Chief Data Privacy Officer - STAAI at International Monetary Fund

Work for the IMF. Work for the World.

The International Monetary Fund (IMF) is seeking a highly skilled and experienced Chief Data Privacy Officer (CDPO) to spearhead its data privacy initiatives. This role is crucial in safeguarding the IMF’s institutional interests, as well as those of its members and partners. The CDPO will report to the IMF Chief Data Officer while maintaining independence on data privacy compliance matters.

The ideal candidate for the position must have familiarity with privacy regulations, substantial experience in data privacy risk management within large international financial institutions with privileges and immunities, and knowledge of established privacy programs used in such institutions. The CDPO will be responsible for developing and implementing data privacy policies, monitoring global data protection regulations, and fostering a culture of privacy awareness. They will work closely with project teams across the IMF, including information security, legal, human resources, procurement, risk, and other key operational departments. The successful candidate will mature the IMF’s privacy program and provide expertise on privacy risks, particularly those arising from technological innovation and emerging data uses.

Core Responsibilities:

Strategy and Governance

• Provide strategic guidance and thought leadership on establishing a robust privacy risk posture for the IMF.

• Define the direction, scope, and execution strategy for the IMF’s Policy implementation.

• Design and deliver comprehensive training programs to educate employees at HQ and field offices on data privacy best practices.

• Deliver comprehensive reports to senior management on data privacy matters, including compliance status and risk management.

• Collaborate closely with internal and external stakeholders to ensure data privacy requirements are met.

• Establish robust mechanisms for managing compliance with the Policy and data privacy practices within the organization.

• Track international data privacy best practices and engage with other international organizations by:

  • Sharing knowledge and expertise based on experience.

  • Representing the IMF’s DPO in relevant discussions on data privacy issues.

Privacy Operations

• Develop and maintain comprehensive data privacy policies and procedures ensuring compliance across the organization.

• Provide expert guidance to IMF departments on interpreting and implementing the Policy.

• Conduct regular assessments of data privacy risks in projects and activities, recommending measures to mitigate identified risks.

• Maintain a repository of personal data processing activities and collaborate with IT department to create and maintain personal data asset inventories.

• Promote and facilitate "privacy by design" for all new IT projects.

• Serve as the primary point of contact for and oversee all data subject requests.

• Lead the response to personal data privacy incidents/breaches in partnership with information security, communications, legal, and other key stakeholders; conduct personal data impact assessments and recommend appropriate outreach and communication to impacted data subjects.

• Assess and monitor vendor-related privacy risks in collaboration with key stakeholders such as legal, procurement and third-party risk management.

• Oversee the procurement and implementation of IT tools to support DPO activities and PETS.

• Manage resources efficiently and effectively.

Additionally, the CDPO is expected to support Cybersecurity, Data Governance, Responsible AI, and AI Governance programs.

Minimum Qualifications:

The ideal candidate will bring the following qualities and capabilities to this position: 

• Advanced university degree, or equivalent, supplemented by a minimum of fifteen (15) years of relevant work experience in risk, compliance, or data governance, including supervisory and/or managerial experience is required. Alternatively, a bachelor’s degree, or equivalent, supplemented by a minimum of nineteen (19) years of relevant professional experience, including supervisory and/or managerial experience, is required.

• Proven track record in designing and managing data privacy programs for global international financial institutions.

• In-depth knowledge and practical implementation experience of internationally accepted data privacy standards.

• Strong managerial, analytical, and problem-solving skills.

• Excellent communication and interpersonal abilities.

• Capacity to lead and influence at all organizational levels.

• Expertise in the IMF’s data processing operations and familiarity with its data activities.

• Experience defining and articulating data privacy policies.

• Experience monitoring compliance and leading cross-functional projects.

• Proficiency in privacy enhancing tools and technologies, such as encryption and data masking, and privacy management software.

• Broad networks for indirect influence and the ability to develop trusting relationships.

• Leadership qualities include decisiveness, fairness, and the ability to make practical, risk-based decisions.

• Relevant certifications in risk management, privacy, and/or AI governance, as well as expertise in data governance and incident response management, are considered a plus.

This vacancy shall be filled by a 3-year Term appointment in accordance with the Fund’s new employment rules that took effect on May 1, 2015. This position requires Review Committee/Senior Review Committee Approval.

Department:

Hiring For:

The IMF is guided by the principle that the employment, classification, promotion, and assignment of staff shall be made without discrimination against any person. We welcome requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process.