Apply now »

Cyber Security Consultant - Data Protection & Privacy (DPP)

Location:  Amman
Other locations:  Primary Location Only
Salary: Competitive
Date:  30-Dec-2021

Job description

Requisition ID:  281401

DPP and Cyber Security are few of the most important risks facing businesses today.  Organizations’ data protection & privacy capabilities were tested during COVID19 pandemic and organizations are looking for trusted consultants to enhance the capability. Also, as organizations move forward on their digital journey the cybersecurity risk exposure is increasing and there is a huge demand for trusted cybersecurity consultants. Our clients are overwhelmingly turning to EY for help and guidance on how to enhance the privacy and protect their assets, minimise business disruption and improve security.


The opportunity


At EY we have ambitious plans to expand our already market leading Cybersecurity practice.  With investment secured, we continue to build our MENA based cyber practice and anticipate continued growth throughout the next five years.  We need excellent people, to join us and to be part of our exciting growth strategy.


EY is looking for a Data Protection & Privacy (DPP) Consultant (Senior Consultant/Assistant Manager/Manager level) to join our Cyber Security team in our Jordan Resource Hub based in Amman. While the role will be based in Amman, it will require extensive client related travel across the GCC and other parts of MENA region (at least 50-80%).


Your key responsibilities


A large part of your role will be engagement delivery and provide support to executives for business development.  We’ll expect you to lead and deliver DPP and cybersecurity engagements with very minimal supervision. We also expect you to support executives in development of proposals, presentations, and other business development activities. You will be responsible for the delivery and quality of the final reports to our clients. 


You will have responsibility for;


  • Lead Privacy Impact Assessments, analyze and document assessments, work out questionnaires and standard documentation.
  • Supporting the standardization of Risk and IT Control catalogues for regulatory compliance.
  • Deploy processes and tools to help detect and prevent privacy breaches.
  • Deploy Data leak prevention tools and implementation of endpoint protection.
  • Supporting and guide our clients in adhering to the complex web of relevant national and international regulations.
  • Ensure a harmonized approach towards data protection and privacy by bringing together our client’s stakeholders (e.g. legal, compliance, risk, HR, security, business functions…).
  • Assist clients in privacy related incident response activities.
  • Supporting the client’s team by acting as an interim team member (e.g. security officer, security manager, security analyst).
  • You will be required to develop work products and presentations in Arabic
  • Support the cyber executives with the development of proposals, presentations, etc.
  • Championing EY and the cyber security team, helping to attract and retain world-class talent
  • Contributing to the latest thought-leadership and industry research relating to cyber security


Your role will broadly constitute circa 80% engagement delivery and 20% business development.


Skills and attributes for success


An existing track record of successful engagement delivery in data protection & privacy and cyber security is expected of all candidates for this role.  A Big 4 background or comparable consulting experience is highly advantageous.  A broad background across DPP and security is expected with specific experience in two or more of the following areas, essential;


  • At least 2-8+ years of sound industry experience in one or more of the following areas: Data Protection and Privacy, privacy governance, assessment, remediation, policies, procedures, and classification, data retention concepts, access control for leading ERP/CRM systems, self-developed tools, data bases and data warehouses
  • Security policies and procedures, design and implementation of security policies, procedures, standards, and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.
  • Data privacy, implementation of data protection / GDPR programmes to address confidentiality and security over customer, employee, or patient data.
  • Cyber awareness programmes, design, and delivery of cyber security awareness programmes to executive level or wider organisation
  • Excellent command in written and spoken English
  • Experience in managing professional service project teams
  • Willingness to travel




  • Certifications like ‘Certified Information Privacy Professional (CIPP)’ or ‘Certified Data Privacy Solutions Engineer’ will be highly preferred
  • Security relation qualifications such as ISO 22301 LI, CBCI / CBCP, CISSP, CISM, ISO27001 lead implementer or auditor, etc.


What we look for


You’ll need to be highly motivated, a self-starter and a strong communicator with the ability and experience to discuss technical content in business language to board level.   You’ll also need to be a team player who is not only looking to enhance their own career but recognises the value in developing others and strengthening the team.


What we offer

We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:

  • Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
  • Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
  • Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
  • Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.


If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

EY | Building a better working world


EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.


Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.


Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Apply now »