Cyber Manager Threat Exposure Management

We are looking for a Cyber Manager specialising in Threat Exposure Management within the Identify Capability. The Identify capability focusses on managing the attack surface and continually evaluating the accessibility exposure and exploitability of our environments and assets. This involves in supporting building and running all the services (technology people and process) to perform Threat Exposure Management along with responsibility for managing the output and working with stakeholders to close any discovered issues.

The Cyber Manager for Threat Exposure Management is responsible for leading the enterprise-wide operations and continual evolution of the organisations threat exposure management lifecycle and reduction programmes within a given scope and reports to the Senior Cyber Manager Threat Exposure Management. This role ensures that exposures across infrastructure applications identities cloud OT/IoT AI and third-party ecosystems are proactively identified prioritised validated and remediated in alignment with business risk and operational resilience requirements.

The successful candidate must demonstrate a strong track record in leading also as a people manager high-performing technical teams and fostering a culture of technical excellence. They will bring market-proven knowhow to establish industry-driven threat exposure management practices whilst effectively influencing stakeholders across the organisation. The candidate must also bring advanced technical expertise in threat exposure vulnerability management and defensive and offensive security with the ability to lead deep technical discussions and conduct complex analysis across some of the following technologies: IT OT Cloud Applications Data Identities Code and AI-driven environments.

Key Responsibilities:

> Threat Exposure Management and Vulnerability Management

• Lead the technical direction and operational governance of Threat Exposure and Vulnerability Management across heterogeneous environments including enterprise IT OT/ICS systems (PLC SCADA DCS) multi-cloud architectures (such as Azure AWS GCP) container platforms Kubernetes clusters application stacks CI/CD pipelines Data Identity source-code repositories and AI/ML ecosystems.
• Oversee the full threat exposure lifecycle: continuous asset discovery authenticated scanning passive/active enumeration exploitability analysis threat correlation prioritisation logic risk acceptance workflows and exception governance.
• Ensure end-to-end integration with asset intelligence platforms CMDB CSPM vulnerability scanners code-security toolchains (SAST SCA DAST IaC secret scanning) and ASM/EASM technologies establishing high-fidelity visibility across all attack-surface domains.
• Collaborate with Threat Intelligence to operationalise threat-led prioritisation mapping exploit campaigns adversary TTPs and industry-specific threat trends to internal exposure data. Align Vulnerability Management (VM) and Continuous Threat Exposure Management (CTEM) with predictive models and real-time intel feeds.
• Direct technical coordination with Red Team and Incident Response to validate exploit paths confirm actual attack feasibility and translate validation findings into actionable remediation and control enhancements partnering with Protect capability and Issues Engineers.
• Govern cloud exposure management across CSPs ensuring deep visibility into misconfigurations identity privileges network paths storage exposures API endpoints and container orchestration layers.
• Extend VM and CTEM coverage into OT/ICS environments with risk-aware non-disruptive methods. Coordinate with OT Security teams to identify vulnerabilities weak configurations outdated firmware and unmanaged assets.
• Manage Vulnerability and Threat Exposure Management across Identity services including account hygiene privileged-access pathways directory health DNS/DHCP configurations PKI integrity authentication flows domain controller posture and any identity-linked misconfigurations that create exploitable attack paths.
• Oversee AI/ML exposure across data ingestion pipelines model training and deployment layers ensuring identification of risks such as model inversion data poisoning prompt injection insecure model APIs and ungoverned LLM integrations.

> Operational Excellence & Quality Obsession

• Maintain functional metrics and KPIs delivering performance at or above agreed targets to support operational excellence.
• Develop and uphold operational dashboards SOPs workflows playbooks and service definitions ensuring high-quality consistent standards-driven service delivery.
• Lead remediation governance risk-acceptance workflows escalation pathways and exception management processes.
• Enable effective cross-team coordination across Cyber Functions such as Identity Respond Detect Protect Strategy Delivery Platform Engineering Threat Intelligence Architecture Risk Issues Engineers and Portfolio Cyber Leads.

> Reporting Analytics & Metrics

• Deliver comprehensive operational dashboards and KPIs covering key areas of the attack surface such as scanning coverage vulnerability spread backlog trends survival and churn rates threat posture exposure windows exploitability indicators and Critically Exposed Assets (CEA) pipeline performance.
• Ensure reporting is accurate timely and aligned to leadership expectations enabling data-driven decision-making and clear visibility of exposure and progress.
• Maintain structured analytics frameworks to measure remediation effectiveness prioritisation accuracy and overall functional performance across all attack-surface domains.
• Partner with Operational Insights to provide insights and trend analysis that support continuous improvement strategic planning and operational excellence across Cyber Operations.

We are looking for

• 810 years of progressive experience in enterprise cyber security with demonstrable in-depth technical expertise across Threat Exposure Management Vulnerability Management Defensive and Offensive Security Application Security Cloud Security OT/ICS Security Data and Identity Security and AI/ML Security.
• Experience must span large-scale heterogeneous environments with complex technology stacks. Certifications such as CISSP CISM and GIAC (GMON GICSP GWEB GCSA) are advantageous but equivalent hands-on technical capability advanced analytical proficiency and a strong record of continuous learning and practical security training are essential.
• Proven experience in directly managing a team of Threat Exposure and Vulnerability Management Analysts including mentoring developing and guiding security professionals within a collaborative high-performing environment.
• Strong strategic and visionary capabilities with the ability to co-develop and drive the functions technical vision strategy and roadmap in alignment with business objectives and the organisations threat appetite.
• Deep knowledge of vulnerability management threat exposure management exploit development concepts exposure validation and remediation governance.
• Strong understanding of common security vulnerabilities attack vectors and security testing frameworks such as OWASP MITRE ATT&CK CVE / CVSS and NIST SP 800-53.
• Robust expertise across technical domains such as IT OT Cloud network security container environments and identity-centric security.
• Proven capability in AppSec secure coding practices CI/CD and IaC security and DevSecOps tooling.
• Solid understanding of AI/ML architecture AI security threats LLM exposure risks and secure integration patterns.
• Hands-on expertise with tooling in different landscapes: VM ASM/EASM AppSec Cloud OT Data Identity AI.
• Serve as the advisor and central point of contact for all Threat Exposure and Vulnerability Management matters across the organisation within a given scope.
• Build strong relationships with industry partners vendors and the wider technology ecosystem to incorporate external expertise benchmark performance and stay ahead of emerging threats and vulnerability trends.
• Develop trusted relationships across Cyber Portfolio teams Engineering and Business functions anchored in transparency accountability and the organisations core values.
• Lead by example in strengthening collaboration breaking down silos and cultivating high-performing cross-functional networks.
• Promote a values-driven culture that embraces diversity inclusion and collective ownership of cyber risk.
• Champion staff education awareness and secure behaviours to embed a proactive cyber-aware mindset across the organisation.
• Foster a responsive delivery-focused culture that partners effectively with Technology and Business units to drive timely resolutions and value-led security outcomes.

#LI-SS1

Maersk is committed to a diverse and inclusive workplace and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race colour gender sex age religion creed national origin ancestry citizenship marital status sexual orientation physical or mental disability medical condition pregnancy or parental leave veteran status gender identity genetic information or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website apply for a position or to perform a job please contact us by emailing .