Director - Tech Consulting Ernst & Young AE

We re looking for a visionary leader with deep expertise in data privacy and protection to join our Cyber Technology Consulting team. This is a unique opportunity to shape enterprise-wide privacy and protection programs, drive compliance with global and regional regulations, and be part of a leading firm helping clients build trust, resilience, and responsible innovation in a digital-first world.

Your key responsibilities

• Define and execute the vision, strategy, and growth plan for Data Privacy & Protection services.
• Lead large-scale programs for data privacy, governance, and regulatory compliance (e.g., GDPR, , PDPL, NDMO, CCPA, NCA, HIPAA, PCI DSS).
• Oversee the design and delivery of enterprise-wide data protection frameworks, including DLP, data classification, encryption, tokenization, and anonymization.
• Oversee data backup, recovery, and retention strategies.
• Advise boards and executive leadership on privacy risk, cross-border data transfers, third-party risk, and regulatory engagement.
• Drive development of privacy-by-design and security-by-design practices in digital transformation initiatives (cloud, IoT, AI, OT/ICS).
• Accountable for assigned accounts, client relationship management, account growth, revenue, timely project execution, invoice collection, and maintain margins etc.
• Collaborate with cross-functional practices (Cloud, SOC, IAM, Risk Advisory) to deliver integrated privacy and protection solutions.
• Represent the firm as a thought leader in privacy and protection at conferences, industry groups, and regulatory forums.
• Mentor and lead a regional team of privacy, data protection, and security professionals.
• Contribute to practice growth, P&L management, and business development through go-to-market strategies, proposals, and partnerships.

Skills and attributes for success

• Strong leadership with the ability to influence C-level executives, regulators, and industry bodies.
• Visionary approach to data privacy, governance, and protection in line with digital transformation and innovation.
• Deep technical and regulatory knowledge across data protection technologies, privacy laws, and compliance frameworks.
• Strong business acumen, with experience in revenue growth, pipeline management, and practice scaling.
• Excellent communication skills, with the ability to simplify complex regulatory and technical requirements into clear business insights.
• Proven ability to inspire, mentor, and grow multi-disciplinary teams.

To qualify for the role, you must have

• 12 15+ years of progressive experience in data privacy, protection, or cybersecurity, with at least 6+ years in a leadership role.
• Demonstrated track record in leading large-scale data protection and privacy transformation programs.
• Strong knowledge of global and regional regulations (GDPR, CCPA, PDPL, NDMO, NCA, HIPAA, PCI DSS, ISO 27701).
• Experience in implementing data protection solutions (DLP, encryption, key management, data discovery and classification tools).
• Bachelor s or master s degree in law, Cybersecurity, Computer Science, or related field.
• Relevant certifications such as CIPP/E, CIPP/M, CIPM, CIPT, ISO 27701 Lead Implementer, CISSP, CISM.

Ideally, you ll also have

• Experience advising governments, regulators, or industry bodies on data privacy and protection policy frameworks.
• Hands-on knowledge of cloud privacy and multi-jurisdictional data governance.
• Experience integrating AI/ML, advanced analytics, or emerging technologies into privacy and protection programs.
• Contributions to the privacy and security community (published research, speaking engagements, regulatory committees).
• Experience leading cross-border programs and global privacy transformations.
• Established a global network across privacy and cybersecurity communities for collaboration and innovation.