Build Trust for Europe's AI Healthcare Revolution

Are you ready to own and operate the security agenda at one of Europe’s fastest-growing tech companies? Noteless is hiring a hands-on Security & Compliance Lead to mature our security program. You’ll maintain and improve our certifications and privacy posture while building pragmatic, scalable processes for a growing engineering organization. About Us

Noteless is at the forefront of healthcare innovation. Our AI transforms patient conversations into structured clinical notes, giving clinicians hours back per day for patient care.

Built by healthcare professionals for healthcare professionals, our team blends practicing physicians with world-class engineers to solve real clinical needs at scale. About the Role

You will own and evolve our established security and compliance framework, report directly to the CTO and partner closely with Product & Engineering and legal counterparts.

Day-to-Day, You Will:

• Manage security operations: vulnerability scanning, incident response, security monitoring, and risk assessments

• Own compliance framework: maintain ISO 27001 ISMS, MDR documentation, GDPR compliance, and prepare for AI Act

• Handle external interactions: customer security questionnaires, vendor assessments, audits, and due diligence

• Partner with Engineering: embed security in development, build scalable processes, and drive security culture through training

• Automate and optimize: streamline GRC documentation and integrate security tools with existing systems

What We’re Looking For

A pragmatic, hands-on operator who translates frameworks into action, automates the boring parts, and continuously improves.

Essential Skills & Experience

• 3+ years in a GRC/security-compliance role (or equivalent impact)

• Proven, practical ISO 27001 experience (implementation or maintenance)

• Hands-on with security tooling (SIEM, vulnerability scanners, cloud security)

• Strong understanding of GDPR and privacy

• Excellent communication and training skills

• Fluency in English

Nice-to-Haves

• Technical background (software/DevOps)

• Experience in Health Tech, AI, or other regulated environments

• Exposure to Medical Device Regulation

• Experience with GRC tools (e.g. Vanta/Drata)

• Relevant certifications (e.g. CISM, CISA, CRISC)

We know great candidates don’t all follow the same path. If you can create impact in this role, we want to hear from you, even if you don’t meet every single bullet.

What Noteless Offers

• Impact that directly improves patient care and reduces bureaucracy for thousands of clinicians

• A dynamic team with deep expertise in medicine and AI

• Competitive salary

• Modern offices at Forskningsparken, Oslo

• A clear path to grow into Head of IT Security & Compliance or CISO as we scale

Ready to build trust in healthcare?

Apply today and help us secure the future of medical documentation.

Questions? Contact Anna Viken at anna.viken@noteless.no or +47 941 43 866

We look forward to hearing from you!