Security Risk and Compliance Specialist

Wilhelmsen Se alle jobber

  • Lysaker, Viken
  • Fast
  • Fulltid
  • 8 dager siden
Join our global team for a career filled with opportunities to solve challenges both small and large, local and global, simple and complex.Wilhelmsen Global Business Services (GBS) is looking for a Security Risk and Compliance SpecialistLocations: Lysaker Type: Full-time | HybridAs the Security Risk and Compliance Specialist, you will take a leading role in driving security risk and compliance within Wilhelmsen Global Business Services. You will be responsible for supporting the development, implementation, and maintenance of security policies, standards, and controls, ensuring that our applications and digital services meet corporate security requirements and recognize industry best practices.You will work closely with both business and technology teams, acting as a trusted partner to help manage risk, support audits, and maintain a strong security and compliance posture across GBS.What you will be doing:Support the development and implementation of the Governance, Risk, and Compliance (GRC) framework in line with industry’s best practices and regulatory requirementsAssist in conducting security risk assessments, identifying threats and vulnerabilities, and supporting the definition of mitigation strategiesSupport ongoing compliance monitoring to ensure adherence to internal policies, regulatory requirements, industry standards, and contractual obligationsDevelop and maintain reporting metrics, dashboards, and evidence to demonstrate complianceSupport internal and external audits by gathering evidence, conducting preliminary assessments, and assisting with remediation of audit findingsContribute to the development, configuration, and continuous improvement of GRC tools and services, including scheduling and supporting regular control assessmentsAssist in evaluating and managing risks related to third-party vendors and service providers, including reviewing and embedding security requirements in third-party agreementsSupport commercial activities by contributing to customer security questionnaires and compliance-related inquiries in sales processesParticipate in the review, development, and maintenance of security policies, standards, and proceduresWhat we are looking for:Bachelor’s degree in cybersecurity, information security, risk management, governance, or a related field (relevant experience may be considered in lieu of formal education)Minimum 3 years of experience in information security, risk management, audit, or compliance-related rolesSolid understanding of GRC concepts, principles, and practicesFamiliarity with recognised regulations, standards, and frameworks such as ISO 27001, SOC 2, NIST, NIS2, CMMC, and GDPRExperience working with GRC tools or platforms (e.g. Hyperproof, OneTrust, Drata, Secureframe, or similar)Proven ability to manage multiple risk and compliance initiatives in parallelExperience supporting third-party audits, including evidence collection and audit response coordinationRelevant security certifications (e.g. ISO 27001 Lead Implementer or Auditor, CISA, CISM, CISSP), or actively working toward certificationWhat we offerAt WSS, you’ll join a global organization with a strong sense of purpose, collaboration, and care for its people. We offer a challenging and rewarding role, supported by:Flexible working arrangementsWSS bonus schemeGenerous holiday allowanceCar allowanceCompetitive pension and insurance plans
(Benefits may vary by location)Work locations: Oslo
Application deadline: 17.04.2026Contact: Olivia Tye‑Reeve, Senior Recruitment Specialist:

Wilhelmsen