TI-Bangladesh

Data Protection Officer

Posted on January 4, 2021

Job Context

Transparency International Bangladesh (TIB) is inviting applications from Bangladeshi nationals for the position of Data Protection Officer, to be recruited initially for a period up to December 2021, and subsequently for an additional five years, subject to due completion of necessary approval processes. Upon joining, the incumbent will be regarded as a member of the team for TIB’s core project, BIBEC (Building Integrity Blocks for Effective Change), and from January 2022 for PACTA (Participatory Action against Corruption: Towards Transparency and Accountability), the new core project, and will remain reportable to the Executive/Deputy Executive Director.

Responsibilities

Planning and implementation of internal and external strategies for personal data or information protection:

1. Take a leading role in assessing and evaluating TIB’s existing practices/policies on the collection, process and use of both manual and automated personal data or information based on the national laws of Bangladesh and international best practice such as, ‘European General Data Protection Regulation’.
2. Develop personal data or information protection policies /guidelines/strategies based on the national laws of Bangladesh and international best practice referred to above, with the aim to ensure the protection of all kinds of personal data or information collected, processed and used in, amongst others, TIB’s research and policy activities, civic engagement, training and capacity building, knowledge management, membership programs, and social movement building.
3. Propose/update policies/guidelines on, inter alia, consent of the data subject, management of sensitive personal data, data anonymisation and encryption, personal information or data protection of human resources/employees, Bring Your Own Device, Standard Contract Terms, employee contracts/appointment letter, TIB’s Website Cookies management, personal data transfer to any third party, binding corporate rules, cross-border data transfer and rights of the data subject, etc.
4. Ensure the effective implementation of these strategies/guidelines/policies developed with the aim to ensure the protection of all kinds of personal data or information so collected, processed, and used.
5. Develop mechanisms to ensure the effective maintenance of records of both manual and automated personal data or information collected, used, and processed through TIB’s research and policy activities, civic engagement, training and capacity building, knowledge management, membership programmes, and social movement building, etc.
6. Develop a general personal Data Protection Manual based on the national laws of Bangladesh and international best practice such as, the ‘European General Data Protection Regulation’ for the future use of TIB.
7. Develop special manuals on the management of SPAM and Phishing/Smishing/Vishing/Spear Phishing/Whaling, social media use, etc.
8. Regularly train TIB staff including staff employed in different adjunct research/projects about the policies/strategies/guidelines and manuals on the protection of personal data or information so developed.
9. Circulate timely emails on possible phishing attacks or cybersecurity threats.
10. Regularly assess, monitor, and oversee the data protection practices at different levels and or stages of TIB’s project activities.
11. Regularly monitor international legal developments on the personal data protection and inform TIB’s relevant departments suggesting directions.
12. Report on the proper implementation of policies so adopted.

Content management, and improvement of organisational policies and website:

1. Closely work with the IT security and outreach and communication team to develop a depository of personal data in TIB’s custody.
2. Closely work with the IT security and outreach and communication team to ensure the secured maintenance of personal data in TIB’s custody.
3. Develop/evaluate the existing privacy policy regulating TIB’s website and suggest options for improvement based on national laws of Bangladesh and international best practice, as referred to above.
4. Evaluate TIB’s IT security and cookies practices from personal data or information protection perspective and suggest options for improvement based on national laws of Bangladesh and international best practice as referred to above. including ISO and other relevant international standards.
5. The incumbent will be the de facto legal officer of the organisation and will be expected to brief staff members on legal issues, potential risks and liabilities, and possible courses of action in full compliance with the law of the land. S/he must also strive to minimise risks for the organization.
6. The incumbent will frequently need to write and review policies, guidelines, documents, research reports, contracts, agreements and more. This task makes up a significant portion of her/his day-to-day work and requires both focus and precision.
7. It is essential for the incumbent to regularly analyse the actions and decisions of the organisation in order to identify problem areas and gaps, suggest alternative courses of action and mitigate risk as much as possible.

Management of personal data or information in outreach and communications efforts:

8. Review all communications projects (e.g., editorial calendars, campaigns, Google AdWords, branding initiatives, etc.), including setting timelines, assign roles, facilitate meetings, and liaise with external stakeholders, as needed, and suggest best practices that will ensure personal data or information protection.
9. Advise the team that is responsible for designing, planning and managing programme and advocacy activities on possible options from personal data or information protection perspective (with logistical support from other relevant staff).
10. Advise the team that is responsible to propose and implement outreach activities with public participation, such as, roundtables, panel discussions, and joint events with partners and stakeholders on possible options from personal data or information protection perspective.
Management of personal data or information issues in Media and public information liaison:
11. Communicate with all data subjects and relevant stakeholders after the depository of personal data is developed to inform them about various personal data or information polices that have been adopted.
12. Take initiative to obtain consent from the data subjects from the depository of personal/official data for the personal/official data or information already collected before the adoption of various policies/strategies/guidelines.
13. Support the implementation of strategies to increase the capacity of the concerned stakeholders on personal data protection during various workshops, training and other programmes.
14. Provide timely strategic advice and creative solutions for dealing with privacy and sensitive personal data protection issues and stories.
15. Undertake field visits as and when necessary.
16. Develop and maintain contacts on behalf of TIB with, amongst others, policymakers and relevant government bodies such as, Digital Security Agency, National Computer Incident Response Team, NGOs, journalists, law enforcement agencies, online service providers and other stakeholders from home and abroad.
17. Function as the first post of call in responding to various queries and concerns of the data subjects and other relevant stakeholders.

Team supervision and management

18. Develop a sub-group of human resource to train TIB staff on legal and security aspects of persona data protection.
19. Manage and oversee the day-to-day operations of the Personal Data or Information Protection Team and provide support and capacity-building to staff.
20. Perform any other work assigned by the orgsanisation.

Special Instruction

Academic Qualification

• A Master’s degree with Honours in a relevant field- Law (with courses in Human Rights, Cyber Law, Cybercrime, and International Law) or IT/Cyber/Digital security.
• Candidates with 3rd Division or CGPA less than 2.5 on a scale of 4 or 3 on a scale of 5 at any level of their public examinations need not apply.

Other Qualification

Training Courses

Professional Certification

Cybersecurity certification, Information protection, Legal

Area of Experience

Cyber security, Digital security, Legal, Regulatory compliance and IT

Skills

Communication, Computer literacy, Cyber security, Digital security, Legal, Trouble shoot and address, Regulatory compliance and IT, Data Protection, Legal documentation

Additional Requirement

• A minimum of 8 years' relevant experience in the legal/regulatory compliance and IT/Cyber/Digital security sectors, preferably 5 years in managerial position.
• Candidates with knowledge and experience of work in governance, regulatory and compliance work with/without Privacy/Information protection/Cybersecurity certification from reputed international certification bodies will be given preference.
• Excellent communication skills in English and Bangla, both written and verbal, and public presentation capacity with special attention to details, accuracy, audience, and basic computer knowledge and word processing skills in both Bangla and English.
• Proven track record of executing high-quality regulatory and compliance work in challenging environments.
• Ability to learn continually, think strategically, and provide leadership that is value- and vision-driven. Ability to work in a team and openness to constructive feedback, and capacity to work in coordination and collaboration with all streams of work across the organisation covered by the project.
• Strong time management skills in multi-tasking imperatives with ability to prioritise complex and at times, competing goals.
• Ability to trouble shoot and address/solve problems independently and/or jointly as appropriate.
• Commitment to contributing to a workplace environment in which diversity is valued and promoted.

Gross Salary

145000

Additional salary Info

Level – L 2, Gross Salary - 1,45,000.00 per month plus other benefits as per relevant rules of TIB. Income tax is payable by TIB staff, deductible at source.

Other Benefits

Annual performance-based increment, Cost of living adjustment, Contributory provident fund, Gratuity, Festival allowance and Insurance etc.
 
Job summary
  • Deadline
  • Total Vacancy
  • Job Type
  • Job Level
  • Work Place
  • Experience
  • Job Circular
  • 18 Jan 2021
  • 1
  • Full time
  • Top
  • Dhaka
  • 8 years
  • NA

TIB follows an equal opportunity policy and actively encourages diversity welcoming applications from all especially women, ethnic, religious and other minorities and people with disability. Only shortlisted candidates will be invited for interview. Any attempt at persuasion is treated as disqualification. If an applicant has an immediate family member in any capacity at TIB, s/he must proactively and clearly disclose it. Such candidates can be employed in TIB only by a special approval of the Board of Trustees, even if duly qualified in the competitive selection process.

TIB strictly observes a policy of zero tolerance to corruption and sexual abuse/harassment and all employees are committed to observe TIB’s Code of Ethics.