Médecins Sans Frontières recherche un responsable de la GRC et de la protection des données (basé dans n’importe quel hub MSF-OCBA), H/F, Espagne
Description :
Médecins Sans Frontières is an international independent medical-humanitarian organization, which offers assistance to populations in distress, to victims of natural or man-made disasters and to victims of armed conflict, without discrimination and irrespective of race, religion, creed or political affiliation.
MSF is a civil society initiative that brings together individuals committed to the assistance of other human beings in crisis. As such MSF is by choice an association. Each individual working with MSF does it out of conviction and is ready to uphold the values and principles of MSF.
The MSF movement is built around six operational directorates. MSF OCBA is one of those directorates. The operations are implemented by field teams and the mission coordination teams; together with the organizational units based in Barcelona and decentralized in Nairobi, Dakar and Amman. The field operations are guided and supported by 5 Operational Cells, the Emergency Unit and other departments supporting operations, including the Human Resources Department.
Background and position objective
In line with OCBA Strategic Orientations and International commitments on Data Security and Privacy and the optimization and rationalization of the use of resources, we are looking for a GRC and Data Protection Manager working in the General Direction Department – with direct report to the Deputy General Director – in close collaboration with all departments, the Legal Unit and the Ethics and Abuse Unit.
The main objectives of the position are to ensure the guide the organization towards the implementation and adoption of procedures and mechanisms related to Risk Management in the organization. He/she will also design, propose and contribute to the implementation of the strategy and actions related to Data protection and Data privacy in OCBA.
Specific objectives of the position
Governance Risk and Compliance
- Guide in the implementation of strategy on risk management in order to ensure that the process and controls in place are properly designed and effective;
- Guarantee the Risk Analysis process is fully implemented, improved and followed;
- Guide GD and MT in the analysis of risk and mitigation measures, to be included in discussion in the frame of the Planning Monitoring Cycle;
- Design, implement and review specific policies (anticorruption, whistleblowing, gift and hospitality, etc.);
- Act as a focal point for Fraud & Corruption, risk and compliance matters by following the implementation of anti-fraud and anti-corruption prevention and detection measures throughout the organization, both HQ offices and the field. Decide, together with the GD on measure to be taken;
- Lead, manage and/or support MSF OCBA´s response to attempted or actual incidents of fraud against MSF OCBA. Support Operations and Ethics and Abuse Unit by participating in Fraud & Corruption audits in the field;
- Design and review organizational strategies and internal procedures (Risk Management, Internal and External audits, etc.);
- Identification of key external regulations and laws to be compliant with (GDPR, money laundering, missions’ registrations, insurances, penal code, etc.) and advise the GD/MT on key compliance gaps and issues;
- Propose efficiency gains through the harmonization of transversal processes & control mechanisms (ethics &abuse unit, including field operations) when dealing with abuse (fraud) case management and reporting;
- Lead, participate and coordinate with International Platforms and IO on GRC matters, specifically on Risk Management Dossier, and audits, Fraud and Corruption.
Data Protection, Privacy and GDPR
- Guide MSF OCBA to ensure observation of the European General Data Protection Regulation through the supervision of the correct implementation of GDPR and LOPDGDD framework, MSF Data Protection Baseline, and DPO plan of action;
- Develop, maintain and supervise implementation of data protection policies and procedures such as Privacy Policy and Data Protection Policy, Cookie Policy, Data Retention Policy, Data Breach policy and procedure, Data Protection by Design and Default, etc;
- Standardize procedures, management and reporting of data protection issues and incidents with the use of OneTrust, including an up-to-date record of all data processing activities carried out within MSF-OCBA;
- Recommend and Coordinate information and training to employees affected by GDPR, and maintain the Data Protection Office space on Sharepoint/OOKIS.
- Manage data security incidents and privacy breaches related to GDPR.
- Activate crisis management in case of major privacy or data incidents;
- In case of breach of data security, timely inform and recommend to Deputy General Director regarding best way of action (including information to relevant National and International Official Authorities;
- Report to GD and MT about the status of implementation of data protection and privacy measures in MSF OCBA, and advise on any relevant major issues, risks or priorities;
- Annually report to IPCO on the international / intersectional data protection monitoring;
- Act as a focal point on GDPR and data privacy in OCBA, provide assistance during projects on data protection measures and coordinating with legal consultants for technical and legal matters;
- Review GDPR compliance on regular basis;
- Manage direct enquiries from affected stakeholders regarding GDPR;
- Liaise with International office and IPCO to coordinate alignment of policies, and on data protection and privacy issues around shared assets and services such as SITS, Tembo, Homere, Epicentre, GEO, etc;
- Participate in IPCO meetings, International Task Force and external gatherings on GDPR and collaborate in intersectional initiatives and projects such as TIC DP Field Implementation Methodology, intersectional Binding Corporate Rules BCRs and international (intersectional) data sharing, and intersectional guidance on data protection and privacy;
- Participate in the Information Security Committee;
- Recruit and manage staff to work, under her/his supervision, on specific dossiers and projects.
Supervision of work
The GRC Manager will work under the overall supervision of the OCBA Deputy General Director.
MSF is committed to achieving workforce diversity in terms of gender, race, nationality and culture. Individuals from minority groups, indigenous groups and persons with disabilities are encouraged to apply. We are committed to achieving a balanced gender distribution and therefore encourage women to apply. All applications will be treated with the strictest confidence.
MSF provides a work environment that reflects the values of gender equality, teamwork, integrity and a healthy balance of work and life. MSF does not tolerate sexual exploitation and abuse, any kind of harassment, including sexual harassment and discrimination. All selected candidates will, therefore, undergo reference checks.
Médecins Sans Frontieres, as a responsible employer, under article 38 of “Ley de Integración Social del Minusválido de 1982 (LISMI)” invite those persons with a recognized disability and with an interest in the humanitarian area to apply for the above-mentioned position.
Expériences / formation
Selection critera
Education, Experience and desired attributes
- University degree (economics, law, engineering);
- Complementary education in Data Privacy or Data Protection will be an asset;
- Genuine interest in, understanding of and commitment to the humanitarian principles, social mission, operations, and challenges of MSF;
- Good understanding of the institutional functioning of an MSF Operational Center.
- Knowledge of MSF field operations, field experience with MSF;
- Experience in developing programs, guidelines and/or tools on governance, risk and compliance;
- Working experience in data protection, privacy protection, fraud & corruption, risk management;
- Proven working experience in finance audits;
- Outstanding organisation skills; ability to complete multiple tasks within short deadlines, while maintaining correct priorities and quality;
- Proven excellent communication and facilitation skills, including in multicultural settings;
- Very good interpersonal and networking skills;
- Fluent written and spoken English (Spanish, French and/or other languages an asset).
Competences
- Commitment to MSF principles ;
- Cross-cultural awareness ;
- Analytic thinking ;
- Results and quality orientation ;
- Service orientation ;
- Strategic vision ;
- Teamwork and cooperation ;
- Capacity to negotiate ;
- Networking and building relationships.
Salaire
Conditions
- Position based in any MSF-OCBA Hub (Barcelona, MSF-Spain office delegations, Amman, Dakar or Nairobi);
- Full-time job ;
- Permanent position – minimum commitment of 3 years;
- Annual Gross salary + secondary benefits based on MSF OCBA Rewards policy;
- Starting date: immediately.
Comment postuler
How to apply
- To apply, please follow the link below and submit your CV and cover letter
- Closing date: November 2nd, 2021, 23:59 CET (Central European Time)