Key skills
Cyber SecurityServiceNowRisk ManagementCommunicationCollaboration
About this role
Role Overview
- Coordinate and supervise IT Compliance and Resilience related projects and audits (e.g. TISAX) for different Business Areas.
- Coordination of internal control handbook introduction in IS/IT area
- Supervising internal controls in IS/IT area within GBS and BA functions
- Ensure compliance for GBS and BA functions (IT/IS)
- Support communication between ICFR Director, Hydro locations and IS/IT GBS functions
- Working closely with various stakeholders, including IT teams, business areas, and business units, to develop and implement comprehensive compliance and resilience strategies that align with the organization's goals and objectives.
- Ensure alignment with internal governance frameworks and external regulations (e.g. NIS2, TISAX, ISO) across IT/OT environments
- Support business teams in building and enhancing compliance processes and best practices
- Coordinate and support internal and external audits, ensuring timely resolution of findings
- Monitor compliance status, risks, and remediation activities, and provide clear reporting to stakeholders
- Contribute to the development of GRC and resilience frameworks
- Support business continuity and disaster recovery processes, including testing and improvements
- Act as a trusted partner between business, IT, and cybersecurity teams to ensure effective collaboration
- Drive awareness and provide guidance on IT/OT security and compliance topics
Requirements
- 3 years' experience in IT GRC and resilience related program management
- Knowledge of IS/IT functions, organizational systems, internal control processes and information systems of global corporations and shared services
- Experience at multinational companies with global presence – preferably in security area
- BSc in computer science, cyber security, IT, cybernetics, or related fields.
- Proven experience in IT/OT governance, risk, and compliance.
- Practical understanding of OT environments, including SCADA and ICS, and their integration with IT systems.
- Familiarity with regulatory frameworks and standards (e.g., IEC 62443, CIS).
- Relevant certifications are considered an advantage.
- Knowledge of ServiceNow IRM is desirable.
- Experience with compliance tooling and automation (e.g., GRC platforms such as ServiceNow, Archer, or equivalent).
- Familiarity with risk management methodologies (e.g., risk assessment, control evaluation).
Tech Stack
- Cyber Security
- ServiceNow
Benefits
- Working at the world’s only fully integrated aluminum and leading renewable energy company
- Diverse, global teams
- Flexible work environment/home office
- We provide you the freedom to be creative and to learn from experts
- Possibility to grow with the company, gain new certificates
- Attractive benefit package
- Equal opportunities