What you will do
As the Information Security Specialist, you will be working in the global ICT Development Section, alongside the Information Security Risk Management Advisor, ICT operations, infrastructure and development teams to improve our digital security set-up and practices.
Some of your day-to-day tasks will include;
Contribute to the establishment of critical elements of an Information Security Management System;
Assist in development and implementation of CIS 20 controls across the organization;
Develop, maintain, and present IT security education, awareness, and training for all members of the organization as appropriate;
Work in tandem with NRC’s developer team and external developer consultants to ensure we are addressing security concerns in our architecture and development efforts.
Provide cyber-security input, advice and reviews on any digital solution development and implementation;
Design, implement new, and review existing, IT security measures and controls;
Contribute to setting up and monitoring a SIEM solution on prioritised components;
Manage periodic security audits, vulnerability and threat assessments, and direct adequate responses;
Assess any identified information security risks, propose remedial actions and keep the track of these;
Handle serious IT operational incidents or security breaches in accordance with ITIL process;.
Ensure that processes are documented and communicated in language that is relevant and understandable to non-technical audiences.
What you will bring
Knowledge of cloud security concepts, technologies, and best practices, including but not limited to, automation frameworks, securing containers and container orchestration frameworks, Active Directory, LDAP, Federated SSO, One-Time Password (OTP) technology, SSL, encryption, IDS/IPS, SIEM, malware detection, forensics in a cloud environment, network and web app firewalls.
Skills in the use of vulnerability assessment and penetration testing tools.
Able to write sufficient and easy-to-understand technical documentation.
Comfortable with presenting technical information to a non-technical audience.
Knowledge of cloud-based technologies (e.g O365, Azure, Kubernetes, Docker and OKTA Authentication tool) is considered a plus.
Great team player to support other team members and ready to share existing workloads.
What makes this position attractive?
A challenging and exciting opportunity with an international team dedicated to advocating for the rights of people forced to flee;
A chance to lead and direct our efforts towards a major shift in how NRC staff interacts with and values data;
A Permanent full-time contract with Norway as the primary duty station but we are also open to considering applications from other duty stations such as Germany, United Kingdom, Nigeria, Kenya, Jordan, Lebanon, Bangladesh and Belgium;
Salary and benefits according to NRC’s salary scale and terms and conditions in the location of employment.
We are also looking for people who share our values:
To be dedicated in what we do;
To be innovative with our solutions;
To act as one unified and inclusive team;
To be accountable to the donors that make our work possible; the beneficiaries that we exist to serve; and to each other… the members of our NRC family.
Apply via :
ekum.fa.em2.oraclecloud.com