Here at EY, you’ll have the chance to build a truly exceptional experience. We’ll empower you with the latest technology, surround you with high-performing teams, and provide the global scale and diverse and inclusive culture you need to discover your full potential. Through our coaching and training programs, you’ll develop the skillsets you need to stay relevant today and in the future – all while building a network of colleagues, mentors, and leaders who will be on the journey with you at EY and beyond.
The opportunities: your next adventure awaits
Your responsibilities
You will be mainly in charge of:
- Performing and reviewing various Data Protection Impact Assessments ("DPIA") including advising on privacy by design and by default requirements.
- Ensuring firm’s compliance with privacy and data protection related laws and regulations (GDPR, AI acts, Digital acts, etc.) and providing support to the Data Protection Officer in its day-to-day duties.
- Identifying and evaluating EY Luxembourg's data processing activities and helping in maintaining the firm's data protection related registers up to date.
- Handling requests made by data subjects/individuals exercising their rights under GDPR;
- Preparing and implementing various appropriate GDPR/Data Protection guidelines, policies and notices;
- Assisting in case of data breach/incident;
- Assisting on Data Processor Agreement matters;
- Raising awareness and providing Management and staff training regarding GDPR and privacy regulations;
- Assisting in proactively designing risk mitigations strategies, procedures and guidelines adapted to emerging privacy, AI and cybersecurity threats, market industry developments and regulatory changes.
What we look for
- You have an agile, growth-oriented mindset.What you know matters. But the right mindset is just as important in determining success. We’re looking for people who are innovative, can work in an agile way and keep pace with a rapidly changing world .
- You are curious and purpose driven.We’re looking for people who see opportunities instead of challenges, who ask better questions to seek better answers that build a better working world.
- You are inclusive.We’re looking for people who seek out and embrace diverse perspectives, who value differences, and team inclusively to build safety and trust.
- You hold a bachelor’s or master’s degree in law, compliance or information technology with strong fields of expertise in data protection, privacy matters, new technologies laws and/or on data management, cybersecurity or new technologies including AI science.
- You have between 2 and 5 years of relevant professional experiences.
- You have a thorough understanding of GDPR as well as knowledge in other privacy and cybersecurity related regulations.CIPP/E, CIPM is an asset but is not compulsory.
- You are fluent in English. Any other language skills such as French or German or Luxembourgish will be considered as an asset (but it is not compulsory).
- You demonstrate excellent writing, communication and presentation skills.
- You show well established organizational, problem-solving and prioritization skills.
- You are willing to learn and develop yourself on an ongoing basis.
- You appreciate working in a highly dynamic & international environment.
What’s in it for you
- Accelerate your technical capabilities and transformative leadership skills with future-focused courses and development programs.
- Broaden your horizons by working on highly integrated teams across the globe and collaborate with people of diverse backgrounds — both professionally and culturally.
- Bring out the best in yourself with continuous investment in your personal well-being and career development.
- Develop your own personal purpose and help us create a positive ripple effect on our teams, our business, clients and society – building a better working world, together.
What you can expect
- Technical interview with Business Hiring Manager