Digital Security Audit Framework Consultant

Introduction

The Jordan Open Source Association (JOSA) is seeking a qualified consultant to lead the enhancement of its Digital Security Audit Framework. The assignment aims to improve the structure, usability, and tools and templates of the existing audit framework to better meet local and regional needs, with a focus on Arabic-speaking audiences.

In early 2025, JOSA completed an internal assessment of the current methodologies, processes, and tools and templates within the existing framework, identifying key vulnerabilities and areas for improvement. This short-term assignment will involve reviewing the assessment findings and current methodologies, implementing the identified enhancements, and delivering a localized, ready-to-use framework aligned with best practices in risk management, safety standards, and digital security auditing.

Purpose of the Role 

To enhance, structure, and localize JOSA’s Digital Security Audit Framework and its accompanying tools to improve usability, consistency, risk mitigation measures, and regional adaptability—specifically by making the framework suitable for use in Arabic-speaking countries through accurate translation and contextual adaptation.

Tasks and Responsibilities

The Consultant will be responsible for the following:

1. Review JOSA's Digital Security Audit Framework and Assessment Findings.
2. Clarify and expand framework scope, including establishing clear methodologies for implementation. 
3. Standardize templates and procedures, including documentation standards, and create report templates.
4. Optionally, improve task and timeline management tools, automate reporting and visual tracking.
5. Enhance safety and risk management components of the audit, including integrating a risk assessment matrix and align the framework with recognized safety standards.
6. Optionally, localize the framework, by translating it into Arabic and adapt concept and recommendations to regional context.

Qualifications

•  Bachelor’s degree in Cybersecurity, Network security, Computer Science or similar.
• Proven experience in cybersecurity, and in performing cybersecurity audits, preferably for civil society organizations, non-profit organizations or small enterprises.
• Strong knowledge of  digital security standards, risk management, and compliance frameworks (e.g., ISO 27001, NIST, Safetag).
• Related Cybersecurity certificates (e.g. CISA or Cybersecurity Audit Certificate) are a plus.
• Demonstrated ability to structure and document methodologies and procedures.
• Strong skills in technical writing, both in English and Arabic.

About JOSA

JOSA is a social enterprise on a mission to make technology a force for good. We believe in Open Source; where collaboration fuels innovation to benefit everyone. We develop and promote open, transparent and accessible technology for the betterment of our communities.

JOSA is an equal opportunity employer. We value diversity and don’t discriminate on the basis of race, color, marital status, religion, national origin, gender, sexual orientation, age, or disability status.

How to apply

Submit your updates CV and Cover Letter here: https://www.careers-page.com/jordan-open-source-association/job/QXXR64V3

Please note that shortlisted candidates will be requested to submit a Technical and Financial proposal.