Jobs Career Advice Signup

Send this job to a friend


Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Mar 26, 2021
    Deadline: Not specified
  • Médecins sans frontières (MSF) or Doctors Without Borders, is an international humanitarian-aid non-governmental organization (NGO) and Nobel Peace Prize laureate, best known for its projects in war-torn regions and developing countries facing endemic diseases.
    Read more about this company


    Data Protection Project Manager (Nairobi)

    MSF Eastern Africa

    MSF Eastern Africa is the regional institutional office for MSF in East Africa. The office focuses on representation and networking, including with humanitarian organisations and authorities, recruiting and supporting staff from the region, communications and fundraising, as well as on other dossiers of importance to MSF such as Diversity, Equality and Inclusion (DEI), mutualization, trainings, medical operational support and environmental health.

    You can learn more about MSF  here or via our digital channels – FacebookInstagramTwitter and LinkedIn.

    Data Protection

    Since entering into force in May 2018, the EU General Data Protection Regulation (GDPR) applies to all entities in the European Economic Area (EEA) and – due to the extended territorial scope – to a large extent also to entities outside of the EEA. The GDPR has led to a significant rise in data protection compliance duties.

    In Kenya, The Data Protection Act, 2019, was signed into law back in 2019. The Act, whose comprehensive legislation borrows heavily from the European Union’s General Data Protection Regulation (GDPR), seeks to create an institutional framework and legal guidelines for processing personal data in Kenya and belonging to Kenyans. Kenya’s first data commissioner was sworn in October 2019 to ensure protection, proper handling and processing of personal data by different entities.

    As the GDPR came into force, MSF acknowledged that we were not sufficiently compliant globally and locally. In response, an International Data Protection Steering Committee was created by higher MSF executive level in 2017 and a steering committee created. The creation of data protection board has been approved in 2021.

    Main responsibilities

    Under the general Director and in collaboration with the Head of finance, the project manager will develop the Data Protection and implementation strategy, assuring compliance with GDPR, and other applicable data protection laws. She/he will implement MSF Baseline and will be developing a system to prevent or deal with violations of legal guidelines and internal policies.  She/he will utilize the Data protection Software “OneTrust”  to support the development of the data protection system.

    Key tasks include:

    • Gap analyses :  In order to assess MSF-EA data protection To Do’s, a “gap analysis” between the current status of data protection compliance and the obligations deriving from the GDPR and Kenyan Regulation should be carried out.
    • Risk Analysis – prioritization:  The Project Manager-Data Protection will have to assess what kind of data processing activities are of biggest risk/ and arrange its resources respectively.
    • Project drawing / resources & budget planning; Draw the Road map for the GDPR implementation process with planning of activities, stakeholder identification, assigning responsibilities, change management plan.
    • Implementation of a compliant data protection structure: Implement the Baseline and the selected GDPR requirements; Organizational requirements, Notification obligations, IT/Cyber Security requirements, Contractual requirements.
      • Defined roles and responsibilities in the involved Company entities: Set up a structure of persons responsible for data protection in foreign stakeholder entities as well as within MSF EA.
      • Procedures and concepts: Ensure that concepts, policies and standard operating procedures (cumulatively “SOPs”) are in place where needed to ensure effective implementation of Baseline and GDPR selected obligations
      • Training: Train Employees on their obligations and responsibilities deriving from the GDPR.
      • Documentation of Compliance: Implement appropriate measures allowing EAS to demonstrate compliance with GDPR requirements.
    • Data processing agreements: Due to the agreements that MSF EA must conclude with internal and external parties, implement a sensible data processing contract management strategy.

    Selection Criteria

    • Relevant experience with a demonstrated expertise in designing and implementing a data protection compliance, with relevant/related studies in technical area.
    • Applied knowledge in Project management.


    • Commitment to MSF’s Principles
    • Cross-cultural Awareness
    • Behavioural Flexibility
    • Stress Management
    • Analytical Thinking
    • Results and Quality Orientation
    • Service Orientation
    • Planning and Organising
    • People management and development
    • Teamwork and Cooperation

    Working Conditions

    • Position based in Eastern Africa Section (EAS) office
    • Full time job.
    • Duration of contract: 4 months.
    • Monthly gross salary of KES 288,806 + Secondary benefits based on EAS Reward Policy.
    • Starting date: April 2021. 
    • Relocation expenses and return ticket to & from KE is fully covered.
    • Accommodation is covered.

    Method of Application

    Interested and qualified? Go to Medecins Sans Frontieres (MSF) on to apply

    Note: Never pay for any training, certificate, assessment, or testing to the recruiter.

  • Send your application

    Back To Home View All Vacancies at Medecins Sans Frontieres (MSF)

Career Advice

View All Career Advice

Subscribe to Job Alert


Join our happy subscribers

Send your application through

Yahoomail Gmail Hotmail