EY Saudi Data Protection Officer DPO - Riyadh 

Saudi Arabia, Riyadh Region, Riyadh 

908596869

Your key responsibilities

• Informing and advising us and our personnel with respect to our obligations under the Saudi Personal Data Protection Law and other regional data protection provisions
• Monitoring all EY Saudi firms’ compliance with the Saudi Personal Data Protection Law, the regulations of Ernst & Young Global Limited insofar as they relate to the protection of personal data and any other applicable policies in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of our staff, and conducting and/or arranging for internal audits as appropriate
• Working and cooperating with our designated supervisory authority and serving as the contact point for the supervisory authority on issues relating to the processing of personal data
• Being available to respond to inquiries from data subjects on issues relating to data protection practices and data subjects’ rights, including withdrawal of consent, the right to be forgotten, and related rights.
• Develop and deliver personal data protection training courses and presentations
• Assisting in the developing and monitoring of local procedures for personal data breach handling and being available as a first point of contact to assist with responding to any breaches of personal data, including assessing whether the data breach must be notified to supervisory authorities and/or data subjects
• Contribute to the development of data breach response plans and prepare periodic reports regarding EY activities related to the processing of personal data
• Keeping up-to-date your in-depth knowledge of the Saudi Personal Data Protection Law (and any other future variants), including guidance issued by supervisory authorities and relevant legal decisions that may impact our processing of personal data. You are responsible for arranging through EY any necessary subsequent training required under the law
• Notifying EY if you become aware of a conflict between your duties as Saudi DPO and any additional tasks and duties you fulfil or if those additional tasks and duties
• Lead on the completing and maintaining of ROPA (record of processing activities) for all EY Saudi business operations in line with retention policy
• Following up on regulatory documents issued by the competent authority related to the protection of personal data, including any amendments, and inform the relevant departments to ensure compliance
• Providing support and advice to those responsible for developing and operating modern technological systems to ensure compliance with the requirements of the Saudi Law and its Implementing Regulations
• Provide direct support and advice to EY KSA partners, briefing them of their responsibilities and ensuring they are compliant to their requirements as leaders of all our Saudi member firms
• Assist the EY MENA Region Data Protection team in the monitoring of data handling, client confidentiality, awareness campaigns and data breach response
• Assist the EY MENA Region DPO and Data Privacy Team in conducting privacy assessments and reviews, and implementation of data privacy regulations across the region. Cooperating with GCO and RM on relevant local, regional and global projects and initiatives
• Assist with preparation for, and coordination of, practice inspections by external regulators and EY’s Global Internal Audit team;
• Manage or participate in other risk management projects as required
• Other duties as assigned.

Skills and attributes for success

• Strong analytical, critical thinking and problem-solving skills with the ability to apply conceptual framework to new and unique situations
• Excellent IT, business writing, communication and presentation skills
• Ability to work in a busy, deadline driven environment and meet unexpected internal, regulatory or client demands
• Can work independently, showing initiative to handle multiple tasks simultaneously
• Honesty and integrity having not been convicted or involved in any dishonest incident or breach of trust
• A high level of confidence in dealing and briefing senior executives and challenging situations

To qualify for the role you must have

• 5+ years of experience in a data protection, data privacy or a legal function with data protection experience
• Have appropriate academic qualifications and experience in the field of Personal Data Protection
• Experience of operating in a large international or Saudi business in risk management, data protection, internal compliance or legal function

What we look for

Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident leader equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization.

What we offer

We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:

• Continuous learning:You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you:We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership:We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.