Menu

GRC Specialist

Company
Telenor
Lisboa   1990-095 Portugal
Apply here

About the position

Telenor Shared Services (TSS) delivers standardized, business-critical services to Telenor companies across the Nordics and Asia. Our responsibilities span finance and HR to Enterprise IT, information security, and data governance.

TSS is currently in a phase where increasing regulatory requirements, a high degree of SaaS and vendor dependency, and a squad-based delivery model place new demands on how Governance, Risk & Compliance (GRC) is designed and practiced in everyday operations.

As a Senior GRC Specialist, you will play a key role in further developing and operationalizing GRC processes within TSS, with a clear focus on high maturity, quality, and compliance. The role involves close collaboration with Group Security, the Privacy Office, Risk Management, and the business.

This is a role for someone who wants to drive real improvement and maturity uplift within security, privacy, and compliance – at the intersection of regulatory requirements and operational delivery.

Your Main Responsibilities

In this senior-level role, you will contribute across the entire GRC domain – from governance and frameworks to practical implementation within the organization. Your key contributions will include:

  • Further developing and operationalizing policies, processes, and governance models for information security, risk management, and compliance, ensuring they function effectively in a modern, product- and service-oriented delivery model.

  • Performing and further developing risk assessments across services, systems, and vendors, and ensuring identified risks are followed up with relevant and effective control measures.

  • Contributing to compliance with relevant laws, regulations, and standards, including GDPR, NIS2, and other applicable EU requirements, as well as internal governing documents and group requirements.

  • Advising business and technical environments on interpreting requirements and expectations, and supporting the implementation of practical, risk-based measures.

  • Collaborating closely with different parts of the organization to build a strong culture of security, privacy, and compliance – based on understanding, ownership, and collaboration.

  • Preparing decision-making materials, reports, and presentations for management that provide real insight into the risk landscape, maturity level, and priorities.

  • Actively contributing to raising maturity within security, privacy, and compliance through training, guidance, and awareness initiatives across TSS.

  • Conducting structured reviews and audits of squads, services, and their documentation to ensure compliance with Telenor security policies, governing manuals, and defined IT maturity requirements, and following up identified gaps.

Who Are We Looking For?

We are looking for an experienced GRC specialist who understands both the strategic landscape and operational realities. You are confident in your role, comfortable providing clear advice, and capable of driving change in complex organizations.

Qualifications

  • Minimum 5 years of relevant experience within GRC, information security, internal controls, audit, risk management, or similar areas.

  • Strong knowledge of relevant frameworks and standards such as ISO 27001, GDPR, NIST, and ISO 31000.

  • Experience using GRC tools and structured risk registers.

  • Excellent written and verbal communication skills in English.

Personal Attributes

  • Structured, analytical, and solution-oriented, with the ability to see the bigger picture and connections.

  • Confident and mature in your role, with integrity and professional credibility.

  • Strong collaboration skills and the ability to work effectively with technical environments, management, and other stakeholders.

  • Ability to build trust and influence across organizational and cultural boundaries.

What We Offer

  • A central role in a global organization with operations in Norway, Portugal, Sweden, Denmark, Finland, and Pakistan.

  • The opportunity to influence how TSS delivers secure, stable, and compliant services to the entire Telenor Group.

  • A strong and ambitious professional environment within GRC, security, and privacy, with high competence.

  • Competitive conditions, a flexible workday, and good opportunities for professional and personal development.

Required Information

  • Application deadline: 06.04.2026

  • Work location: Lisbon

  • Work model: Hybrid

  • Contact person: Thomas Gudmundsen, Head of Information Security, thomas.gudmundsen@telenor.com (+47 470 15 652)

  • Background check: We conduct background checks via SEMAC AS for final candidates.

  • Security authorization: For this role, we do a Security Authorization, that will take place at the Norwegian Embassy.

Telenor Shared Services (TSS) is Telenor Group’s Business Support organization, delivering secure, efficient and business-critical systems, services and support to Telenor entities and employees across the globe. Our core offerings span Finance & Procurement, HR, and Enterprise IT, and are powered by over 500 highly skilled professionals located in the Nordics, Pakistan, and Portugal.

By leveraging automation, AI, cross-unit collaboration, and new technologies, we enable simplification, reliability, and high user satisfaction. Our mission is to empower Telenor Group as a whole to focus on its core business, while we deliver the backbone of operational excellence.