Overview
Contribute to the development, implementation, and continuous improvement of WFP’s Data Protection, Privacy, and Emerging Technologies governance frameworks. Provide specialized technical guidance on data protection, privacy, AI systems, and digital solutions.
Key Responsibilities
- Develop, implement and operationalize Data Protection and Privacy policies, governance mechanisms, procedures and tools.
- Design, enhancement, and continuous improvement of governance frameworks/ directives, guidelines, and governance mechanisms covering privacy, AI systems and digital tools.
- Conduct legal research and documentation activities.
- Provide expert advice on Data Protection and Privacy, AI, digital solutions, PETs.
- Assess digital platforms, AI models, and automated decision-making systems.
- Operationalize elements of WFP’s Data Protection and Privacy Program.
- Facilitate alignment of emerging technology initiatives with WFP’s privacy standards.
- Coordinate with HQ divisions, regional bureaus and field offices.
- Prepare and/or review Data Protection and Privacy agreements.
- Develop and deliver training, awareness materials, and guidance.
- Conduct and oversee Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), AI Risk Assessments, and algorithmic impact evaluations.
- Perform any other related duties as required.
Required Experience
- At least 5 years of progressively responsible professional experience in Data protection, Privacy and Information Security, and AI governance, in a law/ consultancy firm and/or large public/private sector organization on Data Protection.
- Proven experience in building and implementing global Privacy and Data Protection compliance programs and risk management tools in large corporations.
- Experience working in a global, large-scale, complex, and fast-paced environments.
- Experience in roles that demand accuracy and quality, prioritization and execution against timelines, managing a high volume of project milestones.
- Experience working autonomously with minimal supervision and as part of a team, well as to cooperate within a team, across different regions and time zones.
Qualifications
- Advanced university degree in relevant discipline (including but not limited to law, computer science, information technology, data protection, privacy, computer and communications law, compliance, international, digital or media law) or First University degree with additional years of related work experience.
- Certifications in Privacy and Data Protection such as CIPP/E/U and CIPM, CIPT.
- Knowledge of international security management systems industry standards (ISO 27001, ISO 27701, NIST…) is desired.
