Overview
The Compliance Officer will contribute to the implementation and operationalization of the INTERPOL Data Protection Management System, focusing on operational compliance execution, data protection impact assessments, and business-enabling advisory activities.
Key Responsibilities
- Conduct DPIAs, LIAs, operational compliance reviews, governance assessments, and risk evaluations.
- Assess operational processing activities involving sensitive, high-risk, cloud-based, AI-enabled, or law-enforcement-related processing environments.
- Support the identification, assessment, documentation, mitigation, and follow-up of data protection risks, governance gaps, and compliance deficiencies.
- Provide practical, risk-based, and business-enabling guidance to stakeholders regarding data processing activities and governance requirements.
- Support operational projects, innovation initiatives, digital transformation programmes, cloud initiatives, and operational deployments.
- Contribute to governance activities relating to information governance, data governance, operational data lifecycle management, cloud governance, and emerging technologies.
- Support governance and compliance activities relating to AI-enabled environments, operational analytics, automation initiatives, and evolving digital processing ecosystems.
- Contribute to the implementation and operational maintenance of the INTERPOL Data Protection Management System (IDPMS).
- Coordinate activities relating to compliance implementation, governance monitoring, operational reporting, and remediation tracking.
- Perform awareness activities, operational workshops, presentations, training initiatives, and stakeholder engagement activities.
Required Experience
- At least 3 years of progressively responsible professional experience in data protection, information governance, compliance, operational risk management, cybersecurity, digital governance, or related fields.
- Demonstrated experience independently conducting and managing DPIAs, LIAs, operational compliance reviews, governance assessments, or risk management activities in complex operational environments.
- Experience supporting operational data processing activities within law enforcement, defense, security, intelligence, governmental, regulatory, or other sensitive operational environments would be considered a strong asset.
- Experience assessing third-party, vendor, cloud, SaaS, or cross-border processing environments would be considered an asset.
- Experience supporting cloud governance, operational technology environments, information governance initiatives, AI-enabled, data/driven and emerging technology processing activities, or digital transformation programmes is highly desirable.
- Experience with governance reporting, KPI monitoring, dashboarding, data visualization, or analytical reporting tools (e.g. Power BI or equivalent platforms) would be considered an asset.
- Experience engaging with operational, legal, managerial, procurement, cybersecurity, and technical stakeholders in complex and multicultural environments is highly desirable.
- Experience translating legal and governance requirements into operationally practical and business-oriented guidance is strongly desirable.
Qualifications
- Three to four years of completed university education in law, information governance, data protection, cybersecurity, information management, international public administration or another relevant field.
- An Advanced university degree would be considered as an asset.
- Relevant professional certifications in privacy, data protection, governance, risk, compliance, cybersecurity, or information management would be considered an asset.
