as CIPP/E and CIPM;
- Strong leadership and project management skills, ability to lead a (virtual) team of data protection resources in the GDS locations;
- Excellent command of the English language;
- Sensitivity to intercultural contacts and communication.
Application Submission Information: