DUTY STATION
Geneva, Switzerland
COMMENCEMENT OF DUTY
To be determined NATURE OF APPOINTMENT
Fixed-term - 2 years
Organizational Unit
Administration Division (AD) WMO is committed to achieving diversity and a balanced workforce. Applications are welcome from qualified women and men, including those with disabilities. The statutory retirement age after 1 January 2014 is 65. For external applicants, only those who are expected to complete the term of appointment will normally be considered. DUTIES AND RESPONSIBILITIES
Under the overall guidance of the Director of Administration, the incumbent will perform the following duties:
Data Protection & Privacy Governance
Support the development and implementation of a data protection and privacy framework and the resulting policies, procedures, and documentation for the processing and protection of Personal data in coordination with stakeholders within the organisation.
Prepare the necessary structures to ensure the organisation maintains the appropriate privacy and confidentiality consent procedures, authorization forms, and information notices.
Work with a multidisciplinary team, including audit and risk, compliance, HR, legal, business process owners, IT, and other internal stakeholders to ensure enterprise- wide coverage of the privacy discipline.
Work with procurement, vendor management and the legal department to ensure that third-party suppliers' contracts and operating-level agreements meet privacy requirements.
Implement and maintain an internal reporting mechanism for intended (new or changed) personal data processing activities, to which business unit/process owners must adhere.
Support the organisation's response activities to privacy- related incidents.
Communicate with stakeholders and the public concerning privacy issues (for example, answering data subject's questions and requests).
Privacy Impact Assessments
Determine the organisation's specific privacy-related requirements and support projects by conducting privacy impact assessment where applicable.
Develop, improve, and manage the privacy impact assessment process, in close collaboration with business stakeholders.
Conduct regular privacy policy compliance assessments to ensure that privacy policies are being adhered to.
Compliance Monitoring
Ensure that business units, technology teams and third parties (service providers) follow the privacy framework, implement measuring procedures to verify the extent in which these stakeholders meet privacy policy requirements and address privacy concerns.
Collaborate with and assist business units and technology areas to develop corrective action plans for identified data protection issues.
Continuously monitor the status and effectiveness of data protection across the organization, ensuring that privacy-related key risk indicators are effectively monitored to prevent negative impact on business objectives and reputation.
Conduct compliance report monitoring activities on collaborating partners, third-party service providers' and other data processors' levels of privacy compliance.
Report findings in a structural, transparent, and business-relevant manner, allowing the business to decide and instruct on adequate and appropriate mitigating measures.
Personal Data Inventory and Usage
Support the creation of an inventory that documents how and why WMO collects, shares, and uses personal data.
Continuously update and reevaluate the extent to which customer and employee information is collected and shared internally and externally.
Monitor the data request and usage processes, purpose- based authorised use, and prevention mechanisms' effectiveness against unauthorised use of personal data.
Maintain registry of all personal data stores and data processing activities.
Influence WMO's retention program to facilitate deletion or anonymization of personal data that is no longer needed for identified purpose(s), and in accordance with applicable requirements.
Awareness, Training, and Other Communications
Conduct data protection and privacy awareness campaigns, training, and orientation for all employees - in particular, application developers, HR, and Procurement.
Identify trends in data protection and requirements and compliance enforcement, and account for the necessary changes in the privacy program, updating information to the affected stakeholders.
Work with third-party stakeholders (including business partners, suppliers, service providers and IT product vendors) to ensure that they clearly understand and comply with data protection requirements.
QUALIFICATIONS
Education
Master's degree in business administration, law, political science, social science, finance, or a related discipline is required. A first- level university degree in combination with two (2) additional years of qualifying experience may be accepted in lieu of the advanced university degree.
Experience
Demonstrates a minimum of seven years of progressively responsible professional experience with knowledge of data protection and privacy standards is required.
Demonstrated knowledge of widely recognised data protection and privacy principles, best practices, and methodologies is required.
Demonstrated knowledge of national and/or international data protection and privacy practices and frameworks is required
. Demonstrated knowledge of cloud computing, online services, web and enterprise applications, and data analytics is desirable.
Demonstrated knowledge of data privacy and security risk management concepts, methodologies, and best practices is desirable.
Demonstrated knowledge of technologies that assist data protection and privacy programmes, such as data discovery, data mapping, authorisation or access management tools is desirable.
Other requirements
Certified Information Privacy Practitioner (CIPP) and
Certified Information Privacy Manager (CIPM) are required
Languages
Excellent knowledge of English. Knowledge of other official languages of the Organization would be an advantage.
(Note: The official languages of the Organization are Arabic, Chinese, English, French, Russian and Spanish.) Position is funded by PSC-SA. SALARY AND ALLOWANCES
Annual net base salary on initial appointment is: US$ 84672
Annual post adjustment on initial salary is: US$ 73495 (in addition to the net base salary) Additional Information:
Applications should be made online through the WMO e-recruitment system at https://erecruit.wmo.int/public.
Do not send your application via multiple routes. Only applicants in whom WMO has a further interest will be contacted. Shortlisted candidates may be required to sit a written test and/or an interview. Date of issue of vacancy notice: 25 April 2025