Associate Data Protection and Privacy Officer

Org. Setting and Reporting

The International Court of Justice is the principal judicial organ of the United Nations. It is composed of 15 judges, elected by the General Assembly and the Security Council. The Court has a twofold role: first, to settle, in accordance with international law, legal disputes submitted to it by States; and, second, to give advisory opinions on legal questions referred to it by duly authorized United Nations organs and specialized agencies. The Court is the only principal organ of the United Nations not serviced by the Secretariat. The Court has its own administration, the Registry, which provides judicial support to the Court and acts as a permanent administrative organ. The Registry is headed by a Registrar, elected by the Court. The incumbent is appointed by the Court upon the recommendation of the Registrar (Rules of Court, Art. 25). The position is located in the Information and Communication Technologies Division (ICT Division) of the Registry and reports directly to the Information Systems Officer (Cyber Security).

Responsibilities

The Associate Data Protection and Privacy Officer supports the Court’s data protection and privacy initiatives under the supervision of the Information Systems Officer (Cyber Security). The incumbent supports the Court’s data protection and privacy framework, ensuring that personal data and other sensitive information are handled in compliance with applicable international standards, including relevant United Nations regulations. Under the direct supervision of the Information Systems Officer (Cyber Security) and within the limits of delegated authority, the incumbent will be responsible for the following duties: Supports the implementation of data protection and privacy policies • Contributes to the implementation and periodic review of the Court’s data protection and privacy policies in accordance with applicable standards and internal regulations. • Contributes in the development and application of procedures for the secure classification, handling, storage and sharing of sensitive judicial and administrative data. • Maintains data inventories, data transfer documentation, impact assessment records, breach documentation and related registers. • Supports the analysis of data processing activities and assists in identifying potential risks and appropriate safeguards. • Conducts data mapping exercises to document data processing activities and ensure completeness of records. • Manages responses to data breaches, including investigation, documentation, and timely reporting. Supports compliance monitoring and risk assessment activities • Conducts periodic compliance reviews of data protection practices and internal procedures, under supervision. • Performs data protection impact assessments and documents identified risks and recommended safeguards. • Maintains up-to-date records of processing activities in line with applicable standards and internal guidelines. • Contributes to the preparation of reports on compliance status and identified areas for improvement. Supports training and awareness activities • Develops and delivers training materials and awareness sessions on data protection policies and operational guidance. • Promotes a culture of responsible data handling across the Court through communication and guidance. • Provides guidance to departments on the application of privacy-by-design principles in coordination with the Information Systems Officer (Cyber Security). • Keeps up to date with developments in data protection practices and contributes to the review of related internal documentation. Provides operational and coordination support • Works closely with ICT team members to support the integration of data protection measures into enterprise systems and processes. • Contributes to projects involving data protection, ensuring timely input and documentation. • Contributes to continuous review and improvement of data management practices. • Collaborates with internal stakeholders to support data protection efforts across the organization. • Deputizes for the Information Systems Officer (Cyber Security) when required. • Performs other related duties as assigned.

Competencies

Professionalism: Knowledge of data protection standards, data lifecycle, and privacy-enhancing technologies.Familiarity with international data protection frameworks and ISO 27701. Strong analytical skills. Ability to communicate complex data privacy concepts clearly. Shows pride in work and in achievements. Demonstrates professional competence and mastery of subject matter. Is conscientious and efficient in meeting commitments, observing deadlines and achieving results. Is motivated by professional rather than personal concerns. Shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work. Communication: Speaks and writes clearly and effectively. Listens to others, correctly interprets messages from others and responds appropriately. Asks questions to clarify, and exhibits interest in having two-way communication. Tailors language, tone, style and format to match the audience. Demonstrates openness in sharing information and keeping people informed. Teamwork: Works collaboratively with colleagues to achieve organizational goals. Solicits input by genuinely valuing others’ ideas and expertise; is willing to learn from others. Places team agenda before personal agenda. Supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position. Shares credit for team accomplishments and accepts joint responsibility for team shortcomings. Planning and organizing: Develops clear goals that are consistent with agreed strategies. Identifies priority activities and assignments; adjusts priorities as required. Allocates appropriate amount of time and resources for completing work. Foresees risks and allows for contingencies when planning. Monitors and adjusts plans and actions as necessary. Uses time efficiently. Client orientation: Considers all those to whom services are provided to be “clients” and seeks to see things from clients’ point of view. Establishes and maintains productive partnerships with clients by gaining their trust and respect. Identifies clients’ needs and matches them to appropriate solutions. Monitors ongoing developments inside and outside the clients’ environment to keep informed and anticipate problems. Keeps clients informed of progress or setbacks in projects. Meets timeline for delivery of products or services to client.

Education

An advanced university degree (Master’s or Doctorate degree, or equivalent) in law, business, public administration, computer science, information management, social sciences, or related fields is required. A first-level degree (Bachelor’s degree or equivalent) in the specified fields of studies with two additional years of relevant work experience may be accepted in lieu of the advanced university degree.

Job - Specific Qualification

Relevant certifications such as CIPP, CIPM, ISO 27701 Lead Implementer, Microsoft Security are desirable.

Work Experience

A minimum of two years of progressively responsible experience in data protection and privacy, including its development and implementation, is required. Experience in developing and implementing data protection and privacy programmes for international organizations is desirable. Experience conducting data risk assessments, maintaining data inventories, and ensuring compliance with data protection standards is required. Experience collaborating with ICT teams on data classification, privacy safeguards, and secure data handling is desirable. Experience delivering training on data protection and promoting data privacy awareness is desirable. Experience in data governance, data mapping, and data impact assessments within a complex organizational environment is desirable. Experience supporting a data protection program and working with ISO/IEC 27701 for Privacy Information Management is desirable.

Languages

Assessment

The assessment of qualified candidates will include written tests and a competency and/or knowledge-based interview.

Special Notice

The position to be filled is an established temporary post, which will be funded until December 2027. The successful candidate will be offered a fixed-term appointment until 31 December 2027. The Court is an equal opportunity employer and encourages all candidates, irrespective of gender, nationality, religious and ethnic backgrounds, including persons with disabilities, to apply to become a staff member. The selected candidate may be subject to security clearance, including verification of the information provided and a criminal record check. All candidates should be prepared to submit an electronic copy of their passport and all diplomas listed on their profile when requested. The Registrar reserves the right not to appoint any candidate to the post, or to appoint one at a lower level or on the basis of a modified job description. Applications that are found by the Court to meet the vacancy announcement criteria may be added to a reserve list in case a similar vacancy arises in the future. Depending on professional background, experience and family situation, a competitive compensation and benefits package is offered. The Court's salaries are calculated in US dollars but paid in euros. They consist of a basic salary and a post adjustment which reflects the cost of living in the Netherlands and the euro/dollar exchange rate. In addition, the Court offers an attractive benefits package including 30 days of annual leave, home travel every two years, an education grant for dependent children, a pension plan and subsidized medical insurance. If the selected candidate is a staff member from an organization applying the United Nations Common System of Salaries and Allowances, the provisions of the Inter-Organization Agreement concerning Transfer, Secondment or Loan shall apply.

United Nations Considerations

In accordance with the ICJ Staff Regulations and Rules, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity. Candidates will not be considered for employment with ICJ if they have committed violations of international human rights law, violations of international humanitarian law, sexual exploitation, sexual abuse, or sexual harassment, or if there are reasonable grounds to believe that they have been involved in the commission of any of these acts. Candidates who have committed crimes other than minor traffic offences may not be considered for employment. Applicants are urged to carefully follow all instructions available in the online recruitment platform, Inspira. For more detailed guidance, applicants may refer to the Manual for the Applicant, which can be accessed by clicking on "Manuals" hyper-link on the upper right side of the Inspira account-holder homepage. The evaluation of applicants will be conducted based on the information submitted in the application according to the evaluation criteria of the job opening and the applicable Staff Regulations and Rules, administrative issuances, and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications according to the instructions provided in Inspira to be considered for the current job opening. No amendment, addition, deletion, revision, or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to reference checks to verify the information provided in the application. Job openings advertised in Inspira will be removed at 11:59 p.m. (New York time) on the deadline date.

No Fee

ICJ does NOT charge any fees or request money from candidates at any stage of the recruitment process, nor does it concern itself with bank account details of applicants. Requests of this nature allegedly made on behalf of ICJ are fraudulent and should be disregarded.