About Hapag-Lloyd
With a fleet of 287 modern container ships and a total transport capacity of 11,9 million TEU, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 13,500 employees and 400 offices in 139 countries. Hapag-Lloyd has a container capacity of 11,9 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 114 liner services worldwide ensure fast and reliable connections between more than 600 ports across the world. In the Terminal & Infrastructure segment, Hapag-Lloyd has stakes in 20 terminals in Europe, Latin America, the United States, India, and North Africa. The roughly 2,600 employees assigned to the Terminal & Infrastructure segment handle terminal-related activities and provide complementary logistics services at selected locations.

About us:

We are seeking an accomplished and highly experienced Platform Security Lead (PSL) to join our team and enhance the security posture of our platforms.

As the Platform Security Lead within the CISO Department, you will drive security by design within IT and Development teams, assess and mitigate potential security threats, promote security awareness, and collaborate closely with our CISO teams to implement robust security requirements.

To excel as a PSL, you should possess keen attention to detail, strong strategic planning capabilities, and exceptional communication, interpersonal, and technical skills.

Responsibilities and tasks:

As a Platform Security Lead at Hapag-Lloyd, you will:

  • Champion security by design within IT and development teams
  • Conduct comprehensive risk assessments, including design reviews, security requirements generation, gap analysis, security control validation, pen-test support, vulnerability remediation advice, risk articulation, and formal Risk Opinion report issuance
  • Drive the integration of DevSecOps within our DevOps teams
  • Serve as the primary contact for security-related topics, acting as a bridge to expertise within the CISO department
  • Formally assess information security risks related to business projects, determine potential impacts, and ensure follow-up on remediation efforts throughout project lifecycles
  • Collaborate with IT teams (developers, architects, product owners, business) to align platform security with the company's risk appetite and threat landscape
  • Develop specialized knowledge of platform security, ensuring embedded security measures meet platform needs
  • Work with team members to identify and implement common security solutions
  • Support the CISO Risk & Compliance team and contribute to the creation, review, and update of information security policies
  • Stay current with the latest security systems, tools, trends, and technologies

Requirements and qualifications:

  • A Master’s or Bachelor’s degree in Information Technology, Information Systems Security, Cybersecurity, or a related field, or equivalent technical training
  • A minimum of 4 years of relevant IT and Information Security experience, demonstrating the ability to act independently with minimal supervision
  • Experience with security architectures including cloud, mobile, enterprise, web, and app security
  • Proficiency with threat modeling frameworks such as MITRE ATT&CK, STRIDE, and PASTA
  • Knowledge of core security standards and frameworks: ISO 27001, ISO 27017, NIST, NTSC, OWASP, CIS, CVSS
  • Expertise in security testing to prevent issues like code execution, SQL injection, and cross-site scripting
  • Experience with security in cloud computing and microservices architecture
  • Familiarity with security-related legal and regulatory requirements
  • Specialized knowledge in web and mobile application security, data protection methods, and the ability to share this expertise with the team
  • A broad understanding of security concepts with deep expertise in 2 or 3 specific areas
  • Excellent communication skills, capable of translating technical information for non-technical stakeholders

    Join us at Hapag-Lloyd and make a significant impact by leading our platform security initiatives and ensuring our security posture remains robust in an ever-evolving threat landscape.

We offer:

  • Constantly new, responsible tasks, the opportunity to introduce solutions that you are personally convinced of
  • Excellent opportunities for further development, supported by a wide range of training and development opportunities
  • Competitive remuneration (13 salaries + vacation pay) and social benefits, as well as a permanent employment contract
  • At least 28 days of vacation, flextime, capital-forming benefits, company pension plan
  • Company restaurant with daily changing, high-quality dishes to choose from as well as coffee bar
  • Central location between the main train station and Jungfernstieg as well as subsidy for public transportation
  • Hybrid work model: 3 weekdays at our headquarters in the heart of Hamburg and 2 weekdays mobile work
  • Health and company sports programs (e.g. yoga, sailing, company doctor, etc.) as well as bicycle leasing

Contact person

Dawid Bujalla Manager Talent Acquisition & Employer Branding