IT Security & GRC Manager

Company Overview

Blue Water Shipping is a global logistics provider delivering comprehensive, tailor-made supply chain solutions. Founded in Denmark in 1972, we are a worldwide team of dedicated professionals committed to delivering customer-centric services and operational excellence.

As part of our digital transformation, we are evolving into a product-driven organization with modern, secure, and business-aligned IT services. To strengthen our governance, risk, compliance, and cybersecurity capabilities, we are evolving a combined IT Security & GRC function and are looking for a pragmatic IT Security & GRC Manager to help drive and mature this area.

The Role

As IT Security & GRC Manager, you will lead a team of 3–4 specialists across security operations, governance, compliance, and risk. You will help strengthen our security posture, drive compliance with frameworks such as NIS2 and ISO27001, and make sure secure ways of working are built into how IT operates. We are looking for a hands-on leader who builds trust, creates momentum, and works well across teams.

Key Responsibilities

Team Leadership & Coordination

• Lead, develop, and grow an IT Security & GRC team of 3–4 specialists, with a strong focus on people, well-being, and individual development

• Drive prioritization, planning, and execution across security and compliance activities, making clear decisions and moving things forward even when information is incomplete

• Foster a collaborative, pragmatic, and improvement-focused team culture that people genuinely want to be part of

• Act as a bridge between technical security operations and governance/compliance requirements, building trust and strong working relationships across teams

Security Operations & Security Engineering

• Oversee and support day-to-day security operations, monitoring, and incident response activities

• Ensure continuous improvement of detection capabilities, response procedures, and operational security tooling

• Support the ongoing development and use of Microsoft security technologies including Microsoft Defender, Sentinel, Entra ID, and Purview

• Contribute to vulnerability management, remediation tracking, and security hardening initiatives

• Support implementation of security-by-design principles across IT services and projects

Governance, Risk & Compliance

• Maintain and improve IT security governance processes, policies, and standards

• Coordinate IT risk assessments and support risk mitigation activities

• Support compliance efforts related to NIS2, ISO27001, GDPR, and internal governance requirements

• Contribute to audits, documentation, and compliance reporting activities

• Ensure security controls and processes are aligned with enterprise governance standards

Stakeholder Collaboration

• Work closely with IT teams, Enterprise Architecture, Operations, and business stakeholders

• Translate technical security risks into business-relevant insights and recommendations

• Collaborate with broader corporate governance, risk, and compliance functions outside IT

• Support awareness and maturity-building initiatives across the organization

Your Background

Experience & Skills

• 5+ years of experience within cybersecurity, IT security, GRC, or related IT roles

• Experience coordinating or leading smaller teams or technical/security initiatives

• Good understanding of both operational security and governance/risk/compliance disciplines

• Familiarity with security frameworks such as ISO27001, NIST, or CIS

• Experience working in regulated environments is an advantage

• Understanding of IAM, vulnerability management, and incident response processes

Personal Attributes

• A manager who genuinely cares about developing teams and individuals

• Strong bias for action and driving progress under imperfect or ambiguous conditions

• Pragmatic and delivery-focused

• Collaborative by default, building trust across technical and business stakeholders

• Comfortable operating in a smaller, high-impact team environment with a clear leadership focus

• Strong communicator capable of translating technical topics into business impact

• Structured with a continuous improvement mindset

• Fluent in English, both written and spoken

What We Offer

• A central role in building and maturing a modern IT Security & GRC capability

• Opportunity to influence both strategic direction and operational improvements

• A collaborative and informal working environment with high impact and visibility

• Broad exposure across security, governance, risk, and compliance domains

• Hybrid work model with flexibility and opportunities for professional development

Contact

For more information, contact Alex Clausen, CIO at +45 4022 9640.