Senior Cyber Manager - Threat Exposure Management

Job Description

A Cyber Security Capability is defined as a fusion of people, process and technology which is designed to achieve an effect on specified assets within a defined environment to deliver appropriate risk mitigation through operational controls.

Those Capabilities are comprised of teams working together to deliver thorough Frontline Cyber Ops services that encompass every aspect of operating processes and platform-provided capabilities, ensuring seamless and efficient service operations throughout the entire lifecycle, specifically designed to proactively defend Maersk against an ever-changing threat landscape.​ This role is for a Senior Cyber Manager specialising in Threat Exposure Management within the ‘Identify’ Capability.

The ‘Identify’ capability focuses on managing the attack surface and continually evaluating the accessibility, exposure, and exploitability of our environments and assets. This involves in supporting building and running all the services (technology, people and process) to perform Threat Exposure Management along with responsibility for managing the output and working with stakeholders to close any discovered issues.

The Senior Cyber Manager for Threat Exposure Management is responsible for leading the enterprise-wide operations, and continual evolution of the organisation’s threat exposure management lifecycle and reduction programmes, and reports to the Capability Lead for Identify & Protect.

This role ensures that threat exposures across infrastructure, applications, identities, data, code, cloud, OT/IoT, AI, and third-party ecosystems are proactively identified, prioritised, validated, and remediated in alignment with business risk and security posture appetite.

The successful candidate must demonstrate a strong track record in leading [also as a people manager] high-performing technical teams and fostering a culture of technical excellence. They will bring market-proven know-how to establish industry-driven threat exposure management practices, whilst effectively influencing stakeholders across the organisation. The candidate must also bring advanced technical expertise in threat exposure, vulnerability management and defensive and offensive security, with the ability to lead deep technical discussions and conduct complex analysis across IT, OT, Cloud, Applications, Data, Identities, Code and AI-driven environments.

Key Responsibilities:

Threat Exposure Management and Vulnerability Management

• Lead the technical direction and operational governance of Threat Exposure and Vulnerability and Management across heterogeneous environments, including enterprise IT, OT/ICS systems (PLC, SCADA, DCS), multi-cloud architectures (such as Azure, AWS, GCP), container platforms, Kubernetes clusters, application stacks, CI/CD pipelines, Data, Identity, source-code repositories and AI/ML ecosystems.
• Oversee the full threat exposure lifecycle: continuous asset discovery, authenticated scanning, passive/active enumeration, exploitability analysis, threat correlation, prioritisation logic, risk acceptance workflows and exception governance.
• Ensure end-to-end integration with asset intelligence platforms, CMDB, CSPM, vulnerability scanners, code-security toolchains (SAST, SCA, DAST, IaC, secret scanning), and ASM/EASM technologies, establishing high-fidelity visibility across all attack-surface domains.
• Collaborate with Threat Intelligence to operationalise threat-led prioritisation, mapping exploit campaigns, adversary TTPs and industry-specific threat trends to internal exposure data. Align Vulnerability Management (VM) and Continuous Threat Exposure Management (CTEM) with predictive models and real-time intel feeds.
• Direct technical coordination with Red Team and Incident Response to validate exploit paths, confirm actual attack feasibility, and translate validation findings into actionable remediation and control enhancements, partnering with Protect capability and Issues Engineers.
• Govern cloud exposure management across CSPs, ensuring deep visibility into misconfigurations, identity privileges, network paths, storage exposures, API endpoints and container orchestration layers.
• Extend VM and CTEM coverage into OT/ICS environments with risk-aware, non-disruptive methods. Coordinate with OT Security teams to identify vulnerabilities, weak configurations, outdated firmware, and unmanaged assets.
• Manage Vulnerability and Threat Exposure Management across Identity services, including account hygiene, privileged-access pathways, directory health, DNS/DHCP configurations, PKI integrity, authentication flows, domain controller posture, and any identity-linked misconfigurations that create exploitable attack paths.
• Oversee AI/ML exposure across data ingestion pipelines, model training and deployment layers, ensuring identification of risks such as model inversion, data poisoning, prompt injection, insecure model APIs and ungoverned LLM integrations.

Operational Excellence & Quality Obsession

• Maintain functional metrics and KPIs, delivering performance at or above agreed targets to support operational excellence.
• Develop and uphold operational dashboards, SOPs, workflows, playbooks and service definitions, ensuring high-quality, consistent, standards-driven service delivery.
• Lead remediation governance, risk-acceptance workflows, escalation pathways and exception management processes.

Reporting, Analytics & Metrics

• Deliver comprehensive operational dashboards and KPIs covering key areas of the attack surface such as scanning coverage, vulnerability spread, backlog trends, survival and churn rates, threat posture, exposure windows, exploitability indicators, and Critically Exposed Assets (CEA) pipeline performance.
• Ensure reporting is accurate, timely and aligned to leadership expectations, enabling data-driven decision-making and clear visibility of exposure and progress.

Required Experience:

• 12–15+ years of progressive experience in enterprise cyber security with demonstrable in-depth technical expertise across Threat Exposure Management, Vulnerability Management, Defensive and Offensive Security, Application Security, Cloud Security, OT/ICS Security, Data and Identity Security, and AI/ML Security.
• Experience must span large-scale, heterogeneous environments with complex technology stacks. Certifications such as CISSP, CISM and GIAC (GMON, GICSP, GWEB, GCSA) are advantageous, but equivalent hands-on technical capability, advanced analytical proficiency, and a strong record of continuous learning and practical security training are essential.

Leadership & Communication

• Proven experience in directly managing a team of Threat Exposure and Vulnerability Management Analysts, including mentoring, developing and guiding security professionals within a collaborative, high-performing environment.
• Strong strategic and visionary capabilities, with the ability to co-develop and drive the function’s technical vision, strategy and roadmap in alignment with business objectives and the organisation’s threat appetite.

Technical Expertise

• Deep knowledge of vulnerability management, threat exposure management, exploit development concepts, exposure validation, and remediation governance.
• Strong understanding of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE / CVSS, and NIST SP 800-53.
• Robust expertise across technical domains such as IT, OT, Cloud, network security, container environments, and identity-centric security.
• Proven capability in AppSec, secure coding practices, CI/CD and IaC security, and DevSecOps tooling.
• Solid understanding of AI/ML architecture, AI security threats, LLM exposure risks, and secure integration patterns.
• Hands-on expertise with tooling in different landscapes: VM, ASM/EASM, AppSec, Cloud, OT, Data, Identity, AI.

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing accommodationrequests@maersk.com.