Posted: 30.05.2024
GRC Lead
NTG – Nordic Transport Group is a leading Danish logistics company, specializing in transporting goods within and outside of Europe by road, air, and sea. Home to some of the most skilled and ambitious professionals in the industry, NTG designs and tailors bespoke logistics solutions. Founded in 2011, NTG has rapidly grown to become one of the fastest-growing logistics companies in Scandinavia. With a portfolio of 80 acquired companies, each specializing in different logistics areas, NTG’s unique partnership model ensures high engagement and dedication among employees, contributing to continuous and significant growth.
About the Department
Last year, NTG expanded its IT organization to include Cybersecurity, IT Services, and Business Services. As part of this growth, the Security Operations Center (SOC) was established in 2023. The SOC team, currently consisting of four dedicated professionals, is committed to proactively addressing cybersecurity risks and enhancing NTG’s overall security posture. Key focus areas include identifying, analyzing, and responding to security incidents and maintaining compliance with standards like CIS controls and ISO 27002 guidance. The team values knowledge sharing, trust, and empowerment, fostering an informal and relaxed culture with a strong emphasis on both social and professional events.
About the Position
As the Governance, Risk, and Compliance (GRC) Lead, you will be at the forefront of protecting NTG’s systems and data from digital threats. Reporting directly to the CISO, you will have significant autonomy and responsibility. In collaboration with the SOC team, you will implement security measures, qualify risks, and track corrective actions. This role is integral to cultivating a culture of security awareness across the organization and contributing to ongoing ISO 27001 implementation and certification projects. You will work closely with IT and organizational teams to identify, assess, and mitigate information security risks while ensuring compliance with regulatory requirements.
Responsibilities
As the GRC Lead, your primary responsibilities will include:
- Contributing to NTG’s cybersecurity program with a focus on NIS2 directive compliance.
- Designing and implementing GRC strategies that align with business objectives and regulatory requirements, engaging with IT and business units.
- Building, implementing, and maintaining the ISMS in our ISMS tool provided by ISMS.online.
- Developing, implementing, and maintaining information security policies, standards, and guidelines.
- Conducting or facilitating risk assessments and evaluating the effectiveness of security controls.
- Ensuring the completion of internal audits and following up on non-conformities, utilizing an audit program controlled, led, and executed by ISMS.online.
- Educating and leading workshops with employees on security best practices, compliance standards, and establishing control areas.
- Producing awareness campaigns and reports on vulnerabilities and incidents, providing recommendations for improvement to mitigate potential security risks.
This recruitment is assisted by Capax Recruitment. If you would like to learn more about the position, please feel free to reach out to Freja Heltborg at fhe@capax.dk.
Jobinfo
Segment: IT
City: Hvidovre
State/Province: Denmark