The title for internal and official attribution: ICT + Digitalization specialist
Qualifications and specialist knowledge
Major Responsabilities
Establishing an information security management system according to ISO 27001 in GIZ Jordan To enable the worldwide protection of critical information processed by GIZ, the establishment of an Information Security Management System (ISMS) is indispensable. This not only protects the compa-ny and our employees but also our partners – in the long term a key competitive factor with our clients. Through the company-wide international standard ISO/IEC 27001 certification of information security management (ISO27001), GIZ targets a wide variety of restructuring processes, requiring experts to coordinate and maintain these changes. While the company-wide coordination lies with the Chief In-formation Security Officer (CISO) and their Information Security Management Team (ISMT) at GIZ head office in Germany, the local establishment and continuous operation of information security ne-needhe the support of a local “Information Security Officer (ISO)” that works closely together with al-ready existing local roles such as IT-Professionals and Digitalisation Partners (DIPAs). The Infor-mation Security Officer works within the existing management organisation in Jordan, while initiating and controlling relevant processes. Under close guidance and in consultation with the Chief Information Security Officer (CISO) and the Information Security Management Team (ISMT) at GIZ’s head office in Germany, you coordinate the local establishment of an Information Security Management System (ISMS) in GIZ Jordan. The Information Security Officer thus acts as the local representative i.e., Single Point of Contact (SPoC) for the ISMS and information security topics. In consultation with the responsible stakeholders at head office and GIZ Jordan, you assume tasks related to the local planning, steering, implementation monitoring and maintenance of the ISMS project according to ISO27001 standards.Subsequent to setting up the ISMS, the Information Security Officer manages the security incident process, supports/accompanies the audit management process – including the local coordination of “penetration testing” – and ensures that a functioning vulnerability management is in place. Through a structural analysis in cooperation with asset owners i.e., asset recording, the Information Security Officer ensures an up-to-date and complete asset inventory and is responsible for recording its information security status. With the involvement of asset owners, the Information Security Officer establishes a local Information Security Risk Management (IRM) via a risk register for identified risks, mitigation measures, treatment, etc. After the initial establishment, the Information Security Officer is responsible for reviewing and updating the local information security concept, coordinating and implementing measures, and communicating and implementing guidelines/concepts as well as the adaptation of guidelines/concepts to local conditions. In conjunction, the Information Security Officer coordinates awareness measures and – to a limited extent, directly assumes responsibility for awareness-raising and training efforts targeting employees. |
The Information Security Officer assesses the effectiveness of security measures for revisions and audits, ensures the investigation of information security-related incidents, and coordinates their reporting (reporting system). Vis-a-vis the local offices in Jordan, the Information Security Officer advises on information security topics, the operation of risk management and level estimation of information protection requirements. Vis-a-vis the GIZ head office in Germany, the Information Security Officer has the ongoing task of reporting to the CISO/Management Country Office Jordan and supplies necessary information for the management report.
Org. Setting and Reporting UNRWA, the largest United Nations operation in the...
Apply For This JobAbout Mercy Corps Mercy Corps is powered by the belief that a better world is possible. To do this, we...
Apply For This JobThe main purpose of the role: The job involves a lot of structure as you have a number of set...
Apply For This JobPosition: Regional Safeguarding Advisor Requisition – 2022202036 FHI 360 is a global development organization with a rigorous, evidence-based approach. Our...
Apply For This JobCARE International established a presence in Jordan in 1948, created in the wake of the Palestinian refugee crisis. Over 70...
Apply For This JobJob Description and Requirements World Vision International Join and be part of a global relief, development and advocacy NGO, dedicated...
Apply For This Job