Are you ready to take on a pivotal role in shaping the future of secure and compliant information management?

As Director of Regulatory Affairs at Nammo, you will be at the forefront of protecting our most valuable assets—our data, our intellectual property, and our reputation. You will lead the charge in developing and implementing our Information Control Plan (ICP), ensuring regulatory compliance for cyber security across the Nammo Management System. Your expertise will be important for us in defining strategy, establishing robust safeguarding measures, and ensuring that Nammo meets the evolving information control requirements of a complex global marketplace. The span of your work will be cross-functional, collaborating with key internal and external stakeholders to improve our security framework and drive a culture of compliance.

Key Responsibilities

• Develop and implement Nammo’s Information Control Plan (ICP) to ensure compliance and protect sensitive data, including export-controlled information and intellectual property rights (IPR).

• Establish a data classification system, ensure proper labeling, and train employees in secure information handling.

• Work with IT, information security and export control teams to embed robust protection mechanisms into the ICP to ensure regulatory and contractual requirements are met for implementation of encryption, access controls, and secure communication tools.

• Work with Nammo teams to ensure regulatory compliance with NIST, CMMC, NIS2, Cloud computing and other regulations.

• Protect trade secrets, patents, and proprietary information by strengthening regulatory compliance and IPR in contracts, NDAs, and legal agreements.

• Develop and lead training programs to promote information management policies and strengthen the company’s compliance culture.

• Assess ICP effectiveness, track compliance with export control and cyber regulations, and report key findings to leadership.

• Act as a liaison with IT, Compliance, HESS, and Operations. Provide expertise in information control during mergers, acquisitions, and security incidents.

Skills and Qualifications

Required:  

• Minimum 5 years of experience in information governance, regulatory compliancy, export control, intelligence or intellectual property management.
• Experience managing compliance with export control laws and information protection regulations.
• Knowledge of data classification frameworks, data protection standards, and information access control systems, for example ISO.
• A master's degree in law, business, compliance or a related field
• Language skills: Norwegian and English  

Preferred:   

• Experience with ISO standards, preferably ISO 27001.

• Background in international business trade, ideally within the defense industry.

• Familiarity with export control regulations, AI, cybersecurity, and information security management.

• A network within government agencies, regulatory bodies, and industry groups related to defense and national security.

• Knowledge of government regulations, including export control laws (ITAR, EAR, EU) and data protection standards (GDPR, Cloud computing, CMMC, UK Cyber Essentials).

• Proficiency with information governance tools and enterprise software.

Why Nammo?

At Nammo, you will have the opportunity to make a real impact by actively shaping policies and decisions that protect sensitive information on a global scale. Working in an international environment, you will engage with government agencies, regulatory bodies, and industry leaders, expanding your professional network and collaborating across borders. With a strong focus on geo- and security policy, this role places you at the heart of critical defense and national security discussions, ensuring compliance with evolving regulations.

Working Conditions

• Full-time, based in Raufoss

• Flexibility for hybrid or remote work arrangements. Presence at least 3 days a week on site is expected

• Occasional travel to countries where Nammo conducts business to support regulatory compliance operations and ensure alignment with corporate strategy

Please note that the position requires you to obtain security clearance from national security authorities at NATO level.

Do you want to know more?

To ensure a fair and thorough selection process, we are collaborating with The Assessment Company, a professional partner specializing in recruitment and assessment. Feel free to contact one of our advisors in The Assessment Company if you have any questions regarding this position or the process:

Oskar Øby: +47 908 90 268 / oskar.oby@theac.no

Isabel Andersen: +47 926 82 929 / isabel.andersen.mougios@theac.no

Application deadline:

Thursday 3. April