Hybrid Threat Detection and Response Analyst (m/f/d) bei Hapag-Lloyd AG
Hapag-Lloyd AG · Hamburg, Deutschland · Hybrid
- Professional
- Optionales Büro in Hamburg
Hapag-Lloyd CISO is accountable on securing our business operations and protecting customer trust through proactive threat prediction, prevention, identification, and rapid incident response to threats, making sure we perform a quick recovery from cyber-related incidents. Our mission is to enable the organization to conduct business safely and efficiently while embedding security into our corporate culture. The CISO team works across Hapag-Lloyd management, business operations, and other divisions to provide secure, usable services that align with our commitment to security as a core value.
Hapag-Lloyd faces an increasingly complex environment where disruptive technologies, new cyber threats, and evolving security regulations pose significant risks. In response, we prioritize digitization and customer-centric solutions as part of Hapag-Lloyd’s core values: “We care, We move, We deliver,” which are integral to everything we do.
Responsibilities
- Conduct comprehensive investigations into escalated security incidents, performing root cause analysis and remediation planning to ensure effective threat resolution
- Coordinate responses across the Cyber Security Operations (CySO) team and ensuring accurate, timely information dissemination
- Support the entire security incident lifecycle from detection to closure, ensuring proper documentation, root cause analysis, and coordination with stakeholders
- Perform post-incident analysis, compile and track metrics, and document lessons learned to improve response processes and reduce future risk
- Develop training materials and enhance team capabilities in Threat Detection and Response
- Conduct proactive cyber hunting exercises and assist in strategy development for threat detection and remediation
- Identify workflow automation opportunities to streamline response processes and reduce response times
- Engage in continuous learning, staying updated on emerging threats and enhancing the Threat Detection and Response team’s techniques and effectiveness
- Provide timely and accurate briefings to senior stakeholders, including C-level executives, during major security incident responses
- Ensure compliance with operational procedures, capturing and reporting incident metrics, and identifying opportunities for process improvement
Qualifications
- Master’s or bachelor’s degree or equivalent technical training in Information Technology, Information Systems Security, Cybersecurity, or related field
- At least 3 years of experience in Cybersecurity, with a focus on Threat Detection and Response (TDR) functions (L3-L4 Analyst)
- Proven expertise in security incident investigations, especially at a senior level, with experience in deep threat analysis and remediation
- Demonstrated knowledge of incident response frameworks, such as the Cyber Kill Chain and Diamond Model, with hands-on experience in SIEM systems and network investigations
- Experience with security tools and platforms, ideally; Microsoft Azure Sentinel, Microsoft Defender, QRadar, Palo Alto XSIAM, and other SIEM and logging systems
- Familiarity with network protocols (e.g., DNS, HTTP, SMB, …) and expertise in several OS file system, registry functions, and memory artifacts (e.g., Windows, Linux, Unix, AIX, …)
- Prior relevant experience working in a 24x7 SOC environment with the ability to support high-severity incidents under pressure
- Experience developing security incident escalation procedures and proactive Threat Hunting exercises
- Excellent communication skills, with experience presenting technical information to both technical and non-technical stakeholders
- Industry certifications such as GCIA, GCIH, GCFA, Security+, Network+, or other incident response and threat detection certifications are preferred
- Strong analytical skills, with the ability to dissect complex incidents and produce strategic insights for threat management
- Experience working in Supply Chain, Logistics, Shipping/Transport sectors is a plus.
- Ability to work collaboratively in a team environment and with employees from various departments
About Company
- The opportunity to introduce solutions that you are individually convinced of, and to constantly take on fresh challenges with a distinguished level of responsibility
- Excellent career development opportunities, supported by a spacious range of training and development courses
- Competitive remuneration (13 salaries + vacation pay) and various additional benefits, as well as a permanent employment contract with a financially healthy company
- A minimum of 28 days of vacation, flextime, capital-forming benefits, company pension plan
- Company restaurant with everyday fluctuating, great-quality dishes to choose from as well as coffee bar
- Centrally located between the main train station and Jungfernstieg as well as subsidized public transportation
- Blended work model: 3 days a week at our headquarters in the heart of Hamburg and 2 days a week of mobile work
- Health and company sports programs (e.g. yoga, sailing, company doctor, etc.) as well as bicycle leasing
- Please use our online tool for applying with us.
- We ask staffing consultants and recruiting firms to refrain from sending us unsolicited profiles and CVs of potential candidates for this or other positions advertised on our website.