Match score not available

Data Protection, Analyst II

Remote: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 

Catholic Relief Services logo
Catholic Relief Services Non-profit Organization - Charity XLarge https://www.crs.org/
5001 - 10000 Employees
See more Catholic Relief Services offers

Job description

Job Description

NOTE: This is a global remote position; CRS will only consider candidates who are based in countries where we have existing offices. CRS does not sponsor visas for telecommuting employees. **

About CRS�**

Catholic Relief Services is the official international humanitarian agency of the Catholic community in the United States. CRS works to save, protect, and transform lives in need in more than 100 countries, without regard to race, religion or nationality. CRS’ relief and development work is accomplished through programs of emergency response, HIV, health, agriculture, education, microfinance and peacebuilding. **

Job Summary**

The Data Protection, Analyst II is responsible for executing and administering CRS Data Protection functions and supporting systems. Responsibilities will include overall systems management; support and execution of Data Protection roadmap and the related projects; organizational awareness, processes and procedures and compliance with audits/assessments related to Data Protection administration.

Working closely with the Director I, Information Security, Identity and Data Protection, the Analyst II, Data Protection will require coordination and communication with all levels of CRS business, MEAL, ICT4D, Global Risk and Compliance, Office Legal Counsel, Legal and programing teams, Strategic Partners, and Vendors to ensure data protection initiatives and operations are in line with agency responsible data values and principles, standards and applicable controls. **

Responsibilities**

Roles and Key Responsibilities

  • Oversee design, implementation and operations of privacy and data protection management systems
  • Deepen adoption of data protection controls and oversight
  • Advise on best practices & implement processes in the areas of data protection and privacy, aligning data protection requirements and risks with capabilities
  • Maintain full and complete records of privacy related matters, incidents, breaches, and actions taken; monitor such records to identify trends preparing reports for use by the data protection team
  • Proactively monitor and maintain a detailed knowledge and awareness of current privacy, data protection, and consumer legislative interpretation and other developments including guidance/advice/codes of practice and enforcement practices
  • Work with other members of the Data Protection team to action and administer the Privacy Impact Assessment (PIA) program, identifying where assessments are required and working with business stakeholders to drive completion of PIAs, maintaining full and complete records and timetables for review.
  • Support all business areas by providing advice and guidance in relation to data protection governance and procedures.
  • Work closely with programming, ICT4D, MEAL and ICT teams to support internal projects to deliver Privacy by Design and Default, maintaining robust evidence and record keeping for publication to regulators where required
  • Engage with all areas of the business where personal data may be processed to determine existing processes and assess how privacy is embedded. Identify gaps in control environments, customer journeys and personal data handling to determine privacy risk.
  • Assist with the administration of data processing (transfer and sharing) agreements (DPA) and standard contractual clauses (SCCs)
  • Develop Data Protection awareness across the agency by providing orientation, on-going communication and implementing educational activities

Supervisory Responsibilities

None **

Key Working Relationships**

Internal : Members of the Global Knowledge and Information Management (GKIM) Department, Global Risk and Compliance (GRC), Office of the General Counsel (OGC), leaders of CRS' regional ICT organizations, ICT staff, MEAL and ICT4D teams, and owners of CRS business systems. **

External : NetHope and privacy management Vendors, peers from other NGO's and consortiums focused on the responsible use of data in the relief and development sector.

Qualifications**

Basic Qualifications

  • Bachelor's degree in Data Protection or IT related field or equivalent experience
  • Minimum of 5 years' experience in the design and implementation of Data Protection systems, processes and procedures
  • Experience in Data Protection programs and building cross functional relationships
  • Experience in an Incident Response role and Data Subject Rights
  • Deep knowledge of global data protection laws, standards, and associated frameworks (e.g. GDPR, CCPA, HIPAA, and others).
  • Experience in managing Data Protection compliance
  • Comfort influencing business leaders in the promotion of consistent practices and policy
  • In depth knowledge of Information risk concepts / relating business needs to Data Protection controls

Preferred Qualifications

  • Highly proactive and able to work independently.
  • Excellent written communication skills, demonstrating the ability to document Data Protection policy and briefings with purpose, clarity, and accuracy
  • Strong inter-personal and group/team process skills, problem-solving and judgment skills.
  • Demonstrated experience working and interfacing with cross functional teams
  • Strong systems thinking and analytical approaches to problem solving.
  • Very good presentation and listening skills.
  • Culturally sensitive and patience.
  • Demonstrated commitment to organizational learning and development.
  • Demonstrated effectiveness in a customer facing roleLegal academic and professional background
  • Familiarity with privacy program management tools (e.g. OneTrust)
  • Knowledge of data related initiatives such report/dashboard creation, and web analytics
  • CIPP, CIPP, CIPT, or CIPM or equivalent certification
  • Knowledge of frameworks and best practices such as PCI DSS, the ISO 27000 family of standards, NIST Cyber Security Framework and/or Cyber Essentials

Agency-wide Competencies (for all CRS Staff)�

These are rooted in the mission, values, and guiding principles of CRS and used by each staff member to fulfill his or her responsibilities and achieve the desired results.

  • Personal Accountability – Consistently takes responsibility for one’s own actions.
  • Acts with Integrity - Consistently models values aligned with CRS Guiding Principles and mission. Is considered honest.
  • Builds and Maintains Trust - Shows consistency between words and actions.
  • Collaborates with Others – Works effectively in intercultural and diverse teams.
  • Open to Learn – Seeks out experiences that may change perspective or provide an opportunity to learn new things.
  • Our Catholic identity is at the heart of our mission and operations. Catholic Relief Services carries out the commitment of the Bishops of the United States to assist the poor and vulnerable overseas. We welcome as a part of our staff people of all faiths and secular traditions who share our values and our commitment to serving those in need.

Disclaimer:� This job description is not an exhaustive list of the skill, effort, duties, and responsibilities associated with the position.� � **

Note: All positions requiring residence or frequent travel outside their home country must undergo and clear a pre-employment medical examination.�

CRS' talent acquisition procedures reflect our commitment to safeguarding the rights and dignity of all people - especially children and vulnerable adults - to live free from abuse and harm.**

EOE/M/F/D/V - CRS is an Equal Opportunity Employer. (For all US and International positions)�

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Non-profit Organization - Charity
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Verbal Communication Skills
  • Cultural Sensitivity
  • Motivational Skills
  • Social Skills
  • Analytical Skills
  • Patience

Data Protection Officer Related jobs