Manager (m/f/d) Risk Management Information & Cyber Security

Job Description

Hapag-Lloyd CISO is accountable for keeping the business secure and safeguarding customer trust by predicting, preventing, identifying, and responding to threats and ensuring a quick recovery from cyber-related incidents. While assisting Hapag-Lloyd management, business, and other areas, we enable our employees by providing usable and secure services and ensuring that security is part of our DNA. Our mission is to enable the company to continue doing business securely and efficiently.

Hapag-Lloyd operates in an increasingly complex environment where disruptive technologies, new types of threats, and new cybersecurity regulations create additional cyber risks for organizations. Digitization is a top priority as customer preferences are changing towards mobile and digital and is part of Hapag-Lloyd values: \“We care, We move, We deliver\“, which are the heart of everything we do.

The Manager (m/f/d) Risk Management Information & Cyber Security will lead the risk management within the scope of the CISO department.

Hapag-Lloyd has implemented a risk management system based on FAIR methodology and regular compliance assessment. We expanded the system with event-based risks, providing us with the capability to assess single risks such as those deriving from new software solutions or new vendors. With the passion and expertise of the candidate, we want to further improve our quantitative risk capabilities, our risk assessment, stakeholder-specific reporting, as well as overall maturity and the integration of other processes and tools.

The role is a control function with additional strong consulting capabilities, to empower the business and IT to deliver the best services to our customers.

Responsibilities

• Lead the Information & Cyber Security risk management
• Perform risk assessments and support and coach the other risk experts
• Create risk reports for risk owners and various stakeholders up to the board
• Improve the maturity of the corresponding risk management framework, processes, reports, and the GRC tool
• Consult risk owners on adequate mitigations
• Ensure timely risk mitigations in collaboration with our team for tracking audit findings and risk mitigations
• Improve integration of our other processes into our risk management, like ISMS, threat modeling, threat intelligence, and vendor security risk management
• Support with developing and implementing the strategy for our Risk & Compliance team
• Support the legal and sales experts in defining and negotiating adequate legal clauses with our customers and vendors
• Improve collaboration within the CISO team and with IT and business to ensure compliance and appropriate risk management across the organization
• Support the team leadership in budget and project planning
• Explore new impulses, trends, and innovations in the areas of information security risk & compliance and make recommendations for improvements

Qualifications

• Extensive experience in information and cybersecurity risk management
• Several years of experience in carrying out a Risk Manager role
• Experience with Operational Risks and quantitative risk methods is a strong plus
• Experience in training risk officers to improve their risk assessment capabilities
• Strong knowledge of information security principles, frameworks, and best practices
• Deep understanding of cyber threats, vulnerabilities, and attack vectors, with a track record of implementing effective security controls
• Strong analytical and problem-solving abilities, with keen attention to detail
• Strong communication, presentation, and training skills, including the ability to communicate technical concepts to non-technical stakeholders
• Strong understanding and passion for information security risks and mitigating behaviors
• Collaborative mindset and experience working with Legal, DPO, Risk & Control, Audit, and Procurement teams
• Experience in large international organizations and handling enterprise-level projects

About Us

With a fleet of 287 modern container ships and a Vessel Capacity of 2.2 million TEU, as well as a Container Capacity of 3.2 million TEU including one of the world\’s largest and most modern reefer container fleets, Hapag-Lloyd is one of the world\’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 13,500 employees and 400 offices in 139 countries. Hapag-Lloyd has a container capacity of 11.9 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 114 liner services worldwide ensure fast and reliable connections between more than 600 ports across the world. In the Terminal & Infrastructure segment, Hapag-Lloyd has stakes in 20 terminals in Europe, Latin America, the United States, India, and North Africa. The roughly 2,600 employees assigned to the Terminal & Infrastructure segment deal with terminal-related activities and provide complementary logistics services at selected locations.

About the Team

• The opportunity to introduce solutions that you are individually convinced of and to constantly take on fresh challenges with a distinguished level of responsibility
• Excellent career development opportunities, supported by a spacious range of training and development courses
• Competitive remuneration (13 salaries + vacation pay) and various additional benefits, as well as a permanent employment contract with a financially healthy company
• A minimum of 28 days of vacation, flextime, capital-forming benefits, company pension plan
• Company restaurant with everyday fluctuating, great-quality dishes to choose from as well as coffee bar
• Centrally located between the main train station and Jungfernstieg as well as subsidized public transportation
• Blended work model: 3 days a week at our headquarters in the heart of Hamburg and 2 days a week of mobile work
• Health and company sports programs (e.g., yoga, sailing, company doctor, etc.) as well as bicycle leasing

Please use our online tool for applying with us. We ask staffing consultants and recruiting firms to refrain from sending us unsolicited profiles and CVs of potential candidates for this or other positions advertised on our website.

#J-18808-Ljbffr