Compliance and Risk Manager

Neptune Software is rewriting the rules of application development! Our Low Code No Code platform is a digital game-changer, seamlessly integrating with existing IT landscapes. It's not just for the big players; Neptune democratizes tech, offering rapid time-to-market at a fraction of the cost. With multiple G2 Leader Awards and Gartner, Neptune is the next rockstar of digital experience platforms. Acquired by Triton Partners in 2022, it's on an accelerated expansion trajectory, headquartered in Oslo with a global presence. 

The position:

Are you ready to take on a fresh new role at Neptune Software? As the Compliance and Risk Manager, you will be at the forefront of safeguarding our assets while spearheading initiatives that move us towards a more ethically and socially responsible future.

This role encompasses overseeing Risk and Compliance, the Information Security Management System (ISMS), ensuring seamless compliance with customer and supplier agreements, and promoting data protection as our dedicated Data Protection Officer. If you are passionate about navigating the intersection of technology, ethics, and compliance, this is the opportunity for you to make a real impact.

Location:

Oslo, Norway

Tasks:

1. Governance, Risk, Compliance

• Vendor agreements (Third Party security risk assessments).
• Risk Register (documenting Risks and plans for mitigation).
• Also working with the other teams to make sure security functions such as Vulnerability Management and Application Security are covered.
• Internal auditing
• Policy development

2. Maintain and further develop for the Information Security Management System (ISMS)

• Coordinate task and efforts in the ISMS
• Ensure the ISMS comply with ISO 27001
• Maintain the ISO 27001 certification for the ISMS
• KPI’s/Metrics on information security.

3. Data Protection Officer

• Act as the Data Protection Officer responsible for overseeing compliance with data protection laws and regulations (GDPR).
• Implement and maintain data protection policies, procedures, and controls to safeguard personal and sensitive information.
• Serve as a point of contact for data protection authorities, data subjects, and internal stakeholders regarding data privacy matters.

Experience and Education:

• Bachelor's degree in Information Technology, Computer Science, Law, or related field.
• Relevant certifications (e.g. CISSP, ISO 27001 ) preferred.
• Proven experience in information security management, compliance, and governance, in a software or technology-driven environment.
• Strong knowledge of ISO 27001 standards, information security best practices, and regulatory requirements in the field (e.g., GDPR, NIS2 ).
• Knowledge in contract management, negotiation, and legal review.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively across departments and influence stakeholders at all levels.
• Analytical mindset with attention to detail and problem-solving abilities.

What we offer:

• A market competitive package including a base salary and bonus part
• Our comprehensive benefits package includes health insurance, pension…
• Career advancement opportunities.
• Positive and supportive company culture: Our company culture is rooted in Norwegian values of positivity, supportiveness, and fun, creating a work environment that is both productive and enjoyable.
• International growth company with a diverse workforce: You will have the opportunity to work alongside a diverse group of 100+ individuals from 32 different nationalities in an international growth company that is expanding rapidly.
• Trust-based work environment: We foster a trust-based work environment where you can take ownership of your work and have the autonomy to make decisions that contribute to our collective success.
• Flexibility to work from different locations of your choice for periods of time, in agreement with your manager, promoting work-life balance and autonomy.
• Annual team meet-up in a vibrant location around the world for company kick-off, fostering team bonding and engagement.

Please Note

We welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply for a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.