Global Legal Counsel - Data Protection, Assistant Director
Join to apply for the Global Legal Counsel - Data Protection, Assistant Director role at EY
At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.
The opportunity
As the Global Legal Counsel – Data Protection RoPA and Incident Response, you will oversee the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response (IR) process. You will work closely with business stakeholders, the global data protection team, EY Regional/Local Privacy Leaders, and data protection resources in EY’s GDS locations.
Your Key Responsibilities
* Oversee EY’s global Data Protection program for the RoPA process and the management of the Global Incident Response process.
* Manage the ROPA program, including an intake process to meet Article 30 GDPR requirements for centrally managed inventory.
* Support optimization of the ROPA process to work efficiently within the global EY organization and adapt to new regulatory frameworks such as AI technologies.
* Collaborate with Regional and Country DP Leaders to integrate local RoPA activities into the Global RoPA.
* Collaborate with key stakeholders to update, implement, and maintain IR methodology as part of the global DP program.
* Communicate the Global IR plan to Member Firms, provide training, and support overall preparedness, including planning and conducting tabletop exercises.
* Lead overall IR policy improvement and process alignment in the Global IR process.
* Manage a variety of globally triggered incidents in coordination with Member Firms, Information Security, and business Service Lines.
* Communicate effectively and consistently with key stakeholders.
* Work with a global team of data protection resources.
* Collaborate to raise awareness among EY personnel globally about compliance with data protection regulations and EY’s privacy compliance program.
* Identify and flag legal and regulatory issues surrounding IR and related data protection issues, providing appropriate legal advice and implementing related solutions.
* Escalate significant incidents and related issues to the Chief Privacy Officer and Global DPO, including implications of local data protection regulations.
* Provide general support to the global data protection team.
Skills And Attributes For Success
* Legally qualified and holding a current practising certificate.
* 6–8 years of relevant experience in private legal practice or an in‑house role, including complex data protection matters such as incident response and DPIAs.
* Solid knowledge of EU data protection legislation (specifically GDPR) and familiarity with other jurisdictions’ legislation.
* Internationally recognised privacy certification such as CIPP/E or CIPM.
* Experience conducting internal investigations, preferably data breach response investigations.
* Strong project management skills.
* Excellent command of the English language.
* Sensitivity to intercultural contacts and communication.
What We Offer You
At EY, we’ll develop you with future‑focused skills and equip you with world‑class experiences. We’ll empower you in a flexible environment and fuel your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more.
Are you ready to shape your future with confidence? Apply today.
To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability‑related adjustments or accommodations you may need.
Location: London, England, United Kingdom
Seniority level: Mid‑Senior level
Employment type: Full‑time
Job function: Legal
Industry: Professional Services
Referrals increase your chances of interviewing at EY by 2x
#J-18808-Ljbffr