Legal Counsel and Data Protection Officer Full Time
The CyberPeace Institute is currently recruiting for a dynamic Legal Counsel and Data Protection Officer with deep knowledge of cyber operations, data protection and privacy. In an age where the sophistication and hybrid nature of cyberattacks is deepening the accountability gap, we are looking for a hands-on professional motivated by a commitment to protect civilian populations. The jobholder’s deliveries will be critical in preventing global harms by malicious actors and ensuring that vulnerable populations are safe in cyberspace.
As part of our growing core team, the jobholder will work closely with our operational functions, serve as the Institute’s Data Protection Officer and advise the Institute, including working with outside counsel when needed, on a range of issues. The successful candidate must be a qualified and licensed legal practitioner in good standing. Given the range of jurisdictions implicated by its operations and the primary advisory role of this position, the Institute welcomes applications from candidates qualified to practice outside of Switzerland and the European Union.
In close cooperation with the Institute data analysts, forensic investigators, cyber assistance experts and policy experts, the successful candidate will be responsible for implementing the highest standard of data protection at the core of the CyberPeace Institute data processing activities. The candidate will be hands-on in the operational deliveries of the CyberPeace Institute, as an integrated part of the mission to support vulnerable populations against cyberattacks and cyberoperations. The candidate will demonstrate how data protection is an enabler of safety in cyberspace.
This is a tremendous opportunity for an individual to show how ground-breaking analytical capabilities and data protection standards can blend to effectively foster collective intelligence against cyberattacks, and promote peace in cyberspace. If you want to support the most vulnerable, and if you wish to work in a demanding but yet challenging and rewarding environment, we are excited to receive your application.
As the CyberPeace Institute Legal Counsel and Data Protection Officer, your daily work will consist of;
1-Operational guidance, with a focus on data protection and privacy
- Manage the Institute’s privacy and data protection program, which defines, develops, maintains and implements policies and processes that enable consistent, effective privacy and data protection practices, including chain of custody for data and digital evidence, cross-border access to data, and end-to-end responses to privacy requests;
- Provide operational guidance regarding the applicability and implications of global privacy, data protection laws and digital forensic best practices, including, championing a “privacy-by-design” approach and overseeing legal and regulatory aspects of data processing, privacy disclosures and transparency, data security and breaches, and the impact of emerging technologies;
- Liaise with regulating bodies to ensure that programs, policies and procedures are consistent with law and regulations;
- Translate complex privacy and security related laws and regulations into actionable operational approaches; and
- Keep up to date with evolving cybercrime and cyber investigation models and how they impact the Institute data processing activities.
2-General legal advice
- Advise on various legal issues, including Institute contractual engagements with partners, donors and providers; and
- Coordinate and manage the Institute collaboration with third party legal counsel.
Experience, skills and attributes
As an experienced professional, you have
- At least 5 years of hands-on experience advising on data protection practices in a cyber environment, notably processing of personal and sensitive data to analyze cybercrime and cyberoperations;
- At least 5 years of experience in legal counselling in an international environment;
- Hands-on experience in applying high standards of data protection in an operational environment (i.e., consistent with GDPR); and
- Demonstrated solution-oriented approach to data protection challenges, notably through daily engagement with operations teams, including data analysts and cyber investigators.
As a complement, the following skills are nice to have
- Capacity to review contracts and documents in French;
- Experience in implementing operational data-protection solutions under Swiss Law; and
- Experience in reviewing contracts under Swiss Law.
- High degree of professional ethics and integrity;
- Ability to exercise agility and adaptability in providing legal advice;
- Strong attention to detail, diligent, able to meet tight deadlines and work under pressure;
- Good written and verbal communication skills for reporting findings and conveying technical information to technical and non-technical people;
- Lateral thinker, capable of listening to other people’s points of view, and understanding and integrating multiple internal and external perspectives;
- A strong team spirit and enjoyment working in teams composed of people from different fields and backgrounds.
The working language of the Institute is English. A strong command of this language is required, with a very good understanding of the cybersecurity jargon. Showing similar command in French is preferred for the post.
The CyberPeace Institute is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, marital status, medical condition, national origin, physical or mental disability, political affiliation, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
- Type of role: Open ended
- Working rate: 100%
- Starting date: As soon as possible
- Location: Geneva (GVA), with remote working possibilities
Please submit your application including;
- a CV (2 pages max), in a pdf format.
- a cover letter (on page max) describing your motivation, in a pdf format.
- at least two examples of practical solutions proposed/implemented by the candidate, addressing a data-protection challenge in a cyber or big data-intensive environment.
Deadline for application is 15/08 at 23:59 CET
Incomplete Applications or those received after the deadline will not be considered.