Search UN Jobs and NGO Jobs

Norway: Information Security Adviser - Head Office

NGO/UN Job Vacancy

Organization: Norwegian Refugee Council
Country: Norway
Closing date: 15 Jan 2018


The NRC seeks to recruit a new position as Information Security Adviser. The Global ICT Support team, currently all based in Oslo, serves over 6000 staff distributed in more than 100 offices in 30 countries, including Head Office.

The role of the Information Security Adviser is to enable NRC to use data and technology to deliver better by maturing NRC’s information security risk management and contributing to a responsible data culture.

Responsibilities and tasks

  • Contribute to uphold confidentiality, integrity and availability of information and systems;

  • Coordinate and collaborate across the ICT Development Section and with other parts of the organisation on dependencies and opportunities;

  • Ensure that information security is integrated in all strategic digital initiatives, providing guidance to project managers and service;

  • Drive development and implementation of policies, frameworks and procedures related to information security;

  • Innovate and experiment, including capturing smart failure (failure that generates learning);

  • Capture learning and disseminate to unit, section and beyond;

  • Contribute on business continuity and disaster recovery plans;

  • Raise staff awareness and build staff capacity on mitigation of information security risks;

  • Provide inputs for budgetary planning related to information security;

  • Identify an information security risk management framework appropriate for NRC in line with Risk Management Framework and overall global security management systems;

  • Baseline current state and establish target state for NRC information security risk management in adherence to the identified framework;

  • Based on target state, establish a roadmap for information security to move NRC towards Data Protection compliance and appropriate information security risk management;

  • Establish mechanisms to measure and report on information security risk;

  • Maintain information security risk register;

  • Lead information security incident response;

  • Develop and implement NRC information security policy and procedures;

  • Contribute to optimising Okta for identity and access management processes;

  • Perform information security audits, identify discrepancies and assist managers with corrective action plans and tracks to resolution, including working with external/independent third parties on this;

  • Collaborate with NRC Global Security team to integrate information security in risk management and a more holistic security approach in the organisation;

  • Be the focal point for information security at organisational level.

  • Ensure that information security requirements are met by third party suppliers;


  • Minimum 5 years of experience with information security work;

  • A degree in ICT with focus on information security would be an advantage;

  • Ability to see big picture as well as details;

  • Good communicator and ability to create enthusiasm for information security with a broad and diverse audience;

  • Ability to network and understand stakeholder influence in a situation/project;

  • Good analytical and synthesis skills;

  • Fluency in English, both written and verbal;

  • Experience working in cross-sectional teams

  • Experience in leading projects;

  • Knowledge of the humanitarian sector is an advantage

  • Strong and broad information security knowledge

  • Hands-on experience with internationally recognised information security risk management frameworks, such as ISO27001, NIST CSF and CIS controls;

  • Demonstrated implementation of an information security culture with sustained impact;

  • Experience in conducting information security audits;

  • Experience with identity and access management technologies such as Okta and Azure AD;

  • Understanding of enterprise architecture, integrations and information security aspects;

We Offer

The position is a full time position for an initial period of 24 months with possibility of extension. The position is based at the NRC office in Oslo. The contract conditions are as per national NRC Oslo terms of employment.

Please note that you are required to enter the geographical location for all your previous positions while registering your CV. There is no specific field for this information in our CV form, but you can use the "Company name" field for both company and location.

Only CVs and applications written in English will be assessed

Late applications will not be considered

NRC reserves the right to conduct a full background check on shortlisted candidates

In case any questions - please send email to and reference job advert, please note however that all applications must go through Webcruiter in our systems.

How to apply: