Summary of the Role
The Threat Hunter and Defense Manager is an experienced position within CISO Security Operations, responsible for identifying, analyzing, mitigating, and managing potential high impact Information Security events and incidents at Hapag-Lloyd.
An ideal candidate will spearhead our threat hunting and defense initiatives, playing a pivotal role in the proactive identification and neutralization of advanced cyber threats. As the cornerstone of our forward-looking security posture, this role demands an innovative mindset, a strong background in threat hunting, deep technical expertise, and a very good understanding of threat actor behaviors, attack vectors, techniques, and tactics. Additionally, you will provide input into incident response processes and plans, working with internal and external third parties, and providing executive awareness and communications on significant incidents, events, or threats to the organization.
You are expected to provide insights in operational work by delivering performance reports and operational briefings to stakeholders, based on the identification, analysis and investigation of emerging threats and their business impact on the organization.
By staying ahead of the threat curve and devising proactive measures, the Threat Hunter Manager will be instrumental in shaping Hapag-Lloyd's resilience against evolving cyber threats and ensuring the integrity and confidentiality of our business operations and customer data. Reporting directly to the Head of Security Operations, you are expected to actively participate in collaboration initiatives and work with other peers inside and outside the company (including from government institutions and private sector) to further develop the understanding of the global landscape and contributing to enhance our organization’s overall security posture.
Responsibilities and Tasks
- Lead initiatives to identify and analyze advanced and persistent threats within the organization’s system using a combination of threat intelligence, big data analytics, and advanced monitoring.
- Develop and refine threat hunting and defense strategies, playbooks, and procedures to enhance the incident response process.
- Collaborate with cross-functional teams to develop and refine threat hunting methodologies, leveraging both internal and external threat intelligence sources.
- Work closely with the incident response, forensics, and SOC teams to integrate findings and improve detection capabilities.
- Assess and make recommendations on new cybersecurity technologies and techniques, optimizing threat hunting and defense capabilities.
- Analyze threat data from various sources to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with cyber threats.
- Communicate findings, trends, and recommendations to both technical and executive audiences.
- Produce timely and accurate reports on threat hunting activities, findings, and recommended actions to stakeholders and management.
- Convey the proper security severity by analyzing the scope and impact of breaches, explaining the risk exposure and its consequences to non-technical stakeholders, and developing mitigation strategies.
- Remain abreast of industry trends, emerging threats, and best practices to inform the enhancement of threat defense capabilities.
Requirements and Qualifications
- Master’s or bachelor’s degree or equivalent technical training in Information Technology, Information Systems Security, Cybersecurity, or related field.
- At least four years of professional experience on information security, cyber defense operations, incident response or relevant domain experience in large companies and corporate experience with a very strong technical background.
- Demonstrated Threat Hunting and Incident Response experience.
- Expertise in analyzing malware and malicious artifacts, employing both static and dynamic analysis techniques.
- Strong experience working with threat intelligence frameworks (like MITRE ATT&CK/D3FEND), methodologies and tools. Experience on security-related legal and regulatory requirements (BSI KRITIS, ISO 27001) is a plus.
- Experience analyzing and interpreting security logs, network traffic, and endpoint data to identify and investigate potential security incidents.
- Certifications such as GCIH, GCIA, GCFA, GDAT, eCTHP, OSCP, CISSP or similar is a plus.
- Take responsibility to steer execution of the strategy and actions based on facts and data.
- Experience in performing complex analysis and investigation of problems and their business impact on the organization.
- Experience in tech, security or shipping industry would be desired but not essential.
- Experience in setting relations within the organization, with IT and with business partners to coordinate activities and professional communication.
- Strong analytical and problem-solving skills.
We offer
- Dynamic and modern working atmosphere in a newly renovated, modern office in the heart of Hamburg’s city center
- At least 28 days of vacation, flextime, capital-forming benefits, hybrid work model
- Subsidy for public transportation
- Bike leasing for all positions
- Restaurant and coffee bar
- Health and company sports programs (e.g., yoga, sailing, fitness courses, and much more)
- Corporate volunteering cooperation with purpozed
#hapaglloyd
Save time with your application and send us only your CV for now. You can easily apply online by using our application tool.
We kindly ask recruiters and employment agencies to refrain from sending us unsolicited profiles and CVs of potential applicants for this or other positions advertised on our website.
•
Last updated on Nov 24, 2023