Data Protection Specialist

IMPORTANT NOTICE: Please note that Closure Date and Time displayed above are based on date and time settings of your personal device

• FAO is committed to achieving workforce diversity in terms of gender, nationality, background and culture.
• Qualified female applicants, qualified nationals of non-and under-represented Members and person with disabilities are encouraged to apply;
• Everyone who works for FAO is required to adhere to the highest standards of integrity and professional conduct, and to uphold FAO's values
• FAO, as a Specialized Agency of the United Nations, has a zero-tolerance policy for conduct that is incompatible with its status, objectives and mandate, including sexual exploitation and abuse, sexual harassment, abuse of authority and discrimination　　
• All selected candidates will undergo rigorous reference and background checks
• All applications will be treated with the strictest confidentiality

Organizational Setting

The FAO Office of Evaluation intends to develop its comprehensive data governance framework, including policies, standards, procedures, guidelines and templates defining clear ownership, accountability, and oversight of data management practices. The tasks envisaged for this consultancy are to be carried out in compliance with the FAO Data Protection Policy and any corresponding internal rules and procedures. In this role, the Data Protection Specialist will develop basic foundation of the OED data governance function and design an action plan for the development of related data protection policies and standards in compliance with applicable organizational rules and regulations. The Data Protection Specialist will also train staff on the use of data governance procedures, tools and templates.

Reporting Lines

The position is located in the FAO Office of Evaluation (OED) at FAO headquarters in Rome, Italy. The primary function of the Data Protection Specialist is to lead the development of the data governance framework for the FAO Office of Evaluation under the overall supervision of the OED Director and the Data Governance Team Leader (Senior Evaluation Officer).

Technical Focus

Contribute towards the Organization's efforts to strengthen data protection in the context of its activities and operations.

Tasks and responsibilities

• Data governance framework. Lead the design of an action plan for establishing operational data governance framework for the FAO Office of Evaluation, based on the assessment of the current state of data protection and compliance with FAO Data Protection Policy. Develop initial drafts of required operational policies, standards, procedures, guidelines and templates defining clear ownership, accountability, and oversight of data management practices. The proposed framework should meet the highest quality standards and adhere to the FAO's Data Protection Policy, and the principles of fairness, integrity, responsibility, security, and transparency.
• Data protection. Lead the development of data protection systems, data inventories, privacy procedures, privacy risk assessments, and other data protection tools and processes to operationalize the Data Protection Policy, including data sharing agreements and consent forms, and in consultation with the FAO Data protection Unit. Ensure the highest standards of data security by designing and implementing adequate policies and procedures as well as robust access control measures, encryption, and other security protocols to protect against unauthorized access, use, disclosure, theft, or loss of OED data.
• Data quality monitoring. Develop procedures for regular monitoring and assessment of OED data to ensure its high quality (including accuracy, completeness, and consistency); this will include procedures to verify and validate data. Collaborate with OED focal points and other stakeholders to identify data requirements, data sources, and data quality issues.
• Data management. Establish an approach to maintain data management systems and databases, including required backups and security protocols, to ensure the security and availability of OED's data.
• Staff training. Develop and deliver training to OED staff and consultants on compliance with the Data Protection Policy and related procedures, the use of related tools and templates, data management and data quality assurance best practices.
• Liaise with the Data Protection Unit (DPU) and other relevant units in developing data protection operational procedures and guidance in the context of OED activities.
• As required, perform other functions related to data management and protection.

CANDIDATES WILL BE ASSESSED AGAINST THE FOLLOWING

Minimum Requirements

• University degree in a relevant discipline (such as, but not limited to, law, information science, business, public administration, records and information management, computer science, information systems, information technology);
• Seven (7) years of relevant experience in various data protection disciplines (such as, data protection and privacy policy, data protection laws, information governance, data ethics, privacy by design, information security and awareness, etc.);
• Working knowledge (proficient - level C) of English and limited knowledge (intermediate - level B) of another FAO official language (Arabic, Chinese, French, Russian or Spanish). For PSA, working knowledge of English.

FAO Core Competencies

• Results Focus
• Teamwork
• Communication
• Building Effective Relationships
• Knowledge Sharing and Continuous Improvement

Technical/Functional Skills

• Demonstrated knowledge of current good practices in data protection.
• Demonstrated expertise in matters relating to international data protection rules and practices in the UN system, as well as national or regional laws and practices.
• A working knowledge of how to design and implement a data protection policy and related programme, managing of data providers' requests and concerns, experience and knowledge on managing data breaches.
• Experience in leading training and raising awareness activities on data protection.
• Professional work experience must include the following: developing and implementing data protection policies, related guidelines and capacity development programmes; demonstrated understanding and application of data privacy laws;
• Experience conducting similar work for a large international corporation or international organization is required.
• Data protection certifications, such as Certified Information Privacy Professional (CIPP), Certified Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT) are considered an asset.

Please note that all candidates should adhere to FAO Values of Commitment to FAO, Respect for All and Integrity and Transparency