Job Description
Deadline: 29 September 2023
A public interest organisation that seeks to promote environmental justice, sustainable and equitable use of natural resources, democracy and good governance in the natural resources and environment sector, is seeking the services of a Data Protection Officer (DPO). The DPO is to lead and deliver on our data protection values by integrating transparency, accountability and people centred values by ensuring safeguarding and security of data handled by the organisation. The DPO is expected to assist the organisation in ensuring that required standards and best practice are preserved. The incumbent will have a crucial role in ensuring that the data protection rights of staff and other key stakeholders are maintained in line with national requirements and other applicable regulations.
Objectives of this role
• Serve as the main point of contact within the organization for staff members, regulators, and relevant public authorities on issues related to data protection.
• Ensure that company policies follow codes of practice such as GDPR (General Data Protection Regulations).
• Evaluate the existing data protection framework to identify areas of no or partial compliance and rectify any issues.
• Devise training plans and provide data protection advice to staff members.
• Inform and advise the data controller or data processor on all matters related to data protection.
• Promote a culture of data protection and compliance across all units of the organization.
Duties and Responsibilities
Responsibilities
• Ensure that the data management and protection policies, systems and procedures are in place and respected to the required standard driving the organisation towards good or best practices.
• Play a critical role in the identification, monitoring and mitigation of data protection risks across the organization.
• Handle queries or complaints or data requests for the organisation, in consultation of management supporting investigations as guided.
• Undertake or support organizational data handling/protection reviews/audits to determine internal compliance, compliance with data protection related regulations, data security and other related areas, identifying issues/challenges and recommending process improvements from an accountability and learning perspective.
• Provide timely data and information to the organization as required including updates on new technological trends on data management/protection, landscape changes to/ applicable to data protection legislation and/or regulator guidance, including advising the organization on the anticipated impact.
• Serve as a key point of contact with the regulator in consultation of the supervisor and advising on any complaints or queries raised on data protection.
• Prepare and deliver data protection training as and when required, capacitating key stakeholders on their data protection rights, obligations and responsibilities.
• Review third party data related agreements for quality assurance and liaising with internal and external stakeholders to co-ordinate the organizations’ third-party supplier assurance processes related to data protection.
• Positively respond to both internal and external stakeholders through effective communication and personal accessibility.
• Convey the organization`s messages and ideas clearly and openly, consulting staff and management in decision making and providing constructive feedback.
• Maintain records of all data processing activities including access control protocols, ensuring safe storage and archival of operational data/information of all staff in the organization as necessary, managing a central repository/storage facility that organises data/ information for the organisation required by staff and other key stakeholders as guided by the supervisor.
Qualifications and Experience
Preferred skills and qualifications
• Bachelor’s degree (or equivalent) in computer science, ICT, management information systems or related field
• Three or more years of experience in data protection compliance or a related field relevant for the NGO sector
• Expertise in data protection laws and practices, including deep understanding of GDPR.
• Understanding of legal frameworks, data protection audits and the related risk management skills
• Sound understanding of project management skills especially monitoring, evaluation, accountability and learning (MEAL)
• Ability to work effectively under pressure and to manage sensitive and confidential information.
• Excellent verbal and written communication skills, with strong attention to detail
• Proficiency with software for preparing digital reports and presentations.
How to Apply
Interested qualified candidates should send an application letter and CV with at least 3 references, with the subject clearly stated as advertised, to recruitmentpro26b@gmail.com by 29 September 2023
