Cloud Security Engineer
Share
Job Location:
Monthly Salary:
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
We are hiring Cloud Security Engineer to uplift our AppSec engineering capability and own the availability reliability integration and lifecycle of the SDLC security toolchain. This is a platform engineering role. Our AppSec toolset currently centres on GitHub Security following the retirement of Black Duck and we expect to onboard a broader end-to-end consolidated application security platform. You will help us run todays tooling well and industrialise what comes next.
Important scope note: Infrastructure-as-Code (IaC) scanning is out of scope for this role (already transitioned and owned elsewhere) but in will be advantages if you have this experience.
Key responsibilities
1. Tooling reliability and operational ownership
- Own day-to-day health of the AppSec tooling stack: availability performance resilience upgrades and lifecycle management.
- Define and maintain SLOs monitoring alerting capacity planning and incident playbooks/runbooks.
- Establish clear support and maintenance procedures aligned to a platform-team model (frontline ops teams consume the tools and deliver the services).
2. SDLC integration and developer enablement
- Build and maintain secure reusable CI/CD integrations (templates standard pipelines reusable workflows).
- Deliver friction-reducing automation: self-service onboarding safe defaults guardrails and consistent configuration across repositories.
- Integrate tooling outputs into operational workflows (ticketing reporting and triage queues owned by frontline ops).
3. Governance access control and enterprise fit
- Ensure tooling aligns to enterprise needs: SSO/SAML RBAC audit logging data handling and platform security requirements.
- Produce clear documentation and reference patterns: how to onboard how to maintain and what good looks like.
- Partner with platform/DevOps teams to make changes safely with minimal business impact.
4. Tool strategy and onboarding (Q4 consolidation)
- Support evaluation activities: hands-on trials integration prototypes scoring input and fit-for-environment validation.
- Plan and execute onboarding/migration: architecture rollout waves communications deprecation strategy and measurable adoption.
- Ensure cost performance and data impacts are understood and controlled.
Skills and experience
Must have
- Strong background in platform engineering DevSecOps or security tooling engineering with a track record of running production-grade tooling.
- Proven experience integrating security tooling into CI/CD at scale (workflow templates reusable automation API integration).
- Proven experience onboarding security tooling from scratch including requirements gathering drafting RFI/RFP documents vendor scoring proof-of-concepts evaluation contract finalisation structured adoption planning and leading enterprise-scale rollout/migration.
- Solid scripting/coding ability (e.g. Python Go or similar) and comfort with infrastructure-as-code concepts.
- Good operational instincts: debugging incident response change management and writing runbooks people actually use.
- Ability to work across teams and influence outcomes without owning everyones priorities.
- Ability to translate technical concepts into clear pragmatic options for senior stakeholders product owners and engineering teams.
- Strong documentation habits: runbooks onboarding guides reference architectures and decision records that stay current.
Nice to have
- Experience building or operating an end-to-end AST stack (SAST DAST Secrets SCA SBOM runtime signals).
- Familiarity with GitHub security configuration at enterprise scale (policy standardisation repo onboarding automation reporting).
- Experience with vendor onboarding/migrations (RFI/RFP support pilots phased rollout).
What would success looks like (first 612 months)
- Tooling availability is stable and measurable (SLOs dashboards low unplanned downtime).
- Onboarding is repeatable and self-service with consistent patterns across teams.
- Scan failures and integration issues reduce materially due to better standards and automation.
- Q4 tool onboarding is executed in controlled phases with minimal disruption and clear adoption outcomes.
#LI-SS1
Maersk is committed to a diverse and inclusive workplace and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race colour gender sex age religion creed national origin ancestry citizenship marital status sexual orientation physical or mental disability medical condition pregnancy or parental leave veteran status gender identity genetic information or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.
We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website apply for a position or to perform a job please contact us by emailing .
Required Experience:
IC
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
About Company
Maersk Line is a Danish international container shipping company and the largest operating subsidiary of the Maersk Group, a Danish business conglomerate. It is the world's largest container shipping company by both fleet size and cargo capacity, serving 374 offices in 116 countries
