Work for the IMF. Work for the World.
The International Monetary Fund (IMF) is an organization of 191 member countries, working to foster global monetary cooperation, secure financial stability, facilitate international trade, promote high employment and sustainable economic growth, and reduce poverty around the world.
To strengthen its personal data privacy framework, the IMF is hiring a Data Privacy Specialist with strong knowledge of privacy laws and regulations and proven experience in managing privacy risks in large International Financial Institutions (IFI). Reporting to the Chief Data Privacy Officer, this role will collaborate with staff across the IMF in areas such as information security, procurement, human resources, communications and legal, to identify and mitigate privacy risks. The Data Privacy Specialist will advance the IMF’s privacy program and offer expert guidance on privacy risks, especially those related to new technologies and data uses.
About the Data Privacy Office (DPO)
The DPO is an independent, second line risk function, mandated to oversee the protection and responsible use of personal data across the IMF. Its core mission is to promote a culture of privacy awareness, ensure institutional compliance with internal privacy rules, and manage personal data privacy risks.
Major Duties and Responsibilities
1. Privacy Risk Advisory and Compliance
Provide expert guidance on privacy risks and internal privacy rules.
Integrate privacy risk management into IMF operations.
Conduct privacy impact assessments; identify and recommend mitigation measures.
Evaluate procurement and third-party agreements; draft data protection safeguards.
Manage personal data breaches, including impact analysis, recommendations on notification, and after-action reporting.
Address data subject requests and complaints with relevant departments.
Advise on cross-departmental initiatives to align with privacy standards.
2. Privacy Framework Development and Risk Monitoring
Regularly review and update the IMF’s data privacy framework to align with its risk appetite and global standards.
Benchmark privacy practices in international organizations for ongoing improvement.
Develop metrics to monitor privacy risks, incidents, and mitigation effectiveness.
3. Training and Awareness
Represent the DPO on Fund committees, including the Committee on Responsible AI, and at external events.
Contribute to the development of risk-based privacy training for staff, managers, and project teams.
Promote privacy awareness through targeted initiatives.
Provide expert input to enhance understanding of privacy risks from emerging technologies and data use.
The Data Privacy Specialist is also expected to provide support to the CDPO as and when needed.
Minimum Qualifications
Educational development, typically acquired by the completion of an advanced university degree, or equivalent, in Law, Information Security, Public Policy, Internal Relations, Data Governance, or a related field, supplemented by a minimum of four (4) years of relevant work experience, is required. Alternatively, a minimum of two (2) years of experience in a related position at Grade A10, or equivalent, is required.
In addition, the ideal candidate will possess the following:
Understanding of global data protection laws and privacy standards, including GDPR, CCPA, and frameworks relevant to International Financial Institutions and private sector entities operating across jurisdictions.
Proven experience providing guidance on privacy and data protection issues within International Financial Institutions.
Demonstrated ability to develop, implement, and enhance privacy governance programs in International Financial Institutions.
Proven experience advising on privacy risks in procurement processes, AI systems, personal data breaches and international data transfers.
Experience managing or responding to privacy audits, regulatory assessments, and internal compliance reviews across varied regulatory contexts.
Strong skills in drafting policies, interpreting legal and regulatory frameworks, and communicating with both legal and technical audiences.
Ability to operate with strategic focus, influencing privacy risk management decisions across diverse institutional or corporate settings would be a strong plus.
Professional certification in relevant areas such as (CIPP/E, CIPM, AIGP, etc.) is highly desirable
Strong knowledge of the IMF’s policies and procedures.
Proven ability to collaborate with others, initiate action plans, manage change, make impactful decisions, and complete challenging assignments.
Ability to quickly understand systems, situations, pressures, and culture within an International Financial Institution to identify potential risks and how to best achieve business goals with these obstacles.
Strong spoken and written interpersonal skills that can articulate complex technical privacy ideas to non-technical stakeholders and colleagues.
Ability to work through business challenges consistently and effectively through collaboration and transparency.
This vacancy shall be filled by a 3-year Term appointment in accordance with the Fund’s new employment rules that took effect on May 1, 2015.
Department:STAAI PO Statistics Department Immediate Office Data Privacy Office
Hiring For: A11, A12
The IMF is guided by the principle that the employment, classification, promotion, and assignment of staff shall be made without discrimination against any person. We welcome requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process.