About Hapag-Lloyd
With a fleet of 264 modern container ships and a total transport capacity of 2.0 million TEU, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 13,500 employees and 400 offices in 135 countries. Hapag-Lloyd has a container capacity of 2.9 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 113 liner services worldwide ensure fast and reliable connections between more than 600 ports across the world. In the Terminal & Infrastructure segment, Hapag-Lloyd has stakes in 20 terminals in Europe, Latin America, the United States, India, and North Africa. The roughly 2,600 employees assigned to the Terminal & Infrastructure segment handle terminal-related activities and provide complementary logistics services at selected locations.

Summary of the role:

As a Cyber Security Engineering Manager, you will act as a conduit between Security Operation Capabilities (Hub, CTI, TDR, ASM) to provide priorities on monitoring, detection, prevention controls, tool automation and use case detection. The candidate will also lead proof of concept for new security controls, and lead security architecture discussions on behalf of Security Operations, with the Enterprise (Security) Architects and Platform Security Leads for the road mapping implementation.

This position, reporting to the Head of Security Operations and working closely with other colleagues from CISO organization and other cross-functional teams, will play a key role by directly contributing to the overall enterprise security engineering effort and lead the security vision and strategy around securing endpoints and our on-prem and cloud-based applications and services.

You, as the ideal candidate, will have a strong security background and hands-on experience with implementing concepts and technologies such as SOC Detection Engineering, Tools Automation, Security Architecture Services Edge, Data Loss Prevention, Email Security, SIEM/SOAR optimization, and Application Security.

Responsibilites and tasks:

  • Minimize the risks of HLAG infrastructure, systems, and applications and reducing attacks by ensuring continuous hardening the security configuration of devices, systems, and applications and getting compliance with regulations and policies made by either industry or government.
  • Manage configuration baselines to provide guidance on how systems and endpoints are managed and hardened against security threats and vulnerabilities.
  • Provide measurable priorities on monitoring, detection and prevention controls and use cases.
  • Lead proof of concept for tools, refresh or addressing gaps in protection, monitoring and detections solutions, enhancement, and tracking on behalf of Security Operations in collaboration with the Enterprise Security Architects and aligning with the CISO strategy.
  • Lead any security architecture discussions on behalf of Security Operations with the Enterprise (Security) Architects and Platform Security Leads for the road mapping implementation.
  • Use Agile methodologies to manage and improve team performance, while collaborating to bring efficiencies to interactions with stakeholders and partners.
  • Identify operational roadblocks to ensure timely remediation and countermeasures.
  • Be a strong technologist with pragmatic view and creative mind, and a natural collaborator with line of business architects, engineers, developers, application owners, service providers, and senior management.
  • Implement techniques and tools that promote effective analysis and the ability to determine the root cause of application/product/service security problems and create alternative solutions that resolve the problems in the best interest of the business.

Requirements and qualifications:

  • Master’s or bachelor’s degree or equivalent technical training in Information Technology, Information Systems Security, Cybersecurity, or related field.
  • 5+ years of technical experience in two or more of the following: Security Operations, Incident Response, IT Security assurance, Network security administration, Security engineering, Pen testing.
  • Profound understanding of Detection Engineering, Zero Trust, Cryptography, CASB, Security Architecture Services Edge, DLP, Email Security, Application Security, and integration to SOC/SIEM services.
  • Experience applying controls in alignment with acknowledged security frameworks (i.e., ISO, NIST, CIS, CSA, MITRE ATT&CK and D3FEND, OWASP, API security, cloud security best practices, …).
  • Ability to clearly convey results in formal technical reports and deliver briefings to senior staff, technical specialists, and management, including CISO and C-Suite.
  • Relevant certifications such as SANS/GIAC, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Project Management Professional (PMP) certifications are highly desired.
  • Professional experience at management level and relevant information security, security engineering or relevant domain experience in large companies and corporate experience.
  • Experience with automation, metrics analysis & presentation is a significant plus.
  • Experience in managing project plans, budgets and working with external partners.
  • Fluent both in written and spoken English.

We offer:

  • The opportunity to introduce solutions that you are personally convinced of, and to constantly take on new challenges with a high level of responsibility
  • Excellent career development opportunities, supported by a wide range of training and development courses
  • Competitive remuneration (13 salaries + vacation pay) and social benefits, as well as a permanent employment contract with a financially healthy company
  • At least 28 days of vacation, flextime, capital-forming benefits, company pension plan
  • Company restaurant with daily varying, high-quality dishes to choose from as well as coffee bar
  • Centrally located between the main train station and Jungfernstieg as well as subsidized public transportation
  • Hybrid work model: 3 days a week at our headquarters in the heart of Hamburg and 2 days a week of mobile work
  • Health and company sports programs (e.g. yoga, sailing, company doctor, etc.) as well as bicycle leasing

Contact person

Dawid Bujalla Manager Talent Acquisition & Employer Branding