EY
Data Privacy and Protection Consultant
- Permanent
- Riyadh, Saudi Arabia
- Experience 2 - 5 yrs
Job overview
Date posted
16/09/2025
Location
Riyadh, Saudi Arabia
Salary
SAR 15,000 - 20,000 per month
Compensation
Salary only
Experience
2 - 5 yrs
Seniority
Experienced
Qualification
Bachelors degree
Expiration date
31/10/2025
Job description
EY is seeking a Data Protection & Privacy Consultant to join the Forensics & Integrity Services (FIS) team in Riyadh. The role involves managing and providing end-to-end support on data privacy and protection projects, keeping up to date with global compliance regulations, policies, and procedures. Responsibilities include managing client communications, delivering high-quality reports, assisting in engagement financials, and improving project efficiency. The consultant will support clients in areas such as data protection gaps, assessments, data mapping, classification, DPIA, RoPA, DSAR, target operating models, policies, procedures, and implementing data protection technologies.
Required skills
Key responsibilities
- Manage and provide end-to-end support on all data privacy & protection projects
- Stay up to date with global data protection compliance regulations, policies, and procedures
- Manage and lead client communications and provide regular status updates
- Ensure delivery of high-quality reports to the client
- Assist in managing financial aspects of engagements by organizing staffing, tracking fees, and communicating issues to project leaders
- Establish, maintain and strengthen internal and external relationships
- Actively contribute to improving operational efficiency on projects and internal initiatives
- Support and implement a broad range of clients on multiple data privacy & protection areas such as data protection gaps and maturity assessment, data mapping and classification, DPIA, RoPA, DSAR, policies, and procedures
- Implement data protection technology such as masking, encryption, pseudonymisation, or tokenisation
Experience & skills
- Bachelor’s degree and at least 3 years of related work experience
- Knowledge of designing and implementing Data Protection technologies
- Experience in privacy and security risk assessments
- Knowledge of data protection laws and regulations (International & GCC) and industry standards and frameworks
- Knowledge of core Information Security concepts related to Governance, Risk & Compliance
- Ability to understand client organisations and their business processes to tailor privacy requirements
- Effective communication skills with different stakeholders about data protection and privacy matters
- Technical architecture experience integrating data protection software into clients' infrastructure