Senior Consultant - Cybersecurity GRC & Data Privacy - Tech Consulting - EY Mauritius

What if we didn’t focus on who you are now, but who you could become?

Here at EY, you’ll have the chance to build a truly exceptional experience. We’ll empower you with the latest technology, surround you with high-performing teams, and provide the global scale and diverse and inclusive culture you need to discover your full potential. Through our coaching and training programs, you’ll develop the skillsets you need to stay relevant today and, in the future, – all while building a network of colleagues, mentors, and leaders who will be on the journey with you at EY and beyond.

The exceptional EY experience. It's yours to build.

The opportunity: your next adventure awaits

Technology has transformed how organizations operate, introducing new opportunities while amplifying risks related to cybersecurity, governance, and data protection. In this rapidly evolving environment, maintaining digital trust requires not only protecting information assets but also demonstrating accountability, regulatory compliance, and sound risk management practices.

Our Cybersecurity capability offer Governance, Risk and Compliance (GRC), and Data Privacy Consulting Services are designed to help organizations strengthen their security posture, align with regulatory expectations, and enable resilient business operations. We assist clients in understanding emerging threats, managing cyber and privacy risks, and implementing frameworks that balance security, compliance, and performance.

As a Senior Consultant, you will play a key role in advising clients on how to design, assess, and implement cybersecurity and privacy governance programs. You will be involved in activities such as:

Your key responsibilities

• Cybersecurity Governance and Framework Implementation

• Develop and implement cybersecurity governance frameworks aligned to NIST, ISO 27001, CIS Controls, or other recognized standards.
• Define and operationalize security policies, procedures, and control frameworks
• Assess current maturity levels and develop target operating models for cybersecurity and GRC.



• Risk Management and Compliance Advisory

• Conduct cybersecurity and IT risk assessments, control design reviews, and compliance evaluations.
• Support the development of risk management methodologies, risk registers, and key risk indicators.
• Assist clients in achieving and maintaining compliance with relevant regulations and standards (e.g., GDPR, POPIA, ISO 27001, PCI DSS).

• Data Privacy and Protection Services

• Design and implement privacy governance programs and data protection controls
• Perform privacy impact assessments (PIAs) and data protection impact assessments (DPIAs).
• Develop privacy policies, consent frameworks, and data subject rights management processes.

• Cybersecurity and Privacy Assurance

• Support internal audits, compliance testing, and control effectiveness assessments.
• Review third-party and vendor security practices to identify gaps and recommend improvements.
• Provide independent assurance on cybersecurity and privacy controls to client stakeholders.

• Incident Preparedness and Response Support

• Advise clients on cyber incident response governance and data breach management processes.
• Assist in defining roles, escalation protocols, and regulatory notification requirements.
• Support post-incident reviews and lessons-learned reporting.

• Training and Awareness

• Design and deliver cybersecurity and privacy awareness programs.
• Build organizational capability and foster a culture of compliance and security accountability.

Skills and attributes for success

• Ability to efficiently understand client organizations and their business model and to tailor relevant processes to privacy requirements
• Communicate effectively with different stakeholders (e.g., business, legal, IT, security…) about data protection and privacy matters
• Have an analytical mindset, strive for quality and can work in a result-oriented environment

To qualify for the role, you must have

• A recognized university degree in information technology, or other relevant discipline with 2-3 years of working experiences, preferably in the consulting space or industry
• Approximately 2-5 years of experience working will be an advantage.
• Prior experience with relevant cybersecurity frameworks, data protection and privacy regulations, industry standards and frameworks
• Possession of relevant qualifications such as ISO 27001 Lead Auditor / Lead Implementer, CISA, CIPT, CIPP/E and or CISSP as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)²) will be an advantage
• Strong written and verbal communication skills and presentation skills

Ideally, you’ll also have

• Prior experience as part of a cybersecurity or data protection team.

What we look for

Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.

What we offer

EY offers a competitive remuneration package where you’ll be rewarded for your individual and team performance. We are committed to being an inclusive employer and are happy to consider flexible working arrangements. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

What you can expect

• Submit your CV, ID and fully up-to-date academic transcripts when applying
• Only shortlisted candidates can expect to be invited for an in person or video interview with one of our dynamic Recruiters

Apply today

We encourage you to apply early to get the best opportunity to secure an offer to join EY.  #BetterBeginsNow

EY will recommend applicants to read our privacy statement prior to completing the pre application form above: https://www.ey.com/en_gl/privacy-statement

Join us in Shaping The Future With Confidence. Apply now

Only shortlisted candidates will be contacted.