Senior GRC manager

At Aker Solutions we are committed to helping the energy industry and broader society #PowerTheChange towards a low-carbon future. We are changemakers and problem solvers with more than 180 years of experience.

Are you passionate about aligning cyber security governance and risk management with enterprise performance management and risk management? We are looking to strengthen our cyber security team at Fornebu with a new member who shares our passion for cyber security governance, integrated with our enterprise risk management system. Taking lead on improving our cyber security governance, including our ISMS and risk management policies and procedures, you will play a key role in ensuring cyber security enables our business to grow, increase market shares and profitability. As cyber security senior GRC manager, you will lead our efforts in developing cyber security governance, supporting the CISO in aligning cyber security with corporate goals and strategy.

Your responsibilities will include:

• Lead the development, implementation, continuous improvement and guidance on cyber security governance and risk management
• Ensure that cyber security risk is integrated into our enterprise risk management framework and processes
• Contribute to the further development of enterprise risk management, from a cyber security perspective, including perspectives on enterprise performance management
• Develop and implement strategies for certifications and accreditations within cyber security in line with market demands
• Ensure that governing documents such as policies and procedures support operations and business development in all our segments and functions
• Collaborate with and guide subject matter experts, line managers, project managers, and other stakeholders to ensure cyber security is integrated in our way of working, in an efficient manner
• Interact with internal and external stakeholders to keep track of needs and expectations in cyber security and ensure these are implemented in a cost-effective manner
• Utilize and improve our use of modern supporting tools within the GRC domain
• Design, implement and improve on our manual and data driven metrics and KPIs within cyber security
• Prepare reporting and statements on our cyber security posture, including maintaining our ISO 27001 Statement of Applicability (SoA)
• Improve and manage our cyber security reporting on all levels, including to the BoD
• Use data and feedback to evaluate the impact and effectiveness of the cyber security key controls and propose improvements

Expected Outcomes:

• Cyber security and risk management is a business enabler, continuously improving to ensure cyber security is a competitive advantage
• Our information security management system supports our colleagues and processes to ensure they are efficient and operate within an acceptable level of risk
• We can measure and document that our cyber security key controls are effective by using metrics and KPIs
• Certifications and accreditations within cyber security are maintained and upheld in line with market demands
• Our customers are assured we handle information in a proper manner, supporting long-lasting customer relations
• We can document compliance towards applicable laws, regulations and standards, internationally as well as locally

To be successful in this role, we believe you have:

• A positive and business-oriented approach to work and the GRC-function
• Experience in balancing governing structures from corporate functions with autonomy in business areas, such as our segments and yards
• A good understanding of how cyber security contributes to business growth and profitability
• Knowledge of relevant laws and regulations, including experience in how to organize the security organization to ensure adequate compliance
• Excellent communication and collaboration skills to ensure cyber security risk management is integrated in our strategies, plans and operations
• Experience in translating business goals and strategies into cyber security goals
• Experience in methodologies and tools for risk management, including interacting with processes such as asset management, vulnerability management and security incident management
• Excellent communication and collaboration skills, with the ability to work effectively with diverse teams and stakeholders.
• Structured and solutions-oriented approach to work.
• Good business understanding and collaboration skills working across cultures and geographies.
• A creative and innovative mindset, with the ability to adapt to changing needs and contexts
• 5+ years relevant experience.
• Proficiency in both Norwegian and English, with the ability to communicate complex issues effectively to all levels of employees

• Professional development and excellent career opportunities with the chance to work on a wide variety of projects ranging from oil and gas to renewables 
• Competitive pay and benefits with excellent pension and insurance schemes as well as private health services provided by Aker Care
• A healthy work-life balance with flexible working conditions throughout the different phases of your life journey
• Access to welfare club with free gym facilities, sports equipment hires and cabins for rent in the mountains and by the sea
• Fantastic office building with onsite canteen
• Immediate proximity to public transport, restaurants and shopping 

If you join the corporate cyber security team, you will:

• Join our growing cyber security team with highly motivated and competent colleagues, within a large community of IT and digitalization colleagues 
• Contribute to the growth and development of the corporate cyber security function, supporting the CISO in collaborating across the enterprise 
• Collaborate with renowned businesses and enterprises, particularly across the Aker group
• Become an active contributor to the ongoing transformation of the oil and gas industry towards renewable energy sources

For more information about the position please contact:

Kjell M. Åsen, Senior Recruiter, NES Advantage, phone, +47 9348 0422.

Preben Gustavsen, CISO, VP Cyber security, preben.gustavsen@akersolutions.com, phone +47 9095 4203.

Applications will be evaluated continuously, so no need to wait until the deadline to apply.

NES Advantage Solutions is Aker Solutions’ global recruitment services provider responsible for permanent and temporary staffing services.

Semac background checks are performed on all final candidates.

Our goal is to make Aker Solutions a place where everyone can perform at their best by creating opportunities for all. We see diversity as a source of creativity, innovation, and as a key competitive advantage. Diversity includes not only gender, ethnicity, or age but also disabilities, religion, sexual orientation, and many other parts of one’s identity. We welcome your application no matter who you are or where you come from and encourage you to let us know if you need any supportive adjustments throughout the recruitment process. 

This is Aker Solutions

Aker Solutions delivers integrated solutions, products and services to the global energy industry. We enable low-carbon oil and gas production and develop renewable solutions to meet future energy needs. By combining innovative digital solutions and predictable project execution we accelerate the transition to sustainable energy production. Aker Solutions employs approximately 11,000 people in more than 15 countries.