Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead global data protection initiatives and manage incident response processes.
- Company: Join EY, a global powerhouse committed to building a better working world.
- Benefits: Flexible work environment, world-class training, and diverse team culture.
- Why this job: Shape the future of data protection while making a real impact globally.
- Qualifications: Qualified lawyer with 6-8 years of data protection experience and strong GDPR knowledge.
- Other info: Opportunity for career growth in a dynamic, inclusive workplace.
The predicted salary is between 48000 - 72000 ÂŁ per year.
Location: London
Our global data protection team is seeking a qualified data protection lawyer to advise on and coordinate data protection matters, in particular, to oversee and run the Global Record of Processing Activities (RoPA) Inventory as well as coordinate the Global Incident Response (IR) Process. This involves overseeing a team who are responsible for completing and maintaining EY’s Global RoPA and integration of Privacy Impact Assessment (PIA) records and Third Party Vendor Due Diligence (VDD) data as well as coordinating the work of other resources and EY’s Global Delivery Service (“GDS”) involved in the Global Incident Response Process.
The global data protection team is responsible for the implementation and transformation of EY’s privacy compliance program, which includes Binding Corporate Rules. The team works closely with all parts of the business on data protection matters, including both personal data privacy and the protection of client and EY confidential information.
Opportunity
As the Global Legal Counsel – Data Protection RoPA and Incident Response, you will be responsible for overseeing the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response (IR) process. You will be working closely with business stakeholders, the other members of the global data protection team, and EY Regional/Local Privacy Leaders as well as data protection resources in EY’s GDS locations in India, Argentina, Philippines and Poland.
Key Responsibilities
- Oversee EY’s global Data Protection program for Records of Processing Activities (ROPA) process and the management of Global Incident Response process.
- Manage the ROPA program which includes an intake process to meet the requirements of Article 30 GDPR to record all processing activities in a centrally managed inventory.
- Support the optimization of the ROPA process to work efficiently within the global EY organization as part of an overall data protection management platform and adapt to new regulatory frameworks such as for AI technologies.
- Work and collaborate with Regional and Country DP Leaders to adapt and integrate local RoPA activities into the Global RoPA.
- Collaborate with key stakeholders to update, implement, and maintain IR methodology as part of the global DP program.
- Communicate the Global IR plan to Member Firms, provide training, and support overall preparedness e.g. through planning and conducting of table top exercises.
- Lead the overall IR policy improvement and process alignments in the Global IR process.
- Manage a variety of internally and externally triggered global incidents in coordination with Member Firms, Information Security, and our business Service Lines.
- Communicate effectively and consistently with key stakeholders.
- Work with a team of data protection resources globally throughout EY.
- Collaborate with team efforts to raise awareness among EY personnel globally regarding the importance of compliance with data protection regulations and EY’s own privacy compliance program.
- Identify / flag legal and regulatory issues surrounding IR and related data protection issues and provide appropriate legal advice / work to implement related solutions.
- Escalate to the Chief Privacy Officer and Global DPO any significant incidents, related issues, and plans for their resolution, including as applicable implications of local data protection regulations as aligned with local counsel.
- Provide general support to the global data protection team.
Skills and attributes for success
- Must be legally qualified and holding a current practicing certificate;
- Between 6-8 years of relevant experience either in private legal practice or an in‑house role (including proven experience in the field of data protection in cross‑border situations (including advising on complex matters such as incident response, DPIAs, etc.));
- Solid knowledge in EU data protection legislation (specifically the GDPR) and ideally familiarity with the legislation of one or more other jurisdictions;
- Ideally, internationally recognized privacy certification, such as CIPP/E and CIPM;
- Experience in conducting internal investigations, and in particular data breach response investigations preferred, but not required.
- Excellent command of the English language;
- Sensitivity to intercultural contacts and communication.
What we offer you
At EY, we’ll develop you with future‑focused skills and equip you with world‑class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams.
Are you ready to shape your future with confidence? Apply today.
To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability‑related adjustments or accommodations you may need.
Global Legal Counsel - Data Protection, Assistant Director in London employer: Ernst & Young Advisory Services Sdn Bhd
Contact Detail:
Ernst & Young Advisory Services Sdn Bhd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Global Legal Counsel - Data Protection, Assistant Director in London
✨Tip Number 1
Network like a pro! Reach out to current or former employees at EY through LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
✨Tip Number 2
Prepare for the interview by knowing your stuff! Brush up on GDPR regulations and EY’s data protection initiatives. Show them you’re not just a lawyer, but a passionate advocate for data privacy.
✨Tip Number 3
Practice your responses to common interview questions. Think about how your experience aligns with the role of Global Legal Counsel. We want to hear how you’ve tackled challenges in data protection before!
✨Tip Number 4
Don’t forget to follow up after your interview! A quick thank-you email can leave a lasting impression. It shows you’re genuinely interested in the position and appreciate their time.
We think you need these skills to ace Global Legal Counsel - Data Protection, Assistant Director in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in data protection and incident response. We want to see how your skills align with the specific responsibilities mentioned in the job description.
Showcase Relevant Experience: When detailing your work history, focus on your experience with GDPR and any cross-border data protection matters. We’re looking for solid examples that demonstrate your expertise in these areas.
Be Clear and Concise: Keep your application straightforward and to the point. Use clear language to convey your qualifications and avoid jargon unless it’s relevant to the role. We appreciate clarity as much as you do!
Apply Through Our Website: Don’t forget to submit your application through our official website. It’s the best way for us to receive your details and ensures you’re considered for the role. We can’t wait to hear from you!
How to prepare for a job interview at Ernst & Young Advisory Services Sdn Bhd
✨Know Your GDPR Inside Out
Make sure you brush up on your knowledge of the GDPR and other relevant data protection laws. Be prepared to discuss how these regulations impact the role, especially in relation to Records of Processing Activities (RoPA) and Incident Response processes.
✨Showcase Your Team Leadership Skills
Since this role involves overseeing a team, be ready to share examples of your leadership experience. Talk about how you've successfully managed teams in the past, particularly in high-pressure situations like incident responses.
✨Prepare for Scenario-Based Questions
Expect questions that put you in hypothetical situations related to data breaches or compliance issues. Think through your approach to resolving these scenarios, as it will demonstrate your problem-solving skills and legal acumen.
✨Communicate Clearly and Confidently
Effective communication is key in this role. Practice articulating complex legal concepts in simple terms, as you'll need to explain data protection matters to various stakeholders. Confidence in your delivery can make a big difference!
