ACO Data Protection Officer
🔍 Belgium
- 📅
- 241467 Requisition #
Post Context/Post Summary
Supreme Headquarters Allied Powers Europe (SHAPE) provides an integrated Strategic Effects framework, employing a multi-domain and multi-region focus to create a 360-degree approach, with the flexibility to enable, upon direction, a seamless transition from Baseline Activities and Current Operations (BACO) up to the Maximum Level of Effort (MLE). SHAPE supports the Supreme Allied Commander of Europe (SACEUR) in fulfilling his terms of reference, as directed by the North Atlantic Council.
The Command Group (CG) provides and sustains strategic level command and control capabilities to support SACEUR in exercising his command functions.
The Office of the Chief of Staff (OCOS) provides full spectrum support to COS/Vice-COS in fulfilling their duties.
The Office of Organisational Advisory and Change Management (OACM), as an integral part of the Office of the Chief of Staff (OCOS), provides: a holistic, cross-functional, objective analysis and advisory capacity.
The SHAPE Personal Data Protection Officer is a member of the Data Protection Office (DPO) that develops the Data Protection program, oversees its implementation, monitors compliance and advises the SHAPE COS of all Personal Data Protection matters.
The function of the SHAPE DPO is an essential component of an effective data privacy accountability, data privacy compliance and privacy protection of individuals. The SHAPE DPO role encompasses strategic and governance functions in addition to a compliance function.
Principal Duties
The incumbent's duties are:
1. To advise the ACO Data Controller (COS SHAPE) in all Personal Data Protection matters across SHAPE.
2. A member of the ACO Data Protection Office and be the secretary of the ACO Data Protection Board.
3. To provide Personal Data Protection support and advice across SHAPE, including all operations, activities and missions under the direct command and control of SACEUR.
4. To ensure that ACO/SHAPE policies on Personal Data Protection and Privacy are up to date with relevant industry standards and assist the ACO DPO to ensure that subordinate HQs conform to the ACO Personal Data Protection Directive (AD 015-026).
5. To monitor and record Personal Data Protection maturity across SHAPE.
6. To ensure data protection policies, where applicable, are included in SHAPE directives are maintained up to date.
7. To compile and maintain comprehensive reviewable records of all personal data processing activities conducted by SHAPE, including the purpose of all personnel processing activities.
8. To act as the main point of contact for questions and requests regarding, the application of Data Protection regulations within SHAPE.
9. Act as the main entry point for data protection complaints within SHAPE.
10. To assist in data breach investigations, including the cooperation with all relevant stakeholders within SHAPE and with other NATO entities, if required.
11. To create, keep and maintain a data protection network of relevant Subject Matter Experts within other NATO bodies, other International Organisations, National Organisations and any other third parties.
12. Lead on the training all relevant staff on safeguarding personal data and ensuring compliance with applicable Data Protection rules and regulations.
13. To maintain a situational awareness of the Personal Data Protection environment, including relevant domestic data protection regulations.
14. To represent SHAPE in relevant conferences and seminars on Personal Data Protection.
Special Requirements and Additional Duties
The incumbent may be required to undertake deployments in support of military operations and exercises, and/or TDY assignments, both within and without NATO boundaries up to 180 days. The employee may be required to perform a similar range of duties elsewhere within the organization at the same grade without there being any change to the contract.
Essential Qualifications
a. Professional/Experience
1) A minimum of 2 years’ experience in planning, implementing, and/or operating Personal Data Protection Program in an international/multinational organization.
2) A minimum of 2 years’ experience in business analysis, risk management or process review.
3) A Personal Data Protection certification issued by a recognized institution.
b. Education/Training
University Degree in human resources management, business or public administration, law, cyber security or related field, business administration, engineering, economics, public administration, operations research, business process engineering or related discipline and 2 years function related experience, or Higher Secondary education and completed advanced vocational training in that discipline leading to a professional qualification or professional accreditation with 4 years post related experience.
c. Language
English - SLP 3333 - (Listening, Speaking, Reading and Writing)
Desirable Qualifications
a. Professional/Experience
1) Experience in populating and maintaining a Registry of Processing Activities, performing Data Protection Impact Assessment and personal data breaches investigations.
2) Experience in policy development and implementation.
3) Experience in a NATO environment, and sound knowledge of NATO and ACO structure, organization and mission.
4) Previous experience in a military headquarters or international organization
5) Knowledge of NATO/SHAPE collaborative tools, as well as creating and managing collaborative environments (Share Point, Power Bi, Excel).
Attributes/Competencies
Personal Attributes:
The range of personal attributes required for this post are very demanding and exacting, but without them the function will fail. Foremost, an analytical mind is needed to identify and evaluate complex and competing issues and that can develop imaginative yet still pragmatic solutions. Inter-personal skills must also be highly developed. The post holder will be working in an international community where different cultural values and styles exist. The holder will need to be able to work successfully with staff at all levels of the organization, from the lower ranks during the analysis work up to the highest levels when presenting findings and recommendations. This requires tact, judgement and agility. High standards of personal and professional behavior and moral courage are also needed, as not all reviews and recommendations will be welcomed. The holder will operate in organizational review teams with a degree of autonomy and will need to be able to present persuasive and cogent reports at appropriate level. Excellent communication skills are also a premium asset. A team player is also a key attribute.
The incumbent can have direct contact with any area of activity within the ACO structure and with external agents who provide services or interfaces with ACO. These contacts will be undertaken on a professional basis. In order to keep abreast of best practices and to develop benchmarks for ACO, contacts will be maintained with both military and commercial enterprises so that experiences can be shared.
Supervise the conduct of programmes, projects and reviews and all data protection issues, as directed by Chief OACM.
Professional Contacts:
Post requires regular professional contacts within and outside the organization. The incumbent solicits and provides information as well as advice. The job involves working with contacts within NCS and NFS Commands and requires high level of maturity, understanding of sensitivities within an international environment and diplomatic tact when dealing with others. The incumbent might be requested to represent ACO at meetings with internal and external participants up to and including ACO Commanders. Decisions influenced by the incumbent and agreed by the SHAPE Command Group will impact ACO Data Protection policies, processes and procedures and, indirectly, NATO’s ability to succeed with its AOM, operations and missions.
Contribution to Objectives:
Post provides information and analysis and contributes directly to ACO’s Data Protection and to the development of advice submitted by SHAPE to the Nations relating Data Protection. Incumbent will be involved with and contribute to the decisions of senior staff and the Command Group. The achievement of this mission is critical to the ability of NATO Commanders to succeed with their AOMs and ultimately for NATO to fulfil its obligations.
REMARKS:
Duration of contract: Pending Approval. Serving staff members will be offered a contract according to the NATO Civilian Personnel Regulations (NCPR). Newly recruited staff will be offered a definite duration contract of three years normally followed by an indefinite duration contract.
The salary will be the basic entry-level monthly salary defined by the NATO Grade of the post, which may be augmented by allowances based on the selected staff member’s eligibility, and which is subject to the withholding of approximately 20% for pension and medical insurance contributions.
NATO is committed to diversity and inclusion, and strives to provide equal access to employment, advancement, and retention, independent of gender, age, nationality, ethnic origin, religion or belief, cultural background, sexual orientation, and disability. NATO welcomes applications of nationals from all member Nations.
Building integrity is a key element of NATO’s core tasks. As an employer, NATO values commitment to the principles of integrity, transparency, and accountability in accordance with international norms and practices established for the defence and related security sector. Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
Applicants who prove to be competent for the post but who are not successful in this competition may be offered an appointment in another post of a similar nature, which might become vacant in the near future, albeit at the same or lower grade, provided they meet the necessary requirements.
We believe that all people are capable of great things. Because of this, we encourage you to apply even if you do not meet all of the criteria listed within this job description.
HOW TO APPLY FOR A NATO CIVILIAN POST AT SHAPE:
Applications are to be submitted using NATO Talent Acquisition Platform (NTAP) (https://nato.taleo.net/careersection/2/jobsearch.ftl?lang-en). Applications submitted by other means (e.g. mail, e-mail, fax, etc) are not accepted.
More information to be found on these links:
Shortlisted candidates will be requested to provide original documentary evidence and a set of copies supporting statements in their applications. Appointment is subject to obtaining a NS security clearance and a medical certificate.
Remarks:
A) Only nationals from the 32 NATO member states can apply for vacancies at SHAPE.
B) Applications are automatically acknowledged within one working day after submission. In the absence of an acknowledgement please make sure the submission process is completed, or, re-submit the application.
C) Qualified redundant staff of the same grade interested in this post should inform this office, via their HR/Personnel Office by not later than vacancy’s closing date.
D) NATO will not accept any phase of the recruitment and selection prepared, in whole or in part, by means of generative artificial-intelligence (AI) tools, including and without limitation to chatbots, such as Chat Generative Pre-trained Transformer (Chat GPT), or other language generating tools. NATO reserves the right to screen applications to identify the use of such tools. All applications prepared, in whole or in part, by means of such generative or creative AI applications may be rejected without further consideration at NATO’s sole discretion, and NATO reserves the right to take further steps in such cases as appropriate.