Need help hiring top legal talent? Contact our team.
Company logo

Counsel – Data, Technology and Cyber Risk

IFC - International Finance Corporation
Posted Apr 29
Full Time
Washington, Distretto di Columbia

IFC — a member of the World Bank Group — is the largest global development institution focused on the private sector in emerging markets. We work in more than 100 countries, using our capital, expertise, and influence to create markets and opportunities in developing countries. In fiscal year 2023, IFC committed a record US$43.7 billion to private companies and financial institutions in developing countries, leveraging the power of the private sector to end extreme poverty and boost shared prosperity as economies grapple with the impacts of global compounding crises. For more information, visit

What We Do

The Business Risk and Compliance Department (CBR), under the IFC Legal and Compliance Risk Vice-Presidency, is responsible for setting business standards and providing advice and guidance to the IFC Board, Management, and business teams in relation to certain non-financial business risks that may arise in IFC investments, advisory work, and in IFC’s corporate functions. These non-financial risks include institutional risks related to IFC’s management of corporate confidentiality obligations, protection of personal data, associated regulatory risk, and more recently cyber, AI and other emerging business technology risks facing IFC. These risks fall under the purview of the Data Access and Confidentiality Office (DACO) and Data Privacy Office (DPO) within CBR.

Other non-financial risks covered by CBR include business risks such as addressing corruption, fraud and know-your customer (KYC) issues, anti-money-laundering (AML/CFT), economic sanctions, tax good governance, and nominee director compliance.

Context to Role:

The successful candidate will contribute primarily to the work of DACO and the DPO worldwide. Specifically, s/he will advise on the management and mitigation of risks related to data protection, cybersecurity, AI and other business technology risks arising in IFC’s operations. DACO works closely with IFC’s IT Department (CIT), Legal Department (CLED) and Risk Management Department (CRM), WBG staff working in the areas related to privacy and incident response, and CBR’s Conflicts of Interest Office and Regulatory Risk Office.

Skills and Responsibilities:

The successful candidate will be expected to possess a strong professional background and track record in understanding international finance transactions as well as the legal risks associated with sensitive data and new technologies.

  • The primary responsibilities related to privacy, cyber and technology will be:
  • Advise transaction teams, CLED, IFC corporate functions, IT and IFC management as a second line risk function on data protection, confidentiality, access management and privacy risks; on cybersecurity risks; and on legal risks arising from adoption of new technologies (including with respect to emerging technology, such as generative AI, and digitalization) that arise in the course of IFC’s operations and IFC’s corporate and institutional activities.
  • Support the Head of DACO and the Chief Data Privacy Officer in relation to DACO's and DPO’s role in developing and implementing IFC’s corporate data strategy initiative.
  • Assisting in the development of policies, procedures and standardized processes for staff in connection with the substantive areas mentioned above.
  • Drafting and review of contractual provisions in IFC legal agreements in connection with the above.
  • Liaising with external counsel or advisers in the delivery of data, cyber and technology related advice.
  • Developing and executing training programs for client departments and management, including in collaboration with colleagues across CBR, in relation to the above.
  • Closely following industry practice in the above areas and be a knowledge champion and go-to resource person for CBR and across IFC on legal issues in data protection, cybersecurity, AI and other business technology risk management.
  • Contributing to the work of, and as required, represent CBR on IFC or WGB committees or working groups related to the substantive areas mentioned above.
  • Liaising with other WBG entities or units, other multilateral development banks and other external stakeholders related to the substantive areas mentioned above, including promoting IFC as a thought leader in the MDB community.
  • Leading on special projects and/or other initiatives in support of CBR’s work plan.
  • Supervising the work of junior legal and non-legal staff in relation to the substantive areas mentioned above.

The position is based in IFC Headquarters in Washington, D.C and will report in to the Head of DACO and the Chief Data Privacy Officer.

Selection Criteria

  • Qualified to practice law in one or more jurisdictions.
  • At least 8 years’ legal experience providing legal or policy advice on all or any of the following:
  • data protection, data confidentiality, data access management and privacy risks
  • cybersecurity risks
  • legal risks arising from adoption of new technologies and AI
  • risks related to data and digitalization
  • data governance, classification, access, use and sharing of commercially sensitive information
  • joint development, investment, project or corporate finance, investment advisory, transaction advisory or funds transactions,

with a well-recognized international law firm, financial institution or corporate.

  • Experience working with a multilateral development bank or an international organization on relevant areas a plus.
  • Demonstrable experience in developing and giving effective and engaging training presentations to legal and non-legal staff and management a plus.
  • Highly developed technical skills with solid legal judgment.
  • Capable of distilling complex legal analysis into accurate and concise guidance for staff.
  • Ability to build effective internal client relationships.
  • Responsiveness and ability to deliver high quality work within deadlines.
  • Highly developed personal integrity, strong values and ethics.

World Bank Group Core Competencies

_The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.

_ _We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.

_ Learn more about working at the World Bank and IFC , including our values and inspiring stories.