Head of Cybersecurity

The Head of Cybersecurity is responsible for providing strategic and operational leadership for the Maersk Line Limited cybersecurity program with the purpose of protecting Maersk Line Limited and client information and technical assets. This position is responsible for identifying evaluating and reporting on security risks aligning security posture of the organization in a manner that supports effective protection of information assets and managing and executing security controls in support of Maersk Line Limiteds compliance and regulatory requirements. The Head of Cybersecurity requires leadership with knowledge of business management and a working global knowledge of information security technologies. The Head of Cybersecurity will proactively work with business units to implement practices that meet defined policies and standards for information security.

Key Responsibilities:

• Serve as the organizations senior cybersecurity authority providing strategic direction road-mapping and riskbased guidance.

• Serve as the organizations Chief Information Security Officer (CISO) and Cybersecurity Officer (CySO) to meet US Coast Guard requirements.

• Develop implement and monitor a global strategic comprehensive enterprise information security and risk management program to ensure that the integrity confidentiality and availability of information is owned controlled or processed by the organization.

• Develop maintain and publish up-to-date information security policies standards and guidelines aligned with federal and industry compliance requirements.

• Oversee the approval training and dissemination of security policies and practices.

• Create and manage information security and risk management awareness training programs for all employees contractors and approved system users.

• Provide regular reporting on the current status of the security program to management senior managers and the Board of Directors as required.

• Develop and implement an information security management framework that aligns with our business model our risk profile and our existing compliance initiatives and efforts.

• Provide strategic risk guidance for corporate business IT vessel IT and related IT projects including the evaluation and recommendation of technical controls. Coordinate information security and risk management projects with team managers from across the business unit teams and IT organization.

• Ensure continuous Cybersecurity Maturity Model Certification (CMMC) readiness certification sustainment and continuous compliance activities.

• Ensure alignment with NIST SP 800171 and related federal security frameworks.

• Support audits assessments and reporting requirements for federal contracts and regulatory obligations.

• Actively participate in security professionals meetings forums and workshops representing Company interests and advocating for outcomes in alignment with those interests

• Maintain key relationships with peers within the information security disciplines

• Liaise with the IT architecture teams to ensure alignment between the security and enterprise architectures thus coordinating the strategic planning implicit in these architectures.

• Work with our compliance team to ensure that security and privacy programs comply with relevant laws regulations and policies to minimize or eliminate risk and audit findings.

• Manage vulnerability management security monitoring and security incident response to protect corporate IT assets including intellectual property regulated data and the companys reputation.

• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

• Interface with federal customers auditors and contracting officers as needed.

• Support cybersecurity requirements associated with federal contracts subcontractors and supplychain risk management.

• Liaise with external agencies such as law enforcement and other advisory bodies as necessary to ensure that the organization maintains a strong security posture.

• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions improved security processes and the development of new attacks and threat vectors.

• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction support and in-house consulting in these areas.

• Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals to solicit feedback and to foster co-operation.

• Supports commitment to safety and other selected company standards and certifications

• Performs other position-related duties as specified by management.

Position Specifications:

Education and Experience

• Four-year university degree from an accredited institution or equivalent combination of education and experience.

• Minimum of five (5) years of experience serving as a Chief Information Security Officer (CISO) or equivalent senior cybersecurity leadership role.

• Demonstrated handson experience with CMMC certification efforts including assessments and continuous compliance.

• Experience securing and operating systems in a Microsoft GCCHigh environment.

• Seven plus years of combined experience in information security and risk management

• Experience in driving changes in security functions within multiple organizations.

• Experience with contract and vendor negotiations.

• Experience with National Industrial Security Program Operating Manual (NISPOM)

• Experience with NIST SP 800-171 CMMC ISO 27001 Implementation

• Holds at least one of the following certifications:

• Certified Chief Information Security Officer (CCISO)

• Certified Information Security Management (CISM)

• Certified Information System Security Professional (CISSP)

• Certified Information Security Auditor (CISA)

• ISO 27000 Lead Implementer/Auditor

• Must be eligible for security clearance.

• Excellent communication skills with the ability to translate technical risk into business impact.

Technical Skills and Competencies Required

• Must be a U.S. citizen capable of obtaining a security clearance from the Defense Counterintelligence and Security Agency (DCSA). MLL is a drug-free work environment and requires employees to take random drug tests during their employment with the company.

• This position requires access to vessels and safety sensitive facilities and therefore requires a Transportation Worker Identification Credential (TWIC).

• Demonstrate ability to succeed within fast-paced high-growth environments.

• Strong written and verbal communication skills interpersonal and collaboration skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences up through and including the Board of Directors

• Ability to act calmly and competently in high-pressure high stress situations.

• Must be a critical thinker with strong problem-solving skills.

• Exhibit excellent analytical skills the ability to manage multiple projects under strict timelines as well as the ability to work well in a demanding dynamic environment and meet overall objectives.

• High level of personal integrity as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.

• Strong understanding of network security administration and infrastructure

• Experience in enterprise security architecture design.

• Experience in designing and delivering employee security awareness training.

• Experience in developing Business Continuity Plans and Disaster Recovery Plans

Maersk is an Equal Opportunity Employer. Employment decisions are made without regard to race color gender sex age religion creed national origin ancestry citizenship marital status sexual orientation physical or mental disability medical condition pregnancy or parental leave veteran status gender identity gender expression genetic information or any other characteristic protected by applicable law.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website apply for a position or to perform a job please contact us by calling 757.963.8800 or emailing.