The NRC seeks to recruit a new position as Information Security Adviser. The Global ICT Support team, currently all based in Oslo, serves over 6000 staff distributed in more than 100 offices in 30 countries, including Head Office.
The role of the Information Security Adviser is to enable NRC to use data and technology to deliver better by maturing NRC's information security risk management and contributing to a responsible data culture.
Responsibilities and tasks
Contribute to uphold confidentiality, integrity and availability of information and systems;
Coordinate and collaborate across the ICT Development Section and with other parts of the organisation on dependencies and opportunities;
Ensure that information security is integrated in all strategic digital initiatives, providing guidance to project managers and service;
Drive development and implementation of policies, frameworks and procedures related to information security;
Innovate and experiment, including capturing smart failure (failure that generates learning);
Capture learning and disseminate to unit, section and beyond;
Contribute on business continuity and disaster recovery plans;
Raise staff awareness and build staff capacity on mitigation of information security risks;
Provide inputs for budgetary planning related to information security;
Identify an information security risk management framework appropriate for NRC in line with Risk Management Framework and overall global security management systems;
Baseline current state and establish target state for NRC information security risk management in adherence to the identified framework;
Based on target state, establish a roadmap for information security to move NRC towards Data Protection compliance and appropriate information security risk management;
Establish mechanisms to measure and report on information security risk;
Maintain information security risk register;
Lead information security incident response;
Develop and implement NRC information security policy and procedures;
Contribute to optimising Okta for identity and access management processes;
Perform information security audits, identify discrepancies and assist managers with corrective action plans and tracks to resolution, including working with external/independent third parties on this;
Collaborate with NRC Global Security team to integrate information security in risk management and a more holistic security approach in the organisation;
Be the focal point for information security at organisational level.
Ensure that information security requirements are met by third party suppliers;
Minimum 5 years of experience with information security work;
A degree in ICT with focus on information security would be an advantage;
Ability to see big picture as well as details;
Knowledge of the humanitarian sector is an advantage
Strong and broad information security knowledge
Hands-on experience with internationally recognised information security risk management frameworks, such as ISO27001, NIST CSF and CIS controls;
Demonstrated implementation of an information security culture with sustained impact;
Experience in conducting information security audits;
Experience with identity and access management technologies such as Okta and Azure AD;
Understanding of enterprise architecture, integrations and information security aspects;
The position is a full time position for an initial period of 24 months with possibility of extension. The position is based at the NRC office in Oslo. The contract conditions are as per national NRC Oslo terms of employment.
Please note that you are required to enter the geographical location for all your previous positions while registering your CV. There is no specific field for this information in our CV form, but you can use the "Company name" field for both company and location.
Only CVs and applications written in English will be assessed
Late applications will not be considered
NRC reserves the right to conduct a full background check on shortlisted candidates
In case any questions - please send email to email@example.com and reference job advert, please note however that all applications must go through Webcruiter in our systems.
The Norwegian Refugee Council (NRC) is a non-governmental, humanitarian organization with 60 years of experience in helping to create a safer and more dignified life for refugees and internally displaced people. NRC advocates for the rights of displaced populations and offers assistance within the shelter, education, emergency food security, legal assistance, and water,sanitation and hygiene sectors.
The Norwegian Refugee Council has approximately 5000 committed and competent employees involved in projects across four continents. In addition, NRC runs one of the world's largest standby rosters -NORCAP, with 650 professionals, ready to be deployed on 72 hours notice when a crisis occurs