Simprints - Privacy & Data Security Manager

Simprints builds cutting edge technology for some of the poorest and most challenging environments on earth. We are working at the exciting interface of biometrics, technology and international development: changing the status quo in the way NGOs and governments deliver vital services like vaccines, health care, finance, and emergency aid. Working with mentors from top companies like Google and the World Bank, we have designed and developed a fully integrated identification system that will reach at least 2.5 million people by 2021.  

We are looking for a Privacy & Data Security Manager to spearhead our strategic and innovative leadership in this area. We are in a unique situation: a nonprofit, impact driven company that is processing millions of highly sensitive biometric records in some of the world's harshest settings. Privacy doesn't get more challenging (and exciting) than this! 

You will be a proven self starter with an enquiring mind, and a capacity to stay curious.  You will have demonstrated ability to dig into detail to identify innovative approaches to privacy and data security, whilst protecting the sensitive personal data of our beneficiaries.  You can understand different perspectives of this complex area, and know how to connect the dots and interact with key stakeholders. An inspiring passion for privacy and data security, as well as the ability to effectively communicate both internally and externally will be essential. 

At Simprints you will be working within a cross-functional team of passionate engineers and development professionals focused on different aspects of designing our products and deploying them in the field. Therefore, a deep-rooted commitment to collaborative problem solving, robust data-driven insights, and high quality communications is critical.  Past experience with the requirements below, and the genuine desire to develop world-class skills, are the ideal fit.

Where this role could lead to

There is huge opportunity to expand and grow within the organisation, for the right candidate this could mean the potential to spearhead a strategic imperative that will enable us to make a significant impact on the use of biometric data within the international development sector, and beyond.  You will lead the way in ensuring that our projects, which reach millions of people, will be deployed to the highest possible privacy standard.  You will become a key advocate, pushing the entire international development and biometrics industry to follow our example and improve privacy standards in their own programmes.

Why Simprints? 

Life is short. We believe work should be awesome, meaningful, and fun. At Simprints we’re taking on global development’s biggest challenges, powered by an amazing culture and incredible people. Work with us, and you will grow faster, learn more, and take on greater responsibilities than nearly any other job.

  • Spearhead the strategic approach to privacy and data security for complex projects that impact millions of beneficiaries.
  • Work closely with a diverse portfolio of clients including big iNGOs such as Mercy Corps or Concern Worldwide, as well as Ministries of Health and Education in South Asia and Sub-Saharan Africa, to realize breakthrough partnership models that can drive sustained impact.
  • Work flexible hours. More efficient late at night? Better before the sun rises? That’s fine by us. We are looking for people who get the job done, not for people who work between 9am and 5pm.
  • Unlimited paid time off.
  • Fieldwork and conference attendance around the world.
  • Fun, fast-paced Scrum culture.
  • Quarterly ‘Lego’ days where you can work on any project you want.
  • Free gym memberships and additional wellness budget.
  • Free healthy breakfast and snacks.
  • Coolest office in Cambridge (it’s a 14th-century castle!) with additional flexibility to work from our London office too.

What skills do you need?

You either have these skills, or you’re willing to learn them quickly:

Technical Skills:

  • Relevant degree or equivalent experience in subject areas including Law, IT, Computer Science, Philosophy.
  • Ability to translate legal concepts into real, practical strategies and oversee and undertake the implementation of these strategies.
  • Strong analytical skills with the ability to collect, organize and analyse complex information from multiple stakeholders and convert this into tangible actions
  • Deep interest and aptitude in privacy, data,and security.
  • Strong track record in stakeholder and partnership management track record. 
  • Excellent verbal and written communication skills, with the ability to craft precise and compelling stories to enable internal alignment and external advocacy.
  • Evidence of a bias to action with strong attention to detail and data-driven decision making.
  • Privacy and Data Security experience within a commercial, technical, or international development environment, would be beneficial but is not essential
  • Familiarly and experience with the application of privacy and data protection regulations, particularly the concepts of privacy by default and design, would be beneficial but is not essential

Note: we will be providing extensive privacy/data security training opportunities to the selected candidate. 

Human Skills:

  • Integrity. You have an unwavering commitment to ‘confronting the grey’ in all areas of your work, and encourage transparency in all your interactions.
  • Intellect. You understand the importance of rigorously detailed data, and have a strong ability to synthesize complex and potentially competing requirements, and convert them into recommendations that drive business decisions.
  • Problem-solving.  You have distinctive problem solving skills and good business judgment. You are capable of translating different privacy related scenarios into clear recommendations.
  • Curiosity. You have a desire to think innovatively and explore and understand how different perspectives and complex data blend together to create the bigger picture and context.  
  • Communication. You are able to collaborate and articulately communicate concepts, ideas and decisions effectively across many levels, and build strong interpersonal relationships with engineers, operational managers, and external stakeholders.  
  • Learning. You love learning new things, are able to think on your feet, and can pick up new tools and methods quickly.  
  • Grit. You have a hands-on, can-do attitude and have the drive to dig deep into problems to discover pain points and features from multiple perspectives, and resilience to stay focused on a project to the end. 
  • Passion. If being part of team that designs and deploys technology for global health sounds exciting, we want to meet you!

What are your responsibilities?

This role will feed directly into the Executive Team’s strategy and reports into the COO.  Your responsibilities will be based around the overarching objective of enabling Simprints to spearhead a proactive and innovative approach to privacy and data security, and will include:

  • Collaborating with cross-functional stakeholders to understand their privacy and data needs and championing privacy in all areas of Simprints
  • Formulating and completing end-to-end analysis of our current approach, and driving strategic leadership in this area both internally and externally by defining our privacy roadmap and any internal procedures 
  • Aligning and leading the Privacy Guild and holding Privacy Squad Leads accountable
  • Owning our security architecture, data-breach review and management system, and working in partnership with the CTO to minimise technical risk
  • Leading external security and privacy assessments, including system penetration testing, social engineering mitigation and other white hat hacking techniques 
  • Ensuring that ‘privacy by default and design’ principles are embedded into the “Simprints DNA”, systems, and processes for data collection and use
  • Take on the Data Protection Officer (DPO) role at Simprints and become the key contact point for the Information Commissioner’s Office (ICO).
  • Support in the resolution and response to any incident affecting sensitive personal data
  • Responding to queries from the business and our external stakeholders on privacy and data security
  • Conducting comprehensive Data Protection Impact Assessments (DPIA) privacy impact assessments  in collaboration with our Impact Partnerships and Project Operations Squads for our on-the-ground projects globally 
  • Escalating and resolving privacy risk arising from any changes in the DPIA
  • Externally advocating a proactive and positive approach to privacy and data security, and promoting higher privacy standards across our industries at global conferences and events
  • Providing appropriate advice and interpretation of data privacy legislation
  • Educating, influencing and supporting the team to increase awareness of privacy and data security requirements, including those of the General Data Protection Regulation (GDPR)
  • Maintain awareness of changes to legislation, emergence of case law and other areas relevant to privacy and data protection that affect the processing of sensitive personal data and share this awareness with key stakeholders informing them of the relevant impact
IT & TechEP Advisory