Security Governance, Risk, and Compliance (GRC) Specialist

TOMRA was founded in 1972, based on the design, manufacturing and sale of reverse vending machines (RVMs) for automated collection of used beverage containers. Today TOMRA provides solutions that enable the circular economy with advanced collection and sorting systems, and food processing by employing sensor-based sorting and grading technology.

The TOMRA Group employs 5300 people globally and is listed on the Oslo Stock Exchange (OSE: TOM). TOMRA was named Norway’s Most Innovative Business in 2023, number one in the list of the country’s top 25 companies.

At TOMRA, we want people to innovate, show passion in their work and be responsible. We encourage the freedom to innovate and take risks that result in breakthroughs that challenge the status quo. We value passion that focuses and commits to meeting success. We believe in a responsible and safe mindset that takes care of our customers, products, and fellow employees.

The TOMRA Group Security function is seeking a GRC specialist to join the Security GRC team in Asker. The successful candidate will work closely with the Head of the Security GRC department to develop and standardize a best practice approach to information security governance, risk management, and compliance across the organization. This role involves working closely with stakeholders to ensure the necessary policies, frameworks, and tools are in place to protect the confidentiality, integrity, and availability of our most valuable assets.

• Develop and implement security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
• Conduct risk assessments and develop risk mitigation strategies to address identified vulnerabilities.
• Monitor and report on the effectiveness of the security program, including compliance with internal policies and external regulations, conducting maturity assessments, and driving continuous improvement initiatives.
• Collaborate with various departments to ensure security controls are integrated into business processes and systems.
• Stay up-to-date with the latest security trends, threats, and technologies to continuously improve the security posture of the organization.

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Minimum of 3 years of experience in information security, with a focus on governance, risk management, and compliance.
• Strong knowledge of security frameworks and standards such as ISO/IEC 27001, NIST, and ISF Standard of Good Practice.
• Experience with security policy development and implementation, risk assessment methodologies and tools, and assurance activities.
• Excellent communication and interpersonal skills, with the ability to work effectively with stakeholders at all levels of the organization.
• Relevant certifications such as ISO 27001 or CISM / CISA are highly desirable.

• A rewarding, unique and exciting full-time position in a fast-growing solid company focused on having a positive impact on the planet.
• Highly competent and passionate co-workers with strong collaboration globally.
• Professional challenges within a growing, market-leading global technology company with purpose.
• Good opportunities for professional development and competence building through relevant training courses and seminars.
• 5 extra days holiday at Easter or Christmas time or between other public holidays in Norway.
• Excellent facilities in Asker with a modern gym, and our own healthy and varied lunch restaurant.
• Hybrid working and flexible working hours - including access to our shared office space at Epicenter in Oslo.
• Attractive compensation package including insurances, bonus and share scheme.

We would like to hear from you even if you don’t think you tick all the boxes and requirements, but feel you strongly align with our values and can bring something special to TOMRA.

Does this sound like the right opportunity for you? Then we would like you to apply by sending us your updated CV, a few words about yourself, and why you are interested in the position and joining TOMRA. Please write this in the field "Message to Hiring Team".

Final application deadline is January 31, 2026.

If you have questions, please reach out to Kelsey Nutland, Head of Security GRC, +47 40633631.

We use Semac background checks on final candidates as part of our recruitment process.

TOMRA is proud to be an equal opportunity employer. We do not discriminate on the basis of gender, race or ethnicity, religion, color, sexual orientation or identity, disability, age, or any other protected status under applicable law. We are committed to building a diverse and inclusive environment.