Senior Cyber Engineer

Senior Cyber Engineer

Maersk is the largest shipping and container logistics company in the world. A $40bn organisation with over 85,000 people, we ship roughly 20% of the world’s container freight. We’re bringing our organisation together to become an integrated container shipping and logistics company, fundamentally re-thinking how we do business.

Maersk is going through times of unprecedented change. As we aspire to secure sustainable growth of our businesses, we need to re-think the way we engage with our customers and partners. Digitisation and IT are taking centre stage in enabling this engagement. Join us in Transport and Logistics IT as we re-think what technology can do to drive growth.

We Offer:

Joining Maersk T&L will embark you on a great journey with career development in a global organisation. As an Engineer you’ll be working in Secure-by-Design Tooling team within our Cyber Organisation You will gain broad business knowledge of the company’s activities globally, as well as understand how the complexity of IT supports the transport and logistics business.

You will be exposed to a wide and challenging range of business issues through regular engagement with key stakeholders across all management levels within Maersk.

You will work and communicate across geographical and cultural borders that will enable you to build a strong professional network. We believe people thrive when they are in charge of their career paths and professional growth. We will provide you with opportunities to broaden your knowledge and strengthen your technical and professional foundation.

At Maersk we value the diversity of our talent and will always strive to recruit the best person for the job – we value diversity in all its forms, including but not limited to gender, age, nationality, race, sexual orientation, disability or religious beliefs. We are proud of our diversity and see it as a genuine source of strength for building high performing teams.

What we are looking for:

Do you have 8+ years of DevOps experience?

Are you a developer with a keen interest on Application Security?

Are you interested in gaining or developing your experience in the Application Security? Read on…

Cyber Identify team is looking for an Engineer to join their team to assist with the automation of Application Security tools in the Github workflows and playbooks. We have lot to do for API Security and using AI/ML to develop our threat modelling tool further. You don’t have to be a cybersecurity expert but need to have a decent understanding of it and must have a genuine interest and passion for developing yourself further in the security space, the team will happily help you develop and upskill.

Key Responsibilities:

• Build, maintain and continuously improve an infrastructure for a multi-site development team including source code repository, build tools and scripts, continuous integration infrastructure, packaging, and deployment tools
• Evangelize best practice DevOps Security and Agile within the broader organization.
• Participate in sprint planning, backlog refinement and task estimation
• Act as a Sr. Security Engineer in the Tooling team collaborating with the Business Platforms, Tools and Cloud Engineering teams on the design, deployment and management of Application Security tooling focusing on risk reduction/ mitigation
• Strive for continuous improvement and build, release operations, continuous integration, continuous development, and constant deployment pipeline (CI/CD Pipeline)
• Leverage security automation tooling, develop and maintain playbooks and workflows based on operational use cases
• Support the integration and implementation of security controls for global Information Technology platforms, capabilities and applications to ensure adherence to critical business objectives, regulatory requirements and cyber security policies
• Ensure the deployment of security tools is achieved with the minimum of impact to business
• Establish clear maintenance and support procedures for Application security capabilities
• Maintain detailed knowledge of emerging threats, risks, technical innovations and security capabilities

Qualification:

• Bachelor’s degree in computer science, Engineering, or a related subject with 8+ year of work experiences in relevant field
• Hands-on experience in engineering, DevOps, or as a software / system engineering staff member
• Extensive experience performing security investigations, penetration testing, and/or incident response in the context of large organisations
• In-depth understanding of security threats, hands-on experience detecting and defending from cyber-attacks, and experience using big data analytics and orchestration to address security challenges
• Ability to develop code with at least one modern language such as Java, Go, Python
• Experience of cloud infrastructure environments (e.g. AWS, Azure, GCP)
• Experience of Container based architecture and deployments (Terraform, Kubernetes, Docker, Ansible, etc.)
• Configuration and managing databases such as MySQL, MSSQL, COSMOS
• Proficiency in multiple scripting languages (Go, Python, Perl, Shell Scripting, bash, etc.)
• Strong knowledge on Storage accounts, Azure Functions, COSMOS DB and Event Hubs
• Release automation (e.g. Jenkins), system administration, system configuration, and system debugging experience
• Excellent troubleshooting skills
• Strong sense of ownership combined with collaborative approach to overcoming challenges and influencing organizational change
• Drive to design new, innovative, and disruptive solutions.
• A well-organized, motivated and self-starting individual with strong written and verbal communication skills and able to be understood by both technical and non-technical personnel

Nice to have:

• Experience in Threat modelling, Vulnerability Management
• Experience contributing to the security community and other open-source projects, public research, presenting in conferences
• Experience with data science, big data analytics technology stack, analytic
• Experience with DevSecOps and strong understanding of DevOps and Application Security tool set
• Knowledge of static code analysis tool (SAST) and code composition analysis (SCA) tools like Coverity, Black duck, Prisma Cloud, other security tools
• Experience with any programming languages (JAVA, .NET, C#), JIRA integrations like SNOW, GIT, Confluence, Jenkins.

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing  accommodationrequests@maersk.com.