Senior Cyber Detect Engineer Porto Porto, Porto, Portugal Job Description:Maersk is a global leader in integrated logistics and have been industry pioneers for over a century. Through innovation and transformation we are redefining the boundaries of possibility, continuously setting new standards for efficiency, sustainability, and excellence.At Maersk, we believe in the power of diversity, collaboration, and continuous learning and we work hard to ensure that the people in our organisation reflect and understand the customers we exist to serve.With over 100,000 employees across 130 countries, we work together to shape the future of global trade and logistics.What we offer:To work at Maersk is to work with the world. You'll learn from – and collaborate with – skilled professionals who literally move the world, every day. With a supportive environment to develop your skills, you'll gain access to class learning programmes to accelerate your career goals. And you'll find yourself welcome in our diverse and inclusive culture, where you are valued for who you are and rewarded for what you bring. For this and many other of our roles, we can offer the flexibility of hybrid working, alongside industry leading benefits such as pension, private healthcare and 25 days annual leave as standard.About the opportunity:You will be responsible for identifying potential security threats and automating the processes that detect and respond to these threats. The role typically involves a combination of monitoring, analysis, and the implementation of automated systems to enhance the efficiency and effectiveness of our cybersecurity measures. You will help with the deployment, configuration, maintenance, and support of our internal business critical systems, whilst at the same time helping to look after services lifecycle management (development, build, maintenance, and improvement) of the end to end stack cyber security logging & monitoring platform.What you'll be doing:Threat Detection:Monitoring: reviewing networks, systems, and applications via the logs/data received for signs of security breaches or unusual activities/trends.Develop and implement threat detection mechanisms across multiple platforms, including SIEM, EDR, XDR, and Deception tooling.Regularly test and validate detection logic and triggers to ensure accuracy and reliability.Analysis: Analyse security alerts and logs to identify potential threats and vulnerabilities to build out use cases and playbooks and to reduce the manual effort of investigating them.Incident Response: Collaborate with incident response teams to investigate and mitigate security incidents.Automation:Scripting and Tools Development: Develop and implement scripts and tools to automate repetitive tasks related to threat detection and incident response.Integration: Integrate security tools and platforms (like SIEMs, IDS/IPS, firewalls) to streamline detection and response workflows.Playbooks: Create and maintain automated response playbooks to standardize and accelerate incident handling processes.Security Operations:SIEM Management: Manage Security Information and Event Management (SIEM) systems to ensure effective collection, correlation, and analysis of security data.Rule Tuning: Continuously tune detection rules and signatures to reduce false positives and enhance detection accuracy.Threat Intelligence: Utilize threat intelligence feeds to stay updated on emerging threats and adapt detection mechanisms accordingly.XDR: Manage and ensure effective playbooks are in place to drive mundane activities.EDR: Manage and maintain detections from the EDR platform to ensure aggregation and automation is driven via XDR.Testing: Ensure that simulations and testing against all detections are done quarterly to ensure all are still fit for purpose.To succeed in this role, we believe that you can offer:Knowledge of Security Tools: Proficient with security tools such as SIEM, IDS/IPS, EDR, and firewalls. XDR advantageous.Programming and Scripting: Skilled in scripting languages like Python, Bash, or PowerShell for automation tasks.Networking and Systems: Understanding of network protocols, operating systems, and common IT infrastructure.Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or SANS GIAC certifications can be advantageous.Practical experience with security operations, incident response, and automation tools is highly valued.Threat Analysis: Ability to analyse complex security data and logs to identify patterns indicative of security threats.Problem-Solving: Strong problem-solving skills to develop effective detection and automation solutions.Join us as we harness edge technologies and unlock opportunities on a global scale. Together, let's sail towards a brighter, more sustainable future with Maersk!Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing.
#J-18808-Ljbffr
