Role Description – Group IT - Governance, Risk and Compliance (GRC) Manager
TOMRA was founded on an innovation in 1972 that began with the design, manufacturing and sale of reverse vending machines (RVMs) for automated collection of used beverage containers. Today TOMRA provides technology-led solutions that enable the circular economy with advanced collection and sorting systems that optimize resource recovery and minimize waste in the food, recycling and mining industries. The company today consists of Tomra Collection Solutions, Tomra Recycling Mining and Tomra Food. Altogether TOMRA has more than 100,000 installations in over 80 markets worldwide.
The TOMRA Group Information Security team will assure state of the art Group level information security posture, as well as divisional information security support. As GRC Manager, you will ensure that an appropriate and effective framework is in place, that meets both internal and external compliance requirements and standards for information security. Additionally, you will be expected to actively participate and contribute in developing the Group Information Security team.
Responsibilities
This is a Group role, where you will be a part of the digital transformation, building information security capacities across TOMRA, making an impact and working in an international environment. You will work closely with the rest of Group Information Security organization as well as other specialist and management roles throughout the organization.
Primary responsibilities for the position are:
- Responsible for Information Security Management System (ISMS) roadmap and coordination for TOMRA on Group level and in dialogue with Divisions. Assure ISMS is compliant with standards as per Divisional business needs.
- Perform TOMRA internal audits on Division level ISMS, based on relevant clauses, requirements, compliance regimes and certifications.
- Coordinates external information security audits with assigned contacts on Divisional level
- Own the Risk Register on Group level, and translate into controls and actionable remediation initiatives on all levels.
- Responsible for information asset oversight related to information security domain
- Management of projects and other activities as required
As part of Group IT and Information Security in Tomra, additional tasks, responsibilities and assignments may be necessary for the candidate to undertake, in order to reach overall or individual goals of Tomra.
Qualifications
- University degree to Bachelor or Master level in Engineering, Computer Science, Information Management, Information Security or equivalent
- Minimum 5 years’ of relevant work experience
- Relevant certifications seen as a benefit
- Some Project Management experience a clear advantage
Candidate Profile
- Excellent written & verbal communication in English
- Structured and analytical
- A positive attitude and flexibility to accommodate to evolving business needs
- Experienced in working with stakeholders across cultures
- Due to our global spread, willing to occasionally work flexible hours
- Some travel to Tomra locations must be expected
Tomra can offer
- Possibility to work in a fast paced, entrepreneurial environment with cutting edge technology
- Possibilities of undertaking training schemes and personal development
- Great career opportunities in a fast growing company
- Competitive compensation scheme
- Great social benefits including gym, free parking and a brand new canteen
- Being part of the resources revolution
For questions regarding the position, please contact Brynjulv Kjosås, +47 971 22 000
To apply for this position please send cover letter and personal CV within September 6th to brynjulv@itsearch.no or apply here