Director (m/f/d) Cyber & Information Security - Risk & Compliance

Director (m/f/d) Cyber & Information Security – Risk & Compliance

Join to apply for the Director (m/f/d) Cyber & Information Security – Risk & Compliance role at Hapag-Lloyd AG

Director (m/f/d) Cyber & Information Security – Risk & Compliance

Join to apply for the Director (m/f/d) Cyber & Information Security – Risk & Compliance role at Hapag-Lloyd AG

We are seeking a highly skilled and motivated Director (m/f/d) Cyber & Information Security – Risk & Compliance to join us with the aim to further strengthen our CISO Leadership team. In this role, you will be responsible for managing information and cyber security risks, ensuring compliance, as well as ensuring resilience to security threats across our company. Reporting directly to the CISO and as a member of the Leadership Team, you will make a significant impact at Hapag-Lloyd by further building and leading our CISO Risk & Compliance team. Your primary focus will be on developing a strong team, and a robust and comprehensive information and cyber security risk management program. Collaborating with cross-functional teams, you will establish and enforce security policies, procedures, and controls to meet regulatory requirements and industry best practices.

• Design, develop, and execute our global information and cyber security risk management strategy, framework, and roadmap
• Establish and deliver procedures and controls to ensure compliance with regulatory and legal requirements, as well as internal standards
• Collaborate with key stakeholders to enhance and maintain a comprehensive set of security policies, standards, and procedures
• Develop and manage our Information Security Management System (ISMS)
• Ensure compliance with relevant regulatory requirements (e.g., GDPR, KRITIS) and industry standards (e.g., ISO 27001)
• Execute and oversee our Vendor Security Risk Management (VSRM) Program
• Define and lead our Project Risk Assessment methodology, including processes and tools
• Establish and manage our Information & Cyber Security Risk Management methodology, processes, and tools
• Conduct business impact analysis (BIA) and risk assessments (RA) of applications
• Educate and empower Hapag-Lloyd’s personnel about Information & Cyber Security Risks, regulations, and compliance to minimise associated risks
• Collaborate with the CISO, IT, and Business departments to ensure compliance and proper risk management across the organization
• Identify, assess, and prioritize potential risks related to information systems, networks, data assets, and compliance
• Implement and manage security controls, technologies, and processes to mitigate identified risks and vulnerabilities
• Stay updated with the latest trends and emerging threats in information and cyber security, making recommendations for improvement
• Establish and maintain relationships with internal and external auditors, vendors, and industry experts for compliance and continuous improvement
• Define, develop, and report metrics to measure the effectiveness of controls and compliance
• Provide regular reports and updates to senior leadership and relevant stakeholders on the state of information and cyber security risk management and compliance

Qualifications

• Extensive experience (including several years of leadership experience) in information & cyber security, risk management, and compliance roles
• Strong knowledge of information security principles, frameworks, and best practices
• Deep understanding of cyber threats, vulnerabilities, and attack vectors, with a track record of implementing effective security controls
• Familiarity with regulatory requirements and industry standards related to information security and data privacy
• Strong analytical and problem-solving abilities, with keen attention to detail
• Excellent communication, presentation, and training skills, including the ability to communicate technical concepts to non-technical stakeholders
• Strong understanding and passion for information security risks and mitigating behaviors
• Excellent leadership skills, with experience leading and managing teams and driving change across the organization
• Collaborative mindset and experience working with Legal, DPO, Risk & Control, Audit, and Procurement teams
• Understanding of privacy regulations (GDPR) and other security standards and frameworks (ISO 27001, OWASP Top 10, CIS Top 20, NIST CSF) is advantageous
• Experience in large international organizations and handling enterprise-level projects
• Experience in transformational projects in IT or Information Security
• Fluency in written and spoken English

We offer We offer:

• The opportunity to introduce solutions that you are individually convinced of, and to constantly take on new challenges with a distinguished level of responsibility
• Excellent career development opportunities, supported by a spacious range of training and development courses
• Competitive remuneration (14 salaries) and various benefits, as well as a permanent employment contract with a financially healthy company
• 30 days of vacation, flextime, capital-forming benefits, company pension plan
• Company restaurant with constant fluctuating, great-quality dishes to choose from as well as coffee bar
• Centrally located between the main train station and Jungfernstieg as well as subsidized public transportation
• Blended work model: 3 days a week at our headquarters in the heart of Hamburg and 2 days a week of mobile work
• Health and company sports programs (e.g. yoga, sailing, company doctor, etc.) as well as bicycle leasing
• Fitness Cooperation with EGYM – Wellpass
• Please use our online tool for applying with us.

Please use our online tool for applying with us.
We ask staffing consultants and recruiting firms to refrain from sending us unsolicited profiles and CVs of potential candidates for this or other positions advertised on our website.About Us With a fleet of 287 modern container ships and a Vessel Capacity 2.2 million TEU, as well as a Container Capacity 3.2 million TEU including one of the world’s largest and most modern reefer container fleets, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 13.500 employees and 400 offices in 139 countries. Hapag-Lloyd has a container capacity of 11.9 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 114 liner services worldwide ensure fast and reliable connections between more than 600 ports across the world. In the Terminal & Infrastructure segment, Hapag-Lloyd has stakes in 20 terminals in Europe, Latin America, the United States, India, and North Africa. The roughly 2.600 employees assigned to the Terminal & Infrastructure segment deal with terminal-related activities and provide complementary logistics services at selected locations.

Seniority level

• Seniority level

  Director

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Transportation, Logistics, Supply Chain and Storage

Referrals increase your chances of interviewing at Hapag-Lloyd AG by 2x

Get notified about new Director (m/f/d) Cyber & Information Security – Risk & Compliance jobs in Hamburg, Hamburg, Germany .

VP Head of Cyber Defence Unit (all genders)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr