Skip to Job Description
Consultant – Data protection Information Security consultant (International - HQA)
United Nations Secretariat (UN)
UNRWA - Information Management - Headquarters Amman
Amman (Jordan)
CON Consultancy
Information and Communication TechnologyResearch and data scienceSecurity and Safety
Close on 12 Oct 2025
A Hardship New
Apply Now
Posted 7 hours ago
Job Description
Result of Service
The consultant will support the development, implementation, and continuous improvement of cybersecurity operations and vulnerability management frameworks, ensuring alignment with international standards and organizational policies.
Work Location
Amman - Jordan
Expected duration
up to 12 months
Duties and Responsibilities
The Consultant will work closely with program teams, IT staff, and field offices to: - Analyze and document data flows and systems used in Education and Health programs. - Identify gaps and risks in current data processing practices. - Recommend technical and organizational measures to ensure compliance with UNRWA’s Data Protection Policy. - Support the integration of data protection principles into program operations and digital platforms. Specific Outputs/Tasks include but not limited to: • Systems and Data Mapping - Conduct a comprehensive mapping of digital systems and data flows within Education and Health programs. - Document types of personal and sensitive data collected, processed, stored, and shared. - Identify third-party systems or integrations and assess associated data protection risks. • Gap Analysis and Risk Assessment - Perform gap analyses against UNRWA’s Data Protection Policy and international standards. - Conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities. - Identify vulnerabilities and recommend mitigation strategies. • Policy Implementation Support - Translate policy requirements into practical guidance for program and IT teams. - Develop templates, checklists, and SOPs to support compliance. - Advise on privacy-by-design and data minimization strategies. • Capacity Building and Awareness - Deliver tailored training sessions and awareness materials for Education and Health staff. - Build capacity for field-level personnel to manage data responsibly and securely. • Reporting and Coordination - Prepare reports and presentations for internal stakeholders and donors (e.g., KfW). - Coordinate with legal, ethics, and program teams to ensure integrated approaches. - Participate in relevant inter-agency or donor coordination platforms as needed. DELIVERABLES - Review UNRWA’s Data Protection Policy and KfW program documentation - Develop work plan and methodology for field-level analysis - Conduct system and data mapping - agency wide - Assess compliance with Data Protection Policy - agency wide - Draft preliminary findings and recommendations - agency wide - Synthesize findings across all fields - Identify common challenges and best practices - Develop cross-field recommendations - Draft templates and SOPs for data protection compliance - Provide advisory support to program teams - Provision and implementation of capacity building plans, by developing the material and the toolkit and delivering the training sessions - Refine SOPs, templates, and checklists - Prepare consolidated guidance package - Review with HQ and field stakeholders - Submit final report covering all deliverables - Present findings to senior management and donors
Qualifications/special skills
• Advanced university degree (Master’s or equivalent) in Information Technology, Law, Data Protection, Public Health Informatics, or related field. A first-level university degree in combination with two additional years of qualifying experience may be accepted in lieu of the advanced university degree. • Certification in data protection/privacy (e.g., CIPP/E, CIPM, CDPO) is an asset. • Excellent oral and written communications skill in English. Arabic language is an advantage. • A minimum of five (5) years of progressively responsible experience in information security, or data protection including at least two (2) years of active leading data protection assessment • Experience working in a complex international environment or multilateral organization is desirable. • Expert knowledge of Microsoft Data Protection/Compliance technologies (Purview, DLP, IRM).
Languages
● Fluent in spoken and written English. ● Fluency in spoken and written Arabic is a plus.
Additional Information
CONDITIONS OF SERVICE • The selected candidate will receive a monthly remuneration that is equivalent to P3 Step 1 amounting to $7,924.25 for every fully completed month. • The duration of the Contract is up to 12 months, and the possibility of extension is subject to the availability of funds and continuing need and satisfactory performance.
No Fee
THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.
{{waiting}}
This position is no longer open.
Apply on Organization Website
UNjobnet Logo
Connect with us
Privacy Policy | About Us | For Employers