OT Security Engineer

Joining Maersk T&L will embark you on a great journey with career development in a global organisation. As an OT Security Engineer, you will gain broad business knowledge of the company’s activities globally, as well as understand how the com-plexity of IT supports the transport and logistics business.

At Maersk we value the diversity of our talent and will always strive to recruit the best person for the job – we value diversity in all its forms, including but not limited to: gender, age, nationality, race, sexual orientation, disability or religious beliefs. We are proud of our diversity and see it as a genuine source of strength for building high performing teams

• Work with your scrum team colleagues to break user stories into concrete tasks for the scrum team and facilitate their prioritization to optimize delivery time of a whole epic.
• Develop and deliver user stories together with the scrum team.
• Work closely with other interdependent engineers and solution architects to produce technical requirements and ensure solutions work together and fulfill business needs.
• Work with the team to create sprint plans.
• Instilling quality by adhering to a Definition of ready and Definition of Done.
• Willingness to work to the Team Working Agreement.
• Working and adapting your plan as required to reach the Sprint Goal.
• Holding each other accountable as professionals.
• Work as team to provide an accurate estimation of the development time to the product owners.
• Activity participate in the scrum ceremonies.
• Responsible for establishing and providing specialist consultancy on Industrial Control Systems/Supervisory Control And Data Acquisition (ICS/SCADA) and Enterprise Security Solutions (ESS)
• Responsible for embedding the principles of the Cyber Security Platform throughout Maersk OT
• Responsible for security testing coordination (code reviews and penetration testing) and manage execution in collaboration with external vendors
• Responsible for advice and guidance to stakeholders on implementing suitable, cost-effective security measures throughout the development phases (Agile/DevOps)
• Responsible for supporting the Cyber Security Platform in early stages to provide a solid security foundation for IT and Operational Technology (OT) innovations.
• Responsible for the development of high-level and low-level architecture designs, including recommended security controls, for complete IT/OT security
• Responsible for supporting the Information Security Consultancy team with research and development on current and emerging security trends and threats in OT.
• Responsible for incorporating of Maersk Information Security cyber threat intelligence into the consideration of safety and resilience in the design and development of OT/IT systems
• Responsible for carrying out treatment and tracking of identified risks in Cyber Security Projects in order to ensure that security is properly embedded at delivery.

• Your scrum team colleagues
• Product & Solution Engineering
• Infrastructure Engineering teams
• Security Operations
• Cyber Security Risk and Compliance Teams
• Enterprise Architecture
• Maersk Product Managers

• Maersk Customers

• Bachelors degree in Computer Science, Computer Engineering or related field, or 5+ years relevant work experience
• Experience with working in an agile environment.
• Experience with application of Cyber Security within DEVSECOPS with a good understanding of customer centric design principles and software development.
• Ability to manage conflicting priorities and multiple tasks
• Proven ability to work and effectively prioritize in a dynamic, collaborative and decentralized work environment
• Attention to detail
• Excellent written and verbal communication skills, able to be understood by technical and non-technical personnel
• Handles most situations independently but will timely seek advice and guidance on more complex issues
• Stakeholder management and interpersonal skills at both a technical and non-technical level
• Outstanding critical reasoning and problem-solving skills – sticks to the problem until it is resolved
• Being able to explain complex ideas in a concise manner
• Being able to articulate the risks in a language that the business understands
• One or more Information Security Certifications (e.g. CISSP, CISM, CSP, SCCP, Ethical hacking) are required
• Broad general IT knowledge (networks, architecture, Cloud etc).
• Broad general OT knowledge (ICS/SCADA)
• Solid industrial security relevant experience including Information Security and Risk Management experience and ICS/SCADA engineering experience.
• Knowledge of international regulatory and compliance frameworks.
• Knowledge of framework implementation and architecture design compliant with IEC62443.
• Knowledge and understanding of securing cloud technologies.
• Knowledge and understanding of securing interconnectivity of industrial systems, the enterprise and third parties, integrated with security monitoring solutions,