IDB Invest Data Privacy Officer

🔍 Washington DC, United States - Headquarters

New
📁
Information Technology
📅
Sep 10, 2024 Post Date
📅
2400000819 Requisition #

IDB Invest Data Privacy Officer

Location: Washington, DC.

The IDB Group is a community of diverse, versatile, and passionate people who come together on a journey to improve lives in Latin America and the Caribbean. Our people find purpose and do what they love in an inclusive, collaborative, agile, and rewarding environment.

About this position

The IDB Invest privacy function (the “PF”) operates within FNA/AKI. The PF will be led by the IDB Invest Data Privacy Officer, who will report to the Managing Director of FNA/AKI, with a dotted line reporting to the Chief Finance and Administration Officer (the “CFO”).

The PO will provide leadership and will represent the PF in discussions with the other IDB Group Institutions’ data privacy teams on Personal Data related issues as deemed appropriate by the PO. This includes coordinating, providing input, and driving consensus on Personal Data protection activities performed by shared services and representing IDB Invest Personal Data privacy interests on relevant IDB Group committees.

What you’ll do:

Under the leadership of the PO, the PF is responsible for providing advice and guidance to IDB Invest Management and IDB Invest Organizational Units on all four areas of the Program:

  • Data Privacy Strategy and Governance
    • Strategic Development: Defines and coordinates the Data Privacy strategy, scope, and manner of execution of the IDB Invest’s implementation of the Program.
    • Training and Awareness: Supports and provides proper resources to ensure the required personal data privacy training, and awareness programs for employees are conducted on periodically. Promotes a personal data privacy culture at IDB Invest.
    • Implementing Instruments: Identifies requirements for, and coordinates with the relevant Organizational Units creation of and updates to, Implementing Instruments.
  • Data Privacy Operations
    • Contract language: Supports IDB Invest Legal Department in the definition of Data Privacy language for contract templates and assists IDB Invest organizational units with Data Privacy clauses in negotiations with contractual counterparties.
    • Notice & Consent: Supports IDB Invest Legal Department in the definition of template language for privacy notices and consent, ensuring they are in place; advises IDB Invest organizational units on the appropriate use of both.
    • Personal Data Classification: Coordinates with IDB Group institutions’ data privacy offices and other organizational units to provide IDB Invest organizational units direction on classification and appropriate protection of personal data.
    • Policy Interpretation & Implementation: Provides guidance on the interpretation and implementation of the Privacy Policy, including, where appropriate, in consultation with IDB Invest Legal Department.
    • Personal Data Inventory Management: Coordinates and provides business requirements for creating and maintaining personal data inventories and guidance on appropriate metadata tagging. Creates and maintains an updated ledger of all personal data processing activities conducted within IDB Invest (ROPA) and provides reasonable assistance to Organizational Units in the creation and maintenance of ROPAs.
    • Data Privacy Protection Tools: Provides tools for IDB Invest organizational units to identify and minimize Data Privacy-related incidents in their projects and activities, including, without limitation, through Data Privacy impact assessments (DPIAs) and coordinates their execution, including, with IDB Invest Risk Department.
    • Data Privacy by Design and by Default Implementation: Provides guidance to IDB Invest organizational units on the use of privacy by design and privacy by default. Coordinates with the appropriate stakeholders the enhancement of Data Privacy controls and personal data protection requirements at every stage of a project, product, or system’s lifecycle.
    • Review and Redress Mechanism: Acts as the first point of contact for Data Subjects regarding the Review and Redress Mechanism.
    • Other Data Privacy Operations Tasks: Performs other responsibilities as may be assigned to it in separate Implementing Instruments.
  • Data Privacy Protection Management
    • Information Security Controls: Coordinates and collaborates with IDB Group technology teams and IDB Invest risk department regarding the definition, implementation and assurance of appropriate technical controls for the protection of Personal Data.
    • Third Party Risk Management: Advises on appropriate sharing of Personal Data with external parties (e.g., clients, partners, vendors, and donors), including, where appropriate, with support from and in consultation with IDB Invest Legal department.
    • Incident Response Coordination: Advises Management on the response to incidents involving personal data and ensures action plans to mitigate Personal Data breaches are implemented, in accordance with relevant Implementing Instruments and other applicable IDB Invest policies and procedures, in collaboration with IDB Invest Risk Department.
    • Access Governance: Advises IDB Invest organizational units in the appropriate access rights to personal data.
    • Data Privacy appropriate access rights to personal data: Data Retention and Disposal: Provides inputs to IDB Group Record Management team on Records Retention and Disposition rules covering Personal Data relevant to IDB Invest.
  • Data Privacy Oversight Management
    • Reviewing and self-assessment: Coordinate the reviews of IDB Invest’s Personal Data processing activities, audits, and reports to management on the status of compliance with the Program.
    • Independent risk and control assessments: Collaborates with IDB Invest Risk unit to provide insights into risks and control assessments (RCAs) of IDB Invest’s processes, products, projects, and systems that involve the processing of personal data.
    • Audit and Risk Liaison: Coordinates and promotes the liaisons and synergies with the Office of the Executive Auditor (AUG) and Internal Risk on audits and risk assessments of Program implementation and operation.
    • Audit and Risk Reporting: Report promptly to IDB Invest Management and Operational Risk Management Committee regarding AUG privacy findings and internal risks assessment results and coordinate the implementation of improvements to mitigate the personal data privacy risks identified across the organization.

What you'll need

  • Education: Master’s degree (or equivalent advanced degree) in information management, information systems, law, computer science, or related field.
  • Experience:
    • 4+ years of experience working experience of running and managing a robust Data Privacy and Protection program for a multi-region organization.
    • Should have in-depth knowledge including practical implementation experience of regulatory frameworks for data privacy including the EU GDPR.
    • Expertise that aligns with the international organization's data processing operations, and familiarity with the nature of its data processing activities
    • Experience in collaborative approaches to working with stakeholders are essential.
    • Great communication and collaboration skills
    • Experience with risk management frameworks (preferably in security or privacy) to objectively measure risks, monitor risk levels, and track remediation.
    • Solid understanding of privacy issues in relation to evolving technology (e.g., mobile, cloud, data lakes, machine learning).
    • Previous experience in information or data governance control activities, in the financial services industry
    • Certification in Information, Data, Privacy Records, or Security such as CIPP, CIPM, CRM, CIPT, CISSP, IGP, CISM, and CISA is a plus, but not a requirement.
  • Languages:  Proficiency in English and one of the other Bank's official languages (Spanish, French, or Portuguese) is a plus.

Key skills

  • Learn continuously
  • Collaborate and share knowledge
  • Focus on clients
  • Communicate and influence
  • Innovate and try new things

Requirements

Citizenship: No requirements

Consanguinity: You have no family members (up to the fourth degree of consanguinity and second degree of affinity, including spouse) working at the IDB, IDB Invest, or IDB Lab.

Type of contract and duration

International staff contract, 36 months initially, renewable upon mutual agreement.

What we offer

  • The IDB group provides benefits that respond to the different needs and moments of an employee’s life. These benefits include:
  • A competitive compensation package
  • Leaves and vacations: 24 days of paid time off + 8 personal days + sick leave + gender- neutral parental leave
  • Health Insurance: IDB Group provides employees and eligible dependents with a robust medical benefits program that covers medical, dental, vision, preventive care, and prescription drugs.
  • Pension plan: defined benefit pension plan that provides financial security and supports employees in planning for their future.
  • We offer assistance with relocation and visa applications for you and your family when it applies
  • Hybrid and flexible work schedules
  • Health and wellbeing:  Access to our Health Services Center which provides preventive care and health education for employees.
  • Development support: We offer tools to boost your professional profile such as mentoring, 1:1 professional counseling, training and learning opportunities, language classes, mobility options, among others.
  • Other perks: Lactation Room, Daycare Center, Gym, Bike Racks, Parking, Spouse Career Program, and others.

Our culture

At the IDB Group we work so everyone brings their best and authentic selves to work, willing to try new approaches without fear, and where they are accountable and rewarded for their actions.

Diversity, Equity, Inclusion, and Belonging (DEIB) are at the center of our organization. We celebrate all dimensions of diversity and encourage women, LGBTQ+ people, persons with disabilities, Afro-descendants, and Indigenous people to apply.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job interview process. If you are a qualified candidate with a disability, please e-mail us at diversity@iadb.org to request a reasonable accommodation to complete this application.

Our Human Resources Team reviews carefully every application.

About the IDB Group

The IDB Group, composed of the Inter-American Development Bank (IDB), IDB Invest, and the IDB Lab offers flexible financing solutions to its member countries to finance economic and social development through lending and grants to public and private entities in Latin America and the Caribbean.

About IDB Invest

IDB Invest, a member of the IDB Group, is a multilateral development bank committed to promoting the economic development of its member countries in Latin America and the Caribbean through the private sector. IDB Invest finances sustainable companies and projects to achieve financial results and maximize economic, social, and environmental development in the region. With a portfolio of $20.1 billion in asset management and ~500 clients in 25 countries, IDB Invest provides innovative financial solutions and advisory services that meet the needs of its clients in a variety of industries.

Follow us: 

https://www.linkedin.com/company/idbinvest/

https://www.facebook.com/IDBInvest

https://twitter.com/BIDInvest

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions