EVIDI

Lead Group GRC Manager

EVIDI

full-time

Posted on:

Location Type: Hybrid

Location: Norway

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

About the role

  • Maintain and improve Evidi’s GRC framework, policies, controls, and routines.
  • Lead GRC projects across entities, including integrations and regulatory implementation.
  • Ensure compliance and recertification for ISO 27001/9001 and key regulations (GDPR, NIS2, DSA, EU AI Act).
  • Run governance routines: risk assessments, monitoring, reporting, committees, and awareness.
  • Maintain and develop the ISMS in line with the CISO’s strategy.
  • Strengthen security capabilities (incident response, vulnerabilities, IAM, architecture, data protection, endpoints, continuity).
  • Drive security governance, risk visibility, compliance, and security culture.
  • Act as Group Lead Auditor for internal and supplier audits.
  • Lead risk and assurance processes, reporting, and mitigation follow-up.
  • Strengthen supplier governance and third-party risk management.

Requirements

  • Bachelor’s degree in IT/computer science or equivalent experience
  • ISO 27001 Lead Implementer/Auditor certification (preferred)
  • Solid expertise in information security, ISO standards, audits, risk management, and compliance.
  • Knowledge of GDPR, NIS2, AI Act, DSA, and governance frameworks.
  • Strong communication, stakeholder management, and coordination skills.
  • Experience in Microsoft-based environments and cross-entity/international projects (a plus)
Benefits
  • Flexible work arrangements
  • Opportunity for skills development and personal development
  • Good pension and insurance schemes
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information securityrisk managementcomplianceISO 27001ISO 9001governance frameworksincident responsevulnerabilities managementidentity and access management (IAM)data protection
Soft Skills
communicationstakeholder managementcoordinationleadership
Certifications
ISO 27001 Lead ImplementerISO 27001 Lead Auditor