Consultant – Development of Data Protection Policy and Standard Operating Procedures (SOP) at Green Concern for Development (GREENCODE)

Job Title: Consultant – Development of Data Protection Policy and Standard Operating Procedures (SOP) 

Background

• As part of its institutional capacity-building activities under the NRC Naija IGNITE Facility, GREENCODE seeks to develop a robust Data Protection Policy and SOP to safeguard the privacy, security, and integrity of sensitive data in line with applicable legal and donor requirements.

Objective of the Assignment

• To develop a comprehensive Data Protection Policy and SOP that ensures ethical, lawful, and secure handling of personal and sensitive data collected and processed by GREENCODE during its operations.

Scope of Work
The consultant will be responsible for:

• Conducting a review of GREENCODE’s current data handling procedures and applicable national/international data protection regulations.
• Mapping data flow and potential risks in data collection, storage, usage, and sharing
• Facilitating consultations with key staff and departments to understand data use practices
• Developing a policy that outlines principles, roles, and responsibilities in data protection
• Drafting a user-friendly SOP with step-by-step guidance for compliance, incident management, and security measures
• Leading a validation session and finalizing the deliverables based on feedback.

Key Deliverables

• Inception Report – outlining the consultant’s methodology, tools, and workplan
• Draft Data Protection Policy – aligned with legal and donor standards
• Draft Data Protection SOP – practical operational guidance
• Validation Workshop Report
• Final Policy and SOP – submitted in editable (Word) and PDF formats.

Expected Timeline
15 working days distributed as follows:

• Days 1–3: Desk review and planning
• Days 4–6: Consultations with departments and stakeholders
• Days 7–10: Drafting policy and SOP
• Days 11–13: Validation session and feedback
• Days 14–15: Finalization of documents.

Required Qualifications and Experience

• Advanced Degree in Data Management, Information Technology, Law, or related field
• Minimum 5 years’ experience in data protection, privacy compliance, or information security in the NGO or private sector
• Demonstrated experience in drafting data protection policies or SOPs
• Strong understanding of Nigerian Data Protection Regulation (NDPR), GDPR, and donor compliance standards
• Excellent writing and facilitation skills.

Key Competencies:

• Strong analytical and problem-solving skills
• Ability to translate legal / technical content into operational guidance
• Excellent stakeholder engagement and training capabilities
• Detail-oriented and able to work independently.

Application Instructions:

The application deadline is 18th April, 2025. Therefore, qualified and interested candidates should send their Expression of Interest to:  [email protected] and copy [email protected] using the job title as the subject of the mail.

Note: Only shortlisted candidates will be contacted. it is important to visit the link below to get more updates about the vacancy.

Website
Official website:https://greencodeng.org/

Note:

• CV highlighting relevant experience
• Technical and Financial Proposal
• Example(s) of previous similar work completed.