EY Risk Management - Privacy & Data Protection 

Canada, Ontario, Toronto 

627387829

The risks in today’s disruptive environment are increasingly multifaced and evolve faster than ever before. We’re also continuously evolving the ways we proactively manage risk to address the risk environment of tomorrow. EY Canada’s Risk Management (RM) function is responsible for the management of a variety of risks associated with regulation, data protection, client and engagement acceptance, conflicts and independence.

Your key responsibilities

• Support and promote compliance with various data protections laws and regulations and EY policies and processes, including responding to queries from EY personnel.
• Perform activities related to privacy impact assessments, vendor due diligence, access requests, privacy notices, client questionnaires, data restrictions in contracts, etc.
• Individual will be required to provide appropriate and effective solutions and to consistently provide high-quality risk-appropriate advice to professionals.
• Measure and monitor the effectiveness of tools and processes, conduct regular monitoring and reporting, solicit feedback from stakeholders and recommend improvements.
• Provide direct support to the Privacy and Data Protection Leader.
• Work with EY Global functions, other EY member firms, and local stakeholders to implement global policies, processes and tools within Canada. Manage other special projects on an as needed basis.
• Support specialty practice areas in their compliance with specific data requirements.
• Develop and deliver training to new hires and professional personnel, as required, and deploy data protection awareness campaigns on a regular basis.

Skills and attributes for success

• Knowledge of federal and provincial privacy laws in Canada (including CASL and Law 25) and a keen interest in privacy trends in Canada and abroad.
• Knowledge of GDPR and CCPA (California) would be an asset.
• A law degree would be an asset but not required.
• Certification in privacy disciplines such as CIPP/C, CIPM, or CIPT recommended
• Minimum five years’ experience in a privacy or compliance function, with experience in policy, incident response, privacy impact assessments, consultations, reviews, etc.
• Knowledge of the services provided by a multidisciplinary professional services firm
• Knowledge of the French language an asset but not required
• Organizational skills, dedication to teamwork, time-management, strong communication skills (both oral and written), willingness to educate and train others, ability to manage multiple tasks and changing priorities, strong analytical and reasoning skills, attention to detail
• Excellent interpersonal and communication skills coupled with the ability to deal with confidential information discreetly and to handle difficult and demanding situations
• Strong knowledge and understanding of client service
• Familiarity with risk management and compliance and ability to understand policies and provide guidance on related matters
• Ability to work in a busy, deadline driven environment focused on accuracy and confidentiality
• Ability to solve problems and use sound judgment
• Flexibility to adapt to a rapidly evolving privacy landscape.

What we offer

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you