Data Protection Specialist

Location: Any MSF office*

Contract: contract at 100%

Duration: Permanent

Deadline to apply: 30th of April 2025

Starting date: 26th of May 2025

Compensation and benefits: MSF practice is to offer the C&B package current in the MSF entity establishing the contract.

*By default, the successful candidate will be offered a contract in the MSF office of their country of residence at the time of application.

I. MSF INTERNATIONAL

Médecins Sans Frontières (MSF) is an international, independent, medical humanitarian organisation that delivers emergency aid to people affected by armed conflict, epidemics, healthcare exclusion and natural disasters. MSF offers assistance to people based only on need and irrespective of origins, religion, gender or political affiliation.

MSF International is the legal entity that binds MSF’s 24 sections, 27 associations and 18 branch offices together. Registered in Switzerland, MSF International provides coordination, information and support to the MSF Movement, as well as implements international projects and initiatives as requested.

II. PLACE IN THE ORGANISATION

The Data Protection Specialist is part of the International Privacy Coordination Office (IPCO) team of MSF International. He/she reports to the Head of IPCO and works closely with IPCO team members and key staff in MSF Operational Centres and partner offices.

IPCO has two functions. First, it is responsible for coordinating data protection efforts across the Movement and the development of global data protection policies and cross-border processes required to ensure MSF responsibly manages and protects the data entrusted to the organization, in line with its humanitarian mandate.

Secondly, IPCO is tasked with carrying out the function of Data Protection Officer for MSF International.

III. OBJECTIVES OF THE POSITION

The Data Protection Specialist supports IPCO in the exercise of its Data Protection Officer and advice function for MSF International and large international projects hosted by MSF International, notably but not exclusively in the field of human resources.

The position facilitates and supports the implementation of MSF data protection rules and responsible data management policies, in line with MSF medical humanitarian mandate.

The Data Protection Specialist works in close collaboration with MSF data processing owners / project managers and information security and IT experts to promote quality and coherent responsible and data protection expertise and practices.

IV. MAIN RESPONSIBILITIES

• You advise MSF teams on how to process personal data and support them with the implementation of MSF data protection policies and data protection rules. In doing so, you balance formal obligations with operational possibilities considering risks and context, ensuring rights of individuals that entrust MSF with their personal data are well protected.

• You assess data processing activities for both respect of data protection rules and MSF policies and for effectiveness of data protection mitigation measures. You assist MSF teams in identifying data-related risks and you assist them in translating findings in adjustments to enhance data protection.

• You promote a culture of responsible data usage and data protection within the organization through training and awareness.

• You support the completion and ensure the availability of required data protection documentation and procedures.

• You support the response to data breaches and other data related incidents, including investigation, remediation, and documentation/ reporting and handle data subject requests, in line with data protection requirements and MSF policies.

Specific tasks

• Maintaining and updating the Data Processing Register

• Documenting data protection and responsible data processes to ensure accountability of MSF International

• Performing data protection assessments with concerned MSF teams

• Proposing and following up on actions/ mitigations measures, based on risk assessments and internal monitoring activities

• Supporting and advising the organization on data protection / responsible data requirements

• Supporting MSF teams’ in carrying out Data Protection Impact Assessments and building best practices regarding data protection

• Training staff and raising awareness on data protection to enhance responsible data practices

• Conducting internal monitoring/ assessment

• Collaborating and consulting with peers in other MSF sections on approaches to sharing of data and data protection issues

Education:

Specialised Master’s degree in data protection or master’s degree in law (or equivalent).

Knowledge and Technical Skills:

• Up to date and robust knowledge of data protection at higher vocational level.

• Strong understanding of the interrelationship of data protection laws and areas such as data governance, information security and analytics a plus.

• Minimum 3 years work experience specialised in data protection (ex. within law firm or DPO consultancy firm). Work experience in the humanitarian or development sector a plus.

Soft Skills:

• Communication: Excellent verbal and written communication skills in English, with the ability to explain legal and/or technical concepts to non-technical stakeholders. You are comfortable providing data protection advice to senior level stakeholders.

• Problem-Solving: Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing data related risks. Critical thinker who understands the need for a risk-based approach when providing legal advice.

• Excellent collaboration skills: Ability to balance technical and policy/ regulatory requirements with the needs of project owners.

• Ethics: High ethical standards and a commitment to protecting the data of individuals and furthering MSF mandate.

Competencies:

• Results and Quality Orientation, Teamwork & Cooperation, Capacity to Negotiate, Risk identification and Prioritization, Analytical Thinking, Security Awareness and Management.

Specific Requirements:

• Certifications: Relevant certifications such as CIMP (Certified Information Privacy Manager), CIPP (Certified Information Privacy Professional), or similar.

References (in relation to data protection) will be required at final selection stage

Only shortlisted candidates will be contacted.

At MSF, we are committed to an inclusive culture that encourages and supports the diverse voices of our employees. We welcome applications from individuals of all genders, ages, sexual orientations, nationalities, races, religions, beliefs, ability status, and all other diversity characteristics.