Data Privacy Project Manager Symphony Program

Position: Data Privacy Project Manager

Location: Paris or Barcelona, Geneva, Amsterdam, Brussels

Contract: Fixed term – 12 months

Starting date: ASAP

Deadline for applications: 15th October 2017



Médecins Sans Frontières (MSF) is an international, independent, medical humanitarian organisation that delivers emergency aid to people affected by armed conflict, epidemics, healthcare exclusion and natural disasters. MSF offers assistance to people based only on need and irrespective of race, religion, gender or political affiliation.

MSF International is the legal entity that binds MSF’s 21 sections, 24 associations and other offices together (the Movement). Based in Geneva, MSF International provides coordination, information and support to the MSF Movement, as well as implements international projects and initiatives as requested. MSF International also provides administrative support to the MSF Access Campaign.



MSF is embarking on a global HRIS project of design, development and integration of HR systems and processes across 24 MSF recruitment offices. In the preliminary phase of the project, a feasibility study was carried out, functional and technical requirements defined and a HRIS solution identified. The project is now entering the implementation phase aiming at realizing the solution with SAP HCM / e rec and deploying it in the MSF offices and is enlarging the project team to carry out this international project.

Since the implementation of Symphony will induce a new technology to support HR process flow, it will need to be compliant with General Data Protection Regulation (GDPR) regulations and as such demonstrate its compliance via a set of accountability measures.

The Data Privacy Project Manager supports the Symphony international program in the coordination and implementation of all activities required to ensure compliance with GDRP regulations.

You will be part of a collaborative team, based in diverse MSF offices in the world, and you will be working in a cross-cultural environment. 



Inside the MSF International Office you will be a member of the Symphony Program

Team, you can be either based in Paris, Barcelona or in another MSF Hub location and you will report directly to the Program Manager. You will need to actively interact with MSF end users and managers in all MSF sections.



Main Responsibilities:

  1. Prepare and document a global framework of compliance and accountability of the Symphony Program to the GDPR.
  • Launch a global data protection impact assessment for Symphony directed by the GDPR project manager.
  • Map the operation processes for personal data in Symphony (processes, category and nature of data, reasons for processing data, actors involved (internal and external), flow of data in particular outside EU.
  • Identify legal basis for each operation process and build an assessment of the risks on the freedoms of data subjects.
  • Define the measure envisaged to address the risks and demonstrate compliance with GDRP.
  • Implement and document these measures such as :
    • contractor’s compliances  
    • securities measure in place
    • method of exercises of individual rights (obligation to inform the individual).
  • For each of this measures identify the responsibilities and scope of action between Symphony and the implemented section.
  • Contribute with MSF International GDPR steering committee member to build a template for the contract of use of Symphony regarding Private Data.
  1. Ensure the deployment locally of the framework during the implementation of Symphony in each section.
  • Add to the methodology of deployment in each section a stream dedicated to data privacy compliance.
    • Update locally the map of operation processes impacted by the deployment of Symphony
    • Gather with local GDRP referent local legal obligation and review consistency with global legal basis.
    • Update or localize if required the measures envisaged.
    • Based on the responsibility table defined, follow up on the implementation of the measures under the section responsibility.
  1. Organize the follow up of the GDPR compliances of Symphony after Go Live

Implement the post go lives maintenances processes focusing on:

  • Organizing the follow up on Risks and Frauds (incident’s register and implement actions measures).
  • Organizing regular audits of the system.
  • Ensuring a continuous process of transparency to individuals.
  • Ensuring that all improvement or change requests in the system are consistent with GDPR and implement potential corrective measures.



  • Good understanding how to build, implement and manage data protection programs
  • Expertise in national and European data protection law, including an in-depth knowledge of the GDPR
  • Demonstrate integrity and high professional ethics
  • A degree as data protection officer would be a plus
  • Experience as IT security project manager or as a legal on personal data
  • Project Manager experience
  • Communication skills
  • Strong organization skills
  • Previous experience in project cycle management, preferably in a nongovernmental organization context
  • Proven experience in organizing and prioritizing workload, using initiative when appropriate
  • Proven communication skills
  • Proven legal skills

Specific requirements

You are a self-starter with excellent verbal and written communication skills. You are comfortable interfacing with our MSF management on a daily basis as this role requires daily interaction with our internal Stakeholders at many levels.

Strong written and verbal communication in English and in French, presentation and diplomacy skills, client service and technical writing skills, coupled with a genuine interest in, understanding of, and commitment to the humanitarian principles and challenges of MSF.


Starting date: ASAP

Contract: 12 months

Location: Paris or Barcelona preferable or MSF Hub (Geneva, Amsterdam, and Brussels)

Deadline for applications:  15th October 2017


Candidates must already have the right to work in Europe

Please submit all applications only by email to: stating “Data Privacy Project Manager Symphony” in the title. Please submit only one file containing your CV and cover letter and name the file with your family name.

- Only short-listed candidates will be contacted -