Data Protection Lawyer - Manager - Risk Management (Permanent) - Belfast
EY
Data Protection Lawyer – Manager - Risk Management, CBS (Permanent)
Within the professional services environment, the application of risk management procedures is fundamental to the successful delivery of our client services and promotion of our brand. Risk management encompasses the technical support and processes which underpin the delivery of service quality, contain the threat of litigation, limit damage to our reputation and seek to achieve full fee recovery.
The Data Protection team is responsible for supporting the UK firm in the execution of and compliance with Global, Regional and local data protection laws and regulations, policies and procedures and the development, maintenance, communication and training of key data protection policies, providing advice on complex matters and monitoring the application of these policies. The Data Protection team sits within the Central Risk Management team consisting of a Risk Management Partner, Chief Compliance Officer, a Financial Crime Director, a Compliance Director, Data Protection Officer and supporting managers and associates.
The Opportunity
At Ernst & Young ("EY"), the Risk Management (RM) group is responsible for the promotion and support of risk management within the business. RM's aim is to uphold our business standards, maintain and enhance the value of the firm, and ensure that the UK&I firm complies with the rules and regulations imposed either by external regulators or by Ernst & Young Global in relation to the conduct of our business.
There is a vacancy at Manager level for a Data Protection Lawyer to support the Lead Data Protection Lawyer (Associate Director) and the business in complying with all relevant DP legislation.
Your Key Responsibilities
You will enjoy a challenging workload, supporting the business via the prompt delivery of pragmatic, adaptable and commercial legal and compliance advice. You will ensure the firm’s compliance with applicable privacy legislation, currently the UK General Data Protection Regulation; the Data Protection Act 2018; and the Privacy and Electronic Communications Regulations.
You will be specifically responsible for:
- Advising on:
- The implementation of data transfer solutions including the UK and EU Data Transfer Agreements and Transfer Risk Assessments following the Schrems II ruling by the CJEU;
- Data subject access requests, complaints, certain employee investigations and data breach incidents;
- Government contracts, in particular reviewing internal risk review elevation papers;
- Products and services that are data and tech driven (e.g., AI) including accompanying legislation and relevant privacy impact assessments (PIAs); and
- Use of third parties (suppliers/vendors) to support client work and internal operations.
- Ability to establish rapport with DPO Office (DPO, Deputy DPO), General Counsel Office (GCO), InfoSec, and senior stakeholders. Working day-to-day with Paralegal and Lead DP Lawyer.
- Advising, drafting and negotiating data protection terms within contracts, master service agreements, complex framework agreements and tenders.
- Providing legal advice to the firm’s service lines, in particular:
- The privacy implications of new and emerging technologies and services;
- The rights of data subjects, notably within the employment context; and
- The implications of upcoming legislative and political developments, such as the EU AI Act.
- Reviewing and updating internal policies and procedures.
- Responding to daily queries from the business on data protection.
Skills and attributes for success
- Ability to provide clear and practical legal advice and support with a high degree of professionalism;
- Strong team player with excellent negotiation and communication skills;
- Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels;
- Ability to plan, organise and prioritise tasks and projects;
- Ability to remain calm, controlled and resilient in a fast and pressurised environment; and
- Commercial acumen.
To qualify for the role you must have
- Approximately 3 years of post-qualification legal experience, with strong data protection knowledge
Ideally, you’ll also have
- CIPP/E Data Privacy qualification
What we look for
You will be an experienced Data Protection lawyer with the ability to work within a complex matrix organisation.
What working at EY offers
We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Additionally, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. Our flexible working arrangements can help you to achieve a lifestyle balance.
About EY
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.
Apply now.