Cyber Security Architect

Join our global team for a career filled with opportunities to solve challenges both small and large, local and global, simple and complex.

Global Business Services AS (GBS) is looking for a Security Architect

The Security Architect will play an important role in shaping and executing GBS’s overall security strategy, incorporating Governance, Risk Management, and Compliance (GRC) frameworks into security initiatives and services to Wilhelmsen Business Units. This includes developing and maintaining security architecture, policies, standards, and controls to meet regulatory requirements and address enterprise-wide risks.

Collaborating closely with both business and technical teams, the Security Architect will ensure that applications, systems, infrastructure, and platforms are secure by design, remain in compliance with established policies and baselines, and that effective security controls are implemented and continuously improved. The Security Architect will also provide assistance and support on cyber risk assessment methodologies, maintain visibility into evolving threats, and advocate for best practices to support the organization’s security posture and strategic objectives.

What you will work on:  

• Aligning security architecture standards, frameworks, GBS business requirements and technology strategies, ensuring adherence to relevant regulatory requirements and industry standards.
• Developing and maintaining a security roadmap that drives key activities, continuous improvement, and alignment with Governance, Risk Management, and Compliance (GRC) objectives.
• Contributing to design, setup and management of GBS service delivery of relevant cyber security services offered to Business Units.
• Assisting technical teams in GBS designing secure enterprise architecture, integrating risk management policies, and reinforcing compliance requirements throughout the development lifecycle.
• Advising teams, projects, and initiatives on secure design, implementation of security technologies, and control mechanisms across applications, systems, infrastructure, and platforms, ensuring ongoing compliance.
• Identifying security design gaps in existing and proposed architectures, recommend enhancements based on risk analysis, and collaborate with cross-functional teams to close gaps.
• Maintaining an overview of known security gaps and vulnerabilities in applications and platforms, providing insights to inform governance decisions and ensure sustained compliance.
• Maintaining and continuously improve internal security architecture standards and principles, ensuring they reflect emerging threats, best practices, and regulatory changes.
• Monitoring security trends, threat landscapes, and emerging technologies to enhance the organization’s preparedness and adapt cyber strategies accordingly.
• Collaborating with business, legal, and GBS procurement team to ensure contractual security terms meet regulatory and compliance requirements and support the procurement of new technology solutions.
• Participating actively in risk assessments, security audits, and other relevant GRC initiatives, leveraging findings to refine and strengthen the overall security posture.
  
  
  

What we are looking for:

• Ability to interpret technical information and communicate findings in an easy, understandable, and interesting way
• Self-going and self-managed, able to take own initiatives to meet agreed goals and milestones
• Excellent collaboration and communication skills with strong proficiency in written and spoken English
• Understanding of governance, risk, and compliance frameworks (e.g., ISO 27001, NIST, GDPR) and how they inform security architecture and operational practices
• Ability to balance business objectives with regulatory requirements, ensuring compliance while maintaining operational efficiency
• A strong interest in cyber security with an inner drive to continuously improve and excel at security architecture and maturity initiatives
• A strong believer in «Zero Trust» approach to cyber security and architecture
• Experience with guiding projects and initiatives on security best practices
  
  
  

Required educational and desirable foundational knowledge:

• University degree (minimum bachelor’s) in IT/Cybersecurity, programming, or similar fields. Relevant experience can compensate for a lack of formal education.
  
  
  

Experience and/or a keen interest in at least one of the following areas:

• Familiarity with concepts like Secure by Design, OWASP Top 10, and SSDLC, applying these principles to ensure robust security postures
• Security architecture and principles like Zero Trust or Secure by Design
• Security frameworks like ISO27001, NIST CSF or similar
• Security Governance and a bridge between technical and GRC security aspects
• Application security and Vulnerability management
• Cloud security (like Microsoft 365, Azure, Entra ID, E5 Security tools)
  
  
  

What we can offer:    

We can offer a culture and work environment of strong leadership, career development, work-life balance and a job that is both challenging and stimulating. Our organization thrives by using modern tools and is eager to utilize the business opportunities that comes with new digital tools and skills. Beyond this, we have benefits that include, but are not limited to:  

• Competitive pension plan  
• Company cabins/apartments (Norway, Denmark, Sweden, Germany, Spain and Portugal)  
• Social events year round (e.g., cooking classes, yoga, dance, and rock-climbing lessons etc.)  
• Sports club membership that includes sporting and cultural activities (e.g., group training in our gymnasium, sailing, theatre and concert tickets etc.) 
  
  
  

Sound interesting? If you can see yourself in this role, please let us know why you are our new Security Architect by submitting your resume and cover letter in English.     

   

Application deadline: 7th March 2025  

Work Location: Lysaker , Hamburg, Barcelona, Szczecin & Rotterdam

Contact details: Recruitment Specialist – Nasra Mohamed – [email protected]