By continuing to browse this site, you agree to our use of cookies. Read our privacy policy

Consultant: Senior Data Protection and Compliance Specialist (International)

Beirut (Lebanon)

  • Organization: UNRWA - United Nations Relief and Works Agency for Palestinian Refugees
  • Location: Beirut (Lebanon)
  • Grade: Consultancy
  • Occupational Groups:
    • Information Technology and Computer Science
    • Documentation and Information Management
    • Refugee rights and well-being
  • Closing Date: 2021-09-30

Click "SAVE JOB" to save this job description for later.

Sign up for free to be able to save this job for later.

Consultant: Senior Data Protection and Compliance Specialist




UNRWA will be modernizing its Refugee Registration Information System (RRIS) to align with updated international standards for civil registration to ensure unhindered, secure, and protected access to UNRWA’s services. This entails the creation of an individual client-based registration system with an integrated online portal for secure access to and updating of registration records by clients that will constitute the master database for all UNRWA service provision and verification of service eligibility. The current system holds the active files of 5.7 million Palestine refugees and 0.7 million other service eligible persons. The system will re-organize existing registration files to link these with historic archival records and prepare the same for an online platform making available documentation for publicly accessible documentation on displacement of Palestine refugees from 1948 to date. The project will be guided by a team of civil registration and data protection experts and implementation of the new system design is foreseen through an external IT service provider.


Legacy RRIS was developed in C# .NET, ASP.NET and SQL Server.  



The consultant will be responsible for translating the new approach to refugee registration, as conceptualized by the Relief and Social Services Department’s Registration and Eligibility Division by assessing the current Refugee Registration Information System (RRIS) data privacy and protection functions to ensure compliance with international regulations and best practices.  

Under the direct supervision of the Head of Information Security Office, and the overall supervision of the Chief Information Officer (CIO) and Director of the Information Management and Technology Department (IMTD), in close collaboration with the Relief and Social Services Department (RSSD), and within the framework of the activities of the modernization of RRIS, the consultant will work closely with other project stakeholders to undertake the following activities: 

  • Lead the development and implementation of data privacy governance framework for RRIS, to manage data in compliance with applicable international data protection regulations, including developing policies and standards for online registration and identity verification systems;
  • Serve as the primary contact and liaison for RRIS data protection related matters; coordinating with applicable internal and external stakeholders when compelled by applicable protection regulations, under the supervision of the Information Security Office;
  • Work with key internal stakeholders in the review of projects, related data, and agreements to ensure compliance with local and international data privacy, and where necessary, complete and advise on privacy impact assessments;
  • Review staffing responsibilities regarding the data protection of refugees and improve the current framework;
  • Coordinates implementing data protection consent forms for refugees to access online registration and verification platforms;
  • Review vendor contracts and consents needed to implement RRIS related projects in collaboration with the organization’s Legal and Procurement departments, and under the supervision of the Information Security Office;
  • Draft new and amend existing internal data protection policies, guidelines, and procedures, in consultation with key stakeholders and under supervision of the Information Security Office;
  • Participates in the Data and Information Technology Governance Committees when requested;
  • Support the Information Security Office and IMTD raising awareness and providing staff training for any employees involved in activities related to data processing and data protection compliance;
  • Undertake other tasks, as requested.



  • An advance University degree from an accredited educational institution in Computer Science, Information Technology, and related fields. Data Protection and/or Privacy certification and auditing such as, but not limited to, CISA, CIPP, CIPT and ISEB highly recommended. 
  • At least six years of progressively responsible experience developing policy and compliance frameworks; demonstrated understanding and application of data privacy laws; and experience in conducting data protection impact assessments; of which at least two years outside of the candidate’s home country or a country in which the candidate has a permanent residence.  
  • Understanding the environment in which business operates and associated data protection risks.
  • Experienced in the operational application of data privacy laws, including data breaches.
  • Familiarity with state-of-the-art information security systems.
  • Excellent written and spoken English. Knowledge of Arabic is an advantage.
  • Experience with working in a team on complex projects and against tight timelines.



  • Understanding of humanitarian and development contexts including prior programme or project management experience
  • Understanding of civil registration systems and processes
  • Familiarity with Information Security and cybersecurity frameworks and industry standards
  • Familiarity with Project Management and ITIL frameworks


  • Analyzing
  • Planning and Organizing
  • Creating and Innovating
  • Learning and Researching
  • Coping with Pressure and Setbacks



  • The incumbent will be based in Beirut.
  • The duration of the consultancy is 6 months with possibility of extension subject to availability of funds. 


  • Remuneration:


  • Remuneration for this consultancy will be at an equivalent of P4 level of international staff salary scale
  • Remuneration will depend on qualifications and experience of the candidate.
  • One and a half day annual leave days per month. 



Applicants should submit a cover letter and CV or UN Personal History Form demonstrating clearly the knowledge and experience required to meet the consultancy requirements, indicating the title of this consultancy “SENIOR DATA PROTECTION AND COMPLIANCE SPECIALIST” in the subject line of the message. The deadline for the submission of applications is 30/09/2021.


UNRWA is an equal opportunity employer and welcomes applications from both women and men. UNRWA encourages applications from qualified women. Only those applicants shortlisted for interview will be contacted.  UNRWA is a non-smoking environment.




We do our best to provide you the most accurate info, but closing dates may be wrong on our site. Please check on the recruiting organization's page for the exact info. Candidates are responsible for complying with deadlines and are encouraged to submit applications well ahead.
Before applying, please make sure that you have read the requirements for the position and that you qualify.
Applications from non-qualifying applicants will most likely be discarded by the recruiting manager.
Having problems applying by email?

When clicking the apply button, your email client should open as a separate programme (if you are using Outlook, Mail, Thunderbird, or similar), or in a different tab in your browser (if you are using GMail or similar).
If nothing happens when clicking the button, please open your email client, start a new email, and copy the following email into the to field:

What does it mean?

Click "SAVE JOB" to save this job description for later.

Sign up for free to be able to save this job for later.