Threat Detection and Response Analyst (m/f/d)

Hapag-Lloyd CISO is accountable on securing our business operations and protecting customer trust through proactive threat prediction, prevention, identification, and rapid incident response to threats, making sure we perform a quick recovery from cyber-related incidents. Our mission is to enable the organization to conduct business safely and efficiently while embedding security into our corporate culture. The CISO team works across Hapag-Lloyd management, business operations, and other divisions to provide secure, usable services that align with our commitment to security as a core value.

Hapag-Lloyd faces an increasingly complex environment where disruptive technologies, new cyber threats, and evolving security regulations pose significant risks. In response, we prioritize digitization and customer-centric solutions as part of Hapag-Lloyd’s core values: “We care, We move, We deliver,” which are integral to everything we do.

• Conduct comprehensive investigations into escalated security incidents, performing root cause analysis and remediation planning to ensure effective threat resolution
• Coordinate responses across the Cyber Security Operations (CySO) team and ensuring accurate, timely information dissemination
• Support the entire security incident lifecycle from detection to closure, ensuring proper documentation, root cause analysis, and coordination with stakeholders
• Perform post-incident analysis, compile and track metrics, and document lessons learned to improve response processes and reduce future risk
• Develop training materials and enhance team capabilities in Threat Detection and Response
• Conduct proactive cyber hunting exercises and assist in strategy development for threat detection and remediation
• Identify workflow automation opportunities to streamline response processes and reduce response times
• Engage in continuous learning, staying updated on emerging threats and enhancing the Threat Detection and Response team’s techniques and effectiveness
• Provide timely and accurate briefings to senior stakeholders, including C-level executives, during major security incident responses
• Ensure compliance with operational procedures, capturing and reporting incident metrics, and identifying opportunities for process improvement

• Master’s or bachelor’s degree or equivalent technical training in Information Technology, Information Systems Security, Cybersecurity, or related field
• At least 3 years of experience in Cybersecurity, with a focus on Threat Detection and Response (TDR) functions (L3-L4 Analyst)
• Proven expertise in security incident investigations, especially at a senior level, with experience in deep threat analysis and remediation
• Demonstrated knowledge of incident response frameworks, such as the Cyber Kill Chain and Diamond Model, with hands-on experience in SIEM systems and network investigations
• Experience with security tools and platforms, ideally; Microsoft Azure Sentinel, Microsoft Defender, QRadar, Palo Alto XSIAM, and other SIEM and logging systems
• Familiarity with network protocols (e.g., DNS, HTTP, SMB, …) and expertise in several OS file system, registry functions, and memory artifacts (e.g., Windows, Linux, Unix, AIX, …)
• Prior relevant experience working in a 24x7 SOC environment with the ability to support high-severity incidents under pressure
• Experience developing security incident escalation procedures and proactive Threat Hunting exercises
• Excellent communication skills, with experience presenting technical information to both technical and non-technical stakeholders
• Industry certifications such as GCIA, GCIH, GCFA, Security+, Network+, or other incident response and threat detection certifications are preferred
• Strong analytical skills, with the ability to dissect complex incidents and produce strategic insights for threat management
• Experience working in Supply Chain, Logistics, Shipping/Transport sectors is a plus.
• Ability to work collaboratively in a team environment and with employees from various departments

With a fleet of 287 modern container ships and a Vessel Capacity 2.2 million TEU, as well as a Container Capacity 3.2 million TEU including one of the world’s largest and most modern reefer container fleets, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 13.500 employees and 400 offices in 139 countries. Hapag-Lloyd has a container capacity of 11.9 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 114 liner services worldwide ensure fast and reliable connections between more than 600 ports across the world. In the Terminal & Infrastructure segment, Hapag-Lloyd has stakes in 20 terminals in Europe, Latin America, the United States, India, and North Africa. The roughly 2.600 employees assigned to the Terminal & Infrastructure segment deal with terminal-related activities and provide complementary logistics services at selected locations.