Data Protection Consultant

The Information Security team is responsible for establishing, maintaining, and continually improving UNICEFs cybersecurity program, to ensure the confidentiality, integrity, and availability of UNICEF’s digital assets. In order to fully design and support the roll-out of the UNICEF data protection programme, including responsible standards for the handling of sensitive non-personal data, and address the related elements of UNICEFs cybersecurity program, UNICEF CDO and UNICEF Information Security need to hire a data protection and privacy technology expert with strong experience on the intersection of data protection, information security and technology.

• The consultant is expected to support the implementation of the Policy worldwide, with specific focus on the development of the tools, systems and guidance developed as part of the data protection programme by UNICEF CDO in collaboration with ICTD Information Security. To carry out this work, the Chief Data Office is seeking out the support of a consultant with the following objectives:
• Facilitate the implementation of data protection impact assessments by divisions and offices.
• Enable offices and divisions to conduct a data mapping in line with the policy and maintain a record of processing activities to track compliance and manage high risks.
• Increase the transparency of UNICEF’s exposure to risks and the implementation status of the data protection programme.
• In collaboration with ICTD Information Security, develop guidance and tools to improve UNICEF’s and partners’ technology and processes for the secure and privacy compliant collection, use, transfer and deletion of sensitive data.
• In collaboration with ICTD Information Security, align the UNICEF personal data breach procedure with the ICTD security incident procedure.
• Development of a UNICEF position on data harvesting technologies

Qualifications:

Education:

• Masters degree in Data protection and privacy law, data science, computer science or other related field

Work experience:

• At least 7 (seven) years of working experience in privacy technology or personal data protection and privacy with a strong expertise in information security and technology in practice and training
• Good understanding of national and international data protection laws, such as GDPR, and their technical implementation
• Experience in conducting and guiding non-technical staff on data protection impact assessments.
• Good understanding of the challenges of artificial intelligence, big data and data protection and privacy and trends in reconciling them
• Experience in developing easily understandable guidance notes or contractual language on complex technical matters.

Source:  https://jobs.unicef.org/cw/en-us/job/570930