Manager - Cyber Security- Data Privacy and Protection Specialist
As part of our Cyber Technology Consulting team, you will lead and manage data privacy and protection engagements for clients across the MENA region. You will work closely with organizations to design and implement privacy frameworks, drive data protection strategies, ensure regulatory compliance, and embed privacy by design. Our clients span across industries, and this role involves close collaboration with cross-functional teams within Advisory services.
The opportunity
We are looking for Manager with deep expertise in data privacy regulations, frameworks, and technologies to join our Cybersecurity practice. This is a fantastic opportunity to help organizations build trust, ensure compliance, and protect sensitive personal and organizational data in today’s digital and regulatory landscape.
Your key responsibilities
Lead privacy and data protection programs including privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and data flow mapping exercises. Advise clients on regulatory compliance with privacy laws and standards such as GDPR, UAE Federal Decree Law No. 45, DIFC DP Law, ADGM DPL, Saudi PDPL, NDMO, and global cross-border data transfer requirements. Design and implement privacy governance frameworks, policies, and operating models aligned to business and legal requirements. Provide strategic guidance on Privacy by Design, Data Classification, Data Loss Prevention (DLP), Consent Management, and third-party data risk management. Evaluate and implement technology controls and tooling to support privacy goals (e.g., encryption, pseudonymization, anonymization, privacy-enhancing technologies). Oversee privacy audits, readiness assessments, and regulatory response planning. Collaborate with legal, compliance, information security, and data governance teams to align enterprise-wide data protection strategies. Design and deliver training sessions for employees on data privacy principles, policies, and best practices to foster a culture of privacy awareness within the organization. Evaluate and manage privacy risks associated with third-party vendors and partners, ensuring compliance with data protection agreements and standards. Handson experience in privacy management tools such as Securiti, OneTrust, and BigID etc. to automate data discovery, manage data subject requests (DSRs), and ensure compliance with data privacy regulations. Support breach notification processes and incident response with a privacy lens. Stay updated on evolving data privacy regulations and industry standards and assess their impact on the organization’s data protection practices. Manage client relationships, project delivery, resource allocation, and quality assurance. Manage engagement delivery, resourcing, quality assurance, and client satisfaction. Develop detailed reports, articulate technical findings, and deliver actionable recommendations to both technical teams and executive stakeholders. Manage multiple engagements, ensuring timely delivery, quality assurance, and adherence to industry best practices. Mentor and coach junior team members, fostering their technical and professional development.
Skills and attributes for success
Deep understanding of data protection regulations, global privacy trends, and emerging legislative requirements. Strong knowledge of privacy risk management, data lifecycle management, and data subject rights management. Ability to translate regulatory and legal obligations into actionable controls and policies. Familiarity with data protection technologies (e.g., DLP, CASB, encryption, tokenization, data masking). Strong project management, stakeholder communication, and report-writing skills. Excellent collaboration skills with legal, compliance, data, and technical stakeholders. Excellent communication, analytical, and problem-solving skills. Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other documents/templates. Ability to interpret complex technical results and present insights to business stakeholders. Excellent communication and collaboration skills
To qualify for the role, you must have
A bachelor's or master’s degree in information technology, cyber security etc. Excellent communication skills with a consulting mindset. 6-7years of experience in Data Privacy and Protection domain A valid passport for travel. Excellent communication skills with a consulting mindset.
Ideally, you’ll also have
Industry-recognized certifications such as CIPP/E, CIPP/M, CIPM, CIPT, CDPSE, or ISO 27701 Lead Implementer/Auditor. Experience working with privacy technology platforms and tools. Experience in sector-specific data protection requirements (e.g., healthcare, financial services, government).
What we offer
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
The exceptional EY experience. It’s yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.