Data Protection and Privacy Supervising Associate - Technology Reviews

Location:

Anywhere in Country

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.

Ethics, Compliance, and Risk Management (ECRM) supports our people in managing the risks that arise during our daily working lives. We work closely with all parts of the organization to identify, manage and monitor risk, providing coordinated advice and assistance on independence, conflicts, compliance, regulatory, policy, security issues, as well as dealing with claims and any queries regarding ethics.

We are operating in an increasingly connected world that is changing how to manage risk. With fast‑paced technological advancements, new innovations within emerging technologies, and an ever‑challenging regulatory environment, it is business critical for our organization to identify not only the risks but the opportunities these present to us. As a Data Protection & Privacy Supervising Associate, you will support processes within the Ethics, Compliance, and Risk Management (ECRM).

Our brand depends on it. It’s all part of our long‑term commitment to building a better working world and in return, you can expect plenty of opportunities to take on new responsibilities and develop your career.

• Help to drive compliance with legal and regulatory requirements as part of technology development and deployment at EY via interfacing with technology teams and performing data protection due diligence activities around systems/technology (i.e., Data Protection/Privacy Impact Assessments (PIAs)), vendors, and business processes.
• Interpret data protection and privacy laws and policies, determine required actions to standard and non‑standard situations, and make recommendations based on firm guidance, professional standards, subject matter expertise, and acquired experience.
• Conducting data protection due diligence reviews of systems and technologies including Artificial Intelligence (AI) solutions to enable EY compliance with legal/regulatory, EY firm, and EY client data protection and privacy requirements.
• Conducting business process assessments and developing and maintaining EY confidential and personal information inventory, in partnership with EY internal functions and service lines, to understand the types of information that require protection and to fulfil data protection regulatory requirements (e.g., Records of Processing Activities (ROPA)).
• Managing vendor due diligence reviews to assess data protection and privacy risks and ensure appropriate contractual, security, and data handling controls are in place.
• Collaborating with various functions across the organization, such as EY’s Information Security, Technology Risk Management, Service Line Quality, Talent, and members of the business to maintain visibility over technology deployment pipelines and to design and implement Data Protection by Design controls in order to protect confidential/personal information.
• Leading and supporting cross‑functional data protection projects to strengthen operational processes and enable scalable compliance across the Americas.
• Creating reports on various data protection compliance activities to be delivered to key program stakeholders, including senior leaders within the organization.
• Documenting, conducting, and assisting others with investigations of data incidents (i.e., instances of loss, theft, or inappropriate disclosure of confidential/personal information); collaborating with clients, internal functions, and EY service lines to understand root cause, assess impact, and develop remediation plans.
• Continuously maintaining and expanding knowledge of field of expertise and communicating new developments and resulting impact to program stakeholders and team members.

• Strong verbal and written communication skills
• Solid understanding of relevant firm business and area wide data protection issues and concerns
• Strong…