Cyber Manager

A.P. Moller - Maersk is an integrated container logistics company and member of the A.P. Moller Group. Connecting and simplifying trade to help our customers grow and thrive. With a dedicated team of over 80,000, operating in 130 countries; we go all the way to enable global trade for a growing world. We leverage cutting-edge technology to optimize operations, enhance customer experience, and drive business growth.

We are looking for a Cyber Manager specialising in Threat Exposure Management within the ‘Identify’ Capability. The ‘Identify’ capability focusses on managing the attack surface and continually evaluating the accessibility, exposure, and exploitability of our environments and assets. This involves in supporting building and running all the services (technology, people and process) to perform Threat Exposure Management along with responsibility for managing the output and working with stakeholders to close any discovered issues.

The Cyber Manager for Threat Exposure Management is responsible for leading the enterprise-wide operations, and continual evolution of the organisation’s threat exposure management lifecycle and reduction programmes within a given scope, and reports to the Senior Cyber Manager – Threat Exposure Management. This role ensures that exposures across infrastructure, applications, identities, cloud, OT/IoT, AI, and third-party ecosystems are proactively identified, prioritised, validated, and remediated in alignment with business risk and operational resilience requirements.

The successful candidate must demonstrate a strong track record in leading [also as a people manager] high-performing technical teams and fostering a culture of technical excellence. They will bring market-proven knowhow to establish industry-driven threat exposure management practices, whilst effectively influencing stakeholders across the organisation. The candidate must also bring advanced technical expertise in threat exposure, vulnerability management and defensive and offensive security, with the ability to lead deep technical discussions and conduct complex analysis across some of the following technologies: IT, OT, Cloud, Applications, Data, Identities, Code and AI-driven environments.

Key Responsibilities:

> Threat Exposure Management and Vulnerability Management

• Lead the technical direction and operational governance of Threat Exposure and Vulnerability Management across heterogeneous environments, including enterprise IT, OT/ICS systems (PLC, SCADA, DCS), multi-cloud architectures (such as Azure, AWS, GCP), container platforms, Kubernetes clusters, application stacks, CI/CD pipelines, Data, Identity, source-code repositories and AI/ML ecosystems.
• Oversee the full threat exposure lifecycle: continuous asset discovery, authenticated scanning, passive/active enumeration, exploitability analysis, threat correlation, prioritisation logic, risk acceptance workflows and exception governance.
• Ensure end-to-end integration with asset intelligence platforms, CMDB, CSPM, vulnerability scanners, code-security toolchains (SAST, SCA, DAST, IaC, secret scanning), and ASM/EASM technologies, establishing high-fidelity visibility across all attack-surface domains.
• Collaborate with Threat Intelligence to operationalise threat-led prioritisation, mapping exploit campaigns, adversary TTPs and industry-specific threat trends to internal exposure data. Align Vulnerability Management (VM) and Continuous Threat Exposure Management (CTEM) with predictive models and real-time intel feeds.
• Direct technical coordination with Red Team and Incident Response to validate exploit paths, confirm actual attack feasibility, and translate validation findings into actionable remediation and control enhancements, partnering with Protect capability and Issues Engineers.
• Govern cloud exposure management across CSPs, ensuring deep visibility into misconfigurations, identity privileges, network paths, storage exposures, API endpoints and container orchestration layers.
• Extend VM and CTEM coverage into OT/ICS environments with risk-aware, non-disruptive methods. Coordinate with OT Security teams to identify vulnerabilities, weak configurations, outdated firmware, and unmanaged assets.
• Manage Vulnerability and Threat Exposure Management across Identity services, including account hygiene, privileged-access pathways, directory health, DNS/DHCP configurations, PKI integrity, authentication flows, domain controller posture, and any identity-linked misconfigurations that create exploitable attack paths.
• Oversee AI/ML exposure across data ingestion pipelines, model training and deployment layers, ensuring identification of risks such as model inversion, data poisoning, prompt injection, insecure model APIs and ungoverned LLM integrations.

> Operational Excellence & Quality Obsession

• Maintain functional metrics and KPIs, delivering performance at or above agreed targets to support operational excellence.
• Develop and uphold operational dashboards, SOPs, workflows, playbooks and service definitions, ensuring high-quality, consistent, standards-driven service delivery.
• Lead remediation governance, risk-acceptance workflows, escalation pathways and exception management processes.
• Enable effective cross-team coordination across Cyber Functions such as Identity, Respond, Detect, Protect, Strategy, Delivery, Platform Engineering, Threat Intelligence, Architecture, Risk, Issues Engineers and Portfolio Cyber Leads.

> Reporting, Analytics & Metrics

• Deliver comprehensive operational dashboards and KPIs covering key areas of the attack surface such as scanning coverage, vulnerability spread, backlog trends, survival and churn rates, threat posture, exposure windows, exploitability indicators, and Critically Exposed Assets (CEA) pipeline performance.
• Ensure reporting is accurate, timely and aligned to leadership expectations, enabling data-driven decision-making and clear visibility of exposure and progress.
• Maintain structured analytics frameworks to measure remediation effectiveness, prioritisation accuracy and overall functional performance across all attack-surface domains.
• Partner with Operational Insights to provide insights and trend analysis that support continuous improvement, strategic planning and operational excellence across Cyber Operations.

We are looking for?

• 8–10+ years of progressive experience in enterprise cyber security with demonstrable in-depth technical expertise across Threat Exposure Management, Vulnerability Management, Defensive and Offensive Security, Application Security, Cloud Security, OT/ICS Security, Data and Identity Security, and AI/ML Security.
• Experience must span large-scale, heterogeneous environments with complex technology stacks. Certifications such as CISSP, CISM and GIAC (GMON, GICSP, GWEB, GCSA) are advantageous, but equivalent hands-on technical capability, advanced analytical proficiency, and a strong record of continuous learning and practical security training are essential.
• Proven experience in directly managing a team of Threat Exposure and Vulnerability Management Analysts, including mentoring, developing and guiding security professionals within a collaborative, high-performing environment.
• Strong strategic and visionary capabilities, with the ability to co-develop and drive the function’s technical vision, strategy and roadmap in alignment with business objectives and the organisation’s threat appetite.
• Deep knowledge of vulnerability management, threat exposure management, exploit development concepts, exposure validation, and remediation governance.
• Strong understanding of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE / CVSS, and NIST SP 800-53.
• Robust expertise across technical domains such as IT, OT, Cloud, network security, container environments, and identity-centric security.
• Proven capability in AppSec, secure coding practices, CI/CD and IaC security, and DevSecOps tooling.
• Solid understanding of AI/ML architecture, AI security threats, LLM exposure risks, and secure integration patterns.
• Hands-on expertise with tooling in different landscapes: VM, ASM/EASM, AppSec, Cloud, OT, Data, Identity, AI.
• Serve as the advisor and central point of contact for all Threat Exposure and Vulnerability Management matters across the organisation within a given scope.
• Build strong relationships with industry partners, vendors, and the wider technology ecosystem to incorporate external expertise, benchmark performance, and stay ahead of emerging threats and vulnerability trends.
• Develop trusted relationships across Cyber, Portfolio teams, Engineering, and Business functions, anchored in transparency, accountability, and the organisation’s core values.
• Lead by example in strengthening collaboration, breaking down silos, and cultivating high-performing cross-functional networks.
• Promote a values-driven culture that embraces diversity, inclusion, and collective ownership of cyber risk.
• Champion staff education, awareness, and secure behaviours to embed a proactive, cyber-aware mindset across the organisation.
• Foster a responsive, delivery-focused culture that partners effectively with Technology and Business units to drive timely resolutions and value-led security outcomes.

#LI-SS1

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing  [email protected].