Information Security Manager (Assurance)

Maersk Line
25 Sep 2017
03 Nov 2017
Contract Type
Full Time
Information Security Manager (Assurance) Maidenhead Ref.: ML-149099 Maersk Line, the global containerized division of the A.P. Moller - Maersk Group, is dedicated to delivering the highest level of customer-focused and reliable ocean transportation services. Our vision, built from a strong heritage of uprightness, constant care, and innovation, has guided our business operations since the first Maersk Line vessel sailed in 1904. By remaining committed to that vision we have expanded our business to become the world's largest ocean carrier. And we are consistently recognized as the most reliable container shipping company in the world. Maersk Line offers a competitive salary and good benefits package (details dependent on working location). Maersk Line has embarked on a transformation journey, focusing on a long-term strategy to remain best in class in an industry that is increasingly volatile. At the very core of this strategy lies IT. Viewed as a significant enabler of our company strategy, IT is an area where our top management has made and will continue to make increasing investments in. In Maersk Line IT, we actively engage the business and deliver its needs while undergoing our own transformation. We aim to be a world-class professional IT organization that delivers business value through automation, standardization, increased forecasting capabilities and proactive handling of the market. These are levers that our leadership rely on to maintain a strong and stable presence in the market. We further aim to establish one global platform on which we effectively build systems that allow us to differentiate from our competitors in the market. We Offer Maersk Line is a highly international and inspiring environment with an attractive value proposition for its employees. Our package consists of an externally benchmarked salary, pension scheme, 25 days holiday a year and a number of other attractive benefits. Key Responsibilities As Information Security Manager in the Assurance team, you will be responsible for assessing and reporting the current state of security. This will be done through testing, security assessments, and auditing of systems, processes, third parties and controls. As part of performing assessments, you will make recommendations to improve control effectiveness and work with the Governance and Global security teams to manage the implementation of these changes. In collaboration with the Security Governance team, you will be reporting on compliance levels against security related standards and applicable laws and regulations. * Perform Internal Security Assessments and audits * Report compliance levels against security related standards and applicable laws and regulations * Manage remediation activities and audit findings * Conduct assessments of Third Parties contracts and compliance * Conduct configuration and documentation reviews * Establish and measure meaningful security metrics * Run social engineering assessments * Perform vulnerability assessments * Coordinate External Penetration Tests * Manage external Audits * Measurement and reporting of control effectiveness * Promote Information Security good practices and represent Information Security on all levels within T&L Division Who we are looking for * A Master's degree in computer sciences, information management or another related area (a Bachelor degree can be accepted if experience is extensive); * Broad general IT knowledge (networks, architecture, Cloud etc). * Proven experience of information security in a global and similar size business; * Experience conducting security assessments or penetration tests in a complex, global environment * Experience of conducting and managing IT Audits * Knowledge of international regulatory and compliance frameworks * Proven ability to work and effectively prioritize in a dynamic and decentralized work environment; * One or more Information Security Certifications (e.g. CISSP, CISM, CISA, SSCP. Ethical hacking) are required * Able to demonstrate knowledge and understanding of current information security events and trends * Strong personal impact with excellent communication and interpersonal skills at all levels of the business * Handles most situations independently but will timely seek advice and guidance on more complex issue * Naturally inquisitive with a flair for complex problem solving * Being able to explain complex ideas in a concise manner * Being able to articulate the risks in a language that the business understands * Strong situational analysis and decision making abilities * Excellent planning and organisational skills * High attention to detail * Able to work under pressure and meet deadlines * Must be highly reliable, trustworthy and honest
This job was originally posted as