Org. Setting and ReportingThe United Nations Office of Data Protection and Privacy (the “Office”) was established by the Secretary-General as an independent Secretariat unit. In accordance with Secretary-General's bulletin ST/SGB/2024/1, the functions of the Office include: providing support to the Secretariat to ensure the respect for data protection and privacy in the use and processing of personal data by the Secretariat, consistent with the United Nations mandates, including through the provision of effective oversight, coordination, and guidance on the implementation of the Secretariat data protection and privacy programme, in close collaboration with other relevant departments and offices of the Secretariat (the “Data Protection and Privacy Programme”). The Data Protection and Privacy Officer will be responsible for performing data protection and privacy tasks in support of the work of the Office of Data Protection and Privacy and report to the Chief Data Protection and Privacy Officer. ResponsibilitiesWithin delegated authority, the Data Protection and Privacy Officer will be responsible for the following duties: • Provide support to the Chief Data Protection and Privacy Officer to operationalize the Secretariat data protection and privacy programme and facilitate day-to-day implementation of data protection and privacy related activities. • Review processing of relevant data and inform the Chief Data Protection and Privacy Officer and Head of Entity regarding data protection and privacy policy compliance. • Support the development and maintenance of a centralized reporting mechanism for the purpose of receiving and recording requests for information from individuals concerning the processing of their personal data by the Organisation. • Liaise with data focal points on a regular basis to strengthen collaboration and promote coherence and harmonization of data protection and privacy across the UN System. • Provide support to the Chief Data Protection and Privacy Officer and Head of Entity to ensure compliance with relevant regulations, rules, policies, and practices concerning the purposes, content, use, and means of data processing, including maintaining data inventories, managing data breaches, capacity development, and capturing lessons learned and knowledge sharing. • Assess and monitor data protection and privacy risks in partnership with relevant offices and departments. • Assist in monitoring activities and in meeting reporting obligations on matters related to data protection and privacy, including relevant bodies and committees. • Proactively identify issues of general concern and provide recommendations to strengthen the relevant data protection and privacy regulations, rules, procedures, and policies in place. • Support entities on data mapping exercises to determine the content, purposes, and means of the processing of data, as well as any mitigation measures, and maintaining a repository of data processing activities. • Support entities on data impact assessments, identify safeguards such as technical and organisational measures to apply to mitigate any risks to the rights and interests of the data subjects and determine whether or not the data impact assessment has been correctly carried out and its conclusions are in compliance with relevant regulations, rules, policies and practices. • Support the development of procedures for the management of data breaches, including notifications to data subjects, and work with OICT on data breach management within information systems. • Support OICT, as needed, in developing data protection and privacy-by-design approaches, including in the setting of technical standards, as well as in the procurement of Privacy Enhancing Technologies (PETs), to ensure Secretariat-wide compliance with the Data Protection and Privacy Policy throughout the lifecycle of the data processing in information systems. • Support activities aimed at building capacity of staff on data protection and privacy, including development of trainings for staff members and other personnel. • Manage and coordinate the activities of the team, including hiring, training, assigning tasks and responsibilities, and ensuring that deadlines are met. • Perform other duties as assigned Competencies• Professionalism: Knowledge of data protection and privacy standards. Knowledge of privacy by design-related concepts and methodologies. Knowledge of data privacy and security risk management concepts, methodologies, and best practices. Skills to communicate complex and technical matters to diverse audiences, orally and in writing. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work. • Teamwork: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others’ ideas and expertise; is willing to learn from others; places team agenda before personal agenda; supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings. • Planning & Organizing: Develops clear goals that are consistent with agreed strategies; identifies priority activities and assignments; adjusts priorities as required; allocates appropriate amount of time and resources for completing work; foresees risks and allows for contingencies when planning; monitors and adjusts plans and actions as necessary; uses time efficiently. EducationAn advanced university degree (Master's degree or equivalent degree) in law, business, public administration, computer science, information management, social sciences, or a related field. A first-level university degree in combination with qualifying experience may be accepted in lieu of the advanced university degree. Job - Specific QualificationAn internationally recognized active certification in information privacy management and technology is desirable. Work ExperienceA minimum of five years of progressively responsible experience in the area of data protection and privacy or similiar areas is required Experience working on recognized data protection and privacy principles, best practices, and methodologies is required. Experience working on governance, risk, and compliance tools to support data privacy programmes is desirable. LanguagesEnglish and French are the working languages of the United Nations Secretariat. For the post advertised, fluency in English is required. Knowledge of a second official UN language is desirable. AssessmentEvaluation of qualified candidates may include an assessment exercise which may be followed by competency-based interview. Special NoticeAt the United Nations, the paramount consideration in the recruitment and employment of staff is the necessity of securing the highest standards of efficiency, competence and integrity, with due regard to geographic diversity. All employment decisions are made on the basis of qualifications and organizational needs. The United Nations is committed to creating a diverse and inclusive environment of mutual respect. The United Nations recruits and employs staff regardless of gender identity, sexual orientation, race, religious, cultural and ethnic backgrounds or disabilities. Appointment or assignment against this position is for an initial period of one year. The United Nations Secretariat is committed to achieving 50/50 gender balance and geographical diversity in its staff. Female candidates are strongly encouraged to apply for this position. For this position, applicants from the following Member States, which are unrepresented or underrepresented in the UN Secretariat as of 31st August 2024, are strongly encouraged to apply: Angola, Belize, Democratic People's Republic of Korea, Dominica, Equatorial Guinea, Grenada, Guinea-Bissau, Kiribati, Lao People's Democratic Republic, Liechtenstein, Marshall Islands, Nauru, Palau, Papua New Guinea, Qatar, Sao Tome and Principe, Timor-Leste, Tuvalu, United Arab Emirates, Vanuatu, Andorra, Antigua and Barbuda, Bahrain, Brunei Darussalam, China, Cuba, Germany, Hungary, Indonesia, Israel, Japan, Kuwait, Libya, Malta, Micronesia (Federated States of), Monaco, Oman, Panama, Paraguay, Republic of Korea, Saint Lucia, Saint Vincent and the Grenadines, Saudi Arabia, Singapore, Solomon Islands, Somalia, Turkmenistan, United States of America. Pursuant to section 7.11 of ST/AI/2012/2/Rev.1, candidates recruited through the young professionals programme who have not served for a minimum of two years in the position of their initial assignment are not eligible to apply to this position. United Nations ConsiderationsAccording to article 101, paragraph 3, of the Charter of the United Nations, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity. Candidates will not be considered for employment with the United Nations if they have committed violations of international human rights law, violations of international humanitarian law, sexual exploitation, sexual abuse, or sexual harassment, or if there are reasonable grounds to believe that they have been involved in the commission of any of these acts. The term “sexual exploitation” means any actual or attempted abuse of a position of vulnerability, differential power, or trust, for sexual purposes, including, but not limited to, profiting monetarily, socially or politically from the sexual exploitation of another. The term “sexual abuse” means the actual or threatened physical intrusion of a sexual nature, whether by force or under unequal or coercive conditions. The term “sexual harassment” means any unwelcome conduct of a sexual nature that might reasonably be expected or be perceived to cause offence or humiliation, when such conduct interferes with work, is made a condition of employment or creates an intimidating, hostile or offensive work environment, and when the gravity of the conduct warrants the termination of the perpetrator’s working relationship. Candidates who have committed crimes other than minor traffic offences may not be considered for employment. Due regard will be paid to the importance of recruiting the staff on as wide a geographical basis as possible. The United Nations places no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. The United Nations Secretariat is a non-smoking environment. Reasonable accommodation may be provided to applicants with disabilities upon request, to support their participation in the recruitment process. By accepting a letter of appointment, staff members are subject to the authority of the Secretary-General, who may assign them to any of the activities or offices of the United Nations in accordance with staff regulation 1.2 (c). Further, staff members in the Professional and higher category up to and including the D-2 level and the Field Service category are normally required to move periodically to discharge functions in different duty stations under conditions established in ST/AI/2023/3 on Mobility, as may be amended or revised. This condition of service applies to all position specific job openings and does not apply to temporary positions. Applicants are urged to carefully follow all instructions available in the online recruitment platform, inspira, and to refer to the Applicant Guide by clicking on “Manuals” in the “Help” tile of the inspira account-holder homepage. The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the evaluation criteria of the job opening and the applicable internal legislations of the United Nations including the Charter of the United Nations, resolutions of the General Assembly, the Staff Regulations and Rules, administrative issuances and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications according to the instructions provided in inspira to be considered for the current job opening. No amendment, addition, deletion, revision or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to reference checks to verify the information provided in the application. Job openings advertised on the Careers Portal will be removed at 11:59 p.m. (New York time) on the deadline date. No FeeTHE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.
This vacancy is archived.