iMMAP Inc. is an international nongovernmental organisation that provides information management services to humanitarian and development organizations. Through information management, we help our partners target assistance to the world’s most vulnerable populations. Our core philosophy is that better data leads to better decisions and that better decisions lead to better outcomes. iMMAP Inc.’s critical support to information value chains helps to solve operational and strategic challenges of our partners in both emergency and development contexts by enabling evidence-based decision-making for better outcomes.

iMMAP Inc. is seeking to appoint a Data Protection Officer (DPO) to ensure compliance with personal data protection regulations, particularly the General Data Protection Regulation (GDPR). The DPO will play a crucial role in overseeing data protection activities, managing risks related to personal information of iMMAP Inc. staff, consultants, partners and donors, and ensuring adherence to relevant policies and guidelines. The DPO will be responsible for coordinating with various departments to review and evaluate data processing practices and will provide support and advice on compliance matters. The Data Protection Officer will work under the responsibility of the Director of Strategic Planning, Technology, and Innovation Director as part of iMMAP Inc. Global Technology Unit.

Please do apply to this position, only if you are available to commence the assignment at the latest, on 15 September 2023, if you are the selected candidate. This position is initially advertised until 31 December 2023 but is subject to be extended, based on good performance, until 31 December 2024.

The position is open until 18 August 2023 but iMMAP Inc. will proceed with interviewing suitable and available candidates on a rolling basis and could close the hiring process before the set date if a suitable and competent candidate is identified.

Please note that it is expected for the selected candidate to start, ideally, in his/her new functions by 15 September 2023 at the latest

• Provide regulatory and compliance support.
• Act as a spokesperson for iMMAP Inc. with competent supervisory authorities and advise and supervise the organization on GDPR compliance efforts.
• Coordinate with iMMAP Inc. units & departments to review and evaluate the processing of personal data, in order to guarantee compliance with data protection regulations in each of the processes.
• Support in the design, elaboration and adjustment of internal policies, protocols and procedures, related to compliance areas.
• Act as a champion for data privacy, security and protection throughout the organization, including supporting in the design and organization of training sessions and workshops to promote awareness and ensure staff and consultants understand their responsibilities.
• Explore the feasibility and requirements for an ISO certification ISO 27701: Data Compliance Management System Supporting GDPR Compliance.
• Design informative manuals & guidelines on appropriate practices for the processing of personal data.
• Any other duties as required.
• Monitor and ensure compliance with the GDPR regulation in relation to the subject of data protection, to ensure the identification of the risks that may arise in the processes that use personal information and propose appropriate measures.
• Support in advising on anti-corruption issues, anti-bribery, codes, procedures, etc.

• +2 years experience in Compliance is a plus
• Law Degree (LLB or JD), Compliance or Risk Management Degree or Privacy Law, Data Protection Studies, Business or Management Degree, or other relevant field
• Alternatively: Privacy and Data Protection Certifications, such as Certified Information Privacy Professional (CIPP) or Certified Data Protection Officer (CDPO)
• +4 years experience in personal data protection processes

• Data Protection and Legal Expertise
• Problem-Solving
• Training and Education
• Ethical Standards
• Negotiation and Diplomacy
• Communications
• Legal Compliance and Documentation
• Basic technical Knowledge (IT and Cybersecurity)
• Interpersonal Skills
• Risk Management
• Analytical Skills
• Attention to Detail
• Document Management, Record Keeping and Reporting
• Coordination/ Project Management
• Audit and Compliance Management
• Data Mapping, Data Classification and Categorization