Governance, Risk & Compliance (GRC) Officer – Security, Privacy & AI Compliance

Do you want to work at the intersection of governance, risk management, security, privacy, and responsible AI in a global technology environment? Are you motivated by helping the organization operate responsibly while enabling innovation? We are looking for a Governance, Risk & Compliance (GRC) Officer to strengthen our Legal & Compliance team at Telenor Linx and support our organization in managing risks in a structured, business-oriented way.

About Telenor Linx

Telenor Linx is part of the Telenor Group, operating at the intersection of telecom and digital services. We partner with Mobile Network Operators and global digital players such as Google, Meta, and Netflix to enable seamless, secure digital connectivity worldwide.

Our role is to bridge the telco ecosystem with the digital world – helping our partners reach more users, grow their services, and deliver better digital experiences, while ensuring secure and reliable experiences.

Through our global platform, we support over 100 million subscribers across markets, delivering services across voice, messaging, roaming, and digital engagement. We are a global team of around 200 people, headquartered in Norway with offices across Europe and Asia.

About the Role

As part of the Legal & Compliance team, you will play a central role in strengthening our governance and compliance framework across security, privacy, operational risk, and emerging AI governance requirements. You will work closely with product teams, engineering, leadership, and other stakeholders to ensure that regulatory, security, privacy, and AI‑related requirements are understood, implemented, monitored, and continuously improved.

You will contribute to maintaining and developing our Information Security Management System (ISMS), our privacy compliance processes, and—where relevant—our alignment with AI governance frameworks such as ISO/IEC 42001 (AI Management System) and Telenor Group’s guidelines for responsible AI.

The GRC Officer reports to the VP of HR, Legal & Compliance and supports the day‑to‑day management and continuous improvement of our governance, risk, and compliance practices.

Key Responsibilities

Governance & Compliance

· Maintain and continuously improve the Information Security & Privacy Management System in accordance with ISO/IEC 27001 and ISO/IEC 27701.[OJ1]

· Support and coordinate compliance activities across security, privacy, operational risk, and responsible AI governance.

· Develop, maintain, and promote internal policies, standards, and guidelines across security, privacy, AI governance, and compliance domains.

· Contribute to alignment with ISO/IEC 42001, including controls for AI lifecycle governance, risk assessment, documentation, and monitoring.

· Coordinate internal audits and support external audit activities, including follow‑up and reporting.

Risk Management

· Facilitate and support risk assessments across the organization, including security risks, privacy risks, supplier risks, and AI related risks (e.g., model misuse, hallucinations, data leakage, autonomy risks in Agentic AI systems).

· Evaluate the effectiveness of internal controls and contribute to strengthening the organization’s overall risk posture.

· Support product, project, and change initiatives with structured risk and compliance guidance—ensuring that AI features and Agentic AI capabilities undergo appropriate risk and impact assessments.

Security & Privacy Compliance

· Support privacy compliance processes, including DPIAs, records of processing activities, and alignment with GDPR and internal privacy requirements.

· Assist with security compliance tasks such as supplier security reviews, control monitoring, and regulatory documentation.

· Contribute to incident management processes, including documentation, reporting, and post‑incident follow‑up.

AI Governance & Responsible Use of Agentic AI (New Section Added)

· Support implementation of AI governance principles, including transparency, accountability, security, fairness, and human oversight.

· Contribute to the development and maintenance of AI‑related controls aligned with ISO/IEC 42001.

· Help ensure responsible use of Agentic AI tools (e.g., code‑assistants, automation agents) by contributing to policy development, risk assessments, and secure‑by‑design guidance.

· Monitor AI‑related regulatory developments (EU AI Act, local requirements) and support internal alignment and reporting.

· Promote awareness and training related to secure and responsible use of AI technologies across the organization.

Cross Functional Support & Culture

· Provide clear, practical compliance guidance to teams across the company.

· Help build a strong culture of accountability, risk awareness, and secure‑by‑design thinking.

· Support awareness and training initiatives across security, privacy, and compliance topics.

Who Are You?

We believe you are a structured and pragmatic GRC professional who enjoys working collaboratively and influencing others. You are comfortable communicating governance, risk, security, and privacy topics in a clear and understandable way, translating requirements into practical, value‑adding solutions.

You likely have:

· Experience in governance, risk management, compliance, information security, privacy, or responsible AI.

· Knowledge of frameworks and standards such as ISO 27001, NIST CSF, GDPR, ISO 42001 or similar.

· Experience working with risk assessments, compliance frameworks, and/or ISMS processes.

· Strong communication and stakeholder‑management skills.

· Higher education or equivalent practical experience.

How We Work

We work in an agile, collaborative environment where trust, openness, and respect are core values. We use modern tools and methods, and encourage dialogue, continuous improvement, and learning. Security is a shared responsibility, and you will be an important contributor in shaping how we work securely at scale.

Some of the Benefits We Offer

· Subsidized lunch with an excellent canteen

· Coffee, snacks, and social activities

· Company-subsidized cabins and gym membership

· Insurance scheme and competitive pension plan

· Professional development through company-paid courses

· A friendly, international, and inclusive work environment

Other Information

· Location: Fornebu, Norway

· Application deadline: Applications will be reviewed continuously

· Background checks are conducted for relevant candidates

· For questions, please contact VP HR, Legal & Compliance, Barney Jacobs at +4746852632