Job Description

Key Responsibilities:

• Security Monitoring & Incident Response:
• Monitor and analyze security events across SIEM, IDS/IPS, EDR, and OT systems.
• Investigate and respond to security incidents in coordination with global IT teams.
• Conduct root cause analysis and recommend mitigations for incidents.

Threat Detection & Intelligence:

• Implement threat detection use cases tailored to the maritime environment.
• Stay updated on threats targeting the maritime and transport industries (e.g., GPS spoofing, ransomware).
• Correlate threat intelligence with internal events for proactive threat hunting.

Vulnerability Management:

• Work with IT and OT teams to assess vulnerabilities across shipboard and shore-side systems.
• Track and support remediation of identified vulnerabilities.

Security Tooling & Automation:

• Maintain and optimize SOC tools: SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., CrowdStrike, Defender for Endpoint), threat intel platforms, etc.
• Automate repetitive tasks using SOAR or scripting (e.g., PowerShell, Python).

Compliance & Governance Support:

• Assist with internal and external audits (e.g., IMO cybersecurity guidelines, ISPS Code, ISO 27001).
• Support enforcement of security policies and procedures.

Collaboration & Documentation:

• Work closely with shipboard IT, port operations, and cloud security teams.
• Maintain accurate incident logs, playbooks, and documentation.

Required Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• 3–5+ years of experience in Security Operations, Incident Response, or related domains.
• Experience with SIEM platforms, endpoint protection, and log analysis tools.
• Familiarity with OT/ICS security concepts and maritime systems (e.g., ECDIS, AIS, VDR) is a strong plus.
• Understanding of NIST CSF, ISO 27001, or similar security frameworks.
• Strong analytical, communication, and documentation skills.
• Ability to work in a 24/7 on-call rotation if required.

Preferred Qualifications:

• Certifications: GIAC (GCIA, GCIH), OSCP, CEH, CompTIA Security+, or similar.
• Familiarity with cloud security (Azure, AWS).
• Knowledge of maritime-specific cybersecurity regulations (e.g., IMO 2021 guidelines).
• Experience working in a multinational or critical infrastructure environment.

Job Tags

Similar Jobs