Job Description

The Security Engineer plays a crucial role in ensuring the security and compliance of cloud

environments. They combine deep technical knowledge of AWS services with security

expertise to protect cloud infrastructure, applications, and data. Their work involves a mix of

hands-on technical tasks, strategic planning, and cross-functional collaboration to maintain a

robust security posture in AWS environments.

• Design, implement, and maintain security controls for AWS cloud environments

• Analyze the security of applications and services, discovering and addressing security

issues

• Manage security automation and tools to enhance cloud security

• Conduct security reviews for new products, technologies, and services

• Implement industry best practices, including threat modelling and security testing

• Support the vulnerability remediations in the AWS accounts.

• Manage day to day ticket operations of the security team.

• Understand the Risk acceptance request and guide the product team accordingly for

troubleshooting and suppression cases.

• Support incident response and vulnerability management processes.

• Knowledge in the vulnerability dashboards tools, AWS Conformance packs, SIEM and

other security tools.

ADDITIONAL RESPONSIBILITIES

• Create security guidance and documentation

• Participate in Product team and application owner security assessments

• Automate security testing and auditing to prevent regressions

• Implement a tools-driven approach to deliver key security management processes

• Require 5-6 years of technology experience.

• At least 3-5 years of experience in AWS Cloud security Operations with large

multinational organisations.

• Expert-level knowledge of AWS services and security best practices.

• Proficiency in cloud security tools, including Cloud WAF and Bot Management

Technologies

• Develop and maintain security controls across AWS accounts, VPCs, and workloads.

• Configure and manage AWS security services: GuardDuty, Security Hub, CloudTrail,

AWS Config, Inspector, Macie, etc.

• Work with SOC on identifying the risk acceptance requirements and share feedback.

• Lead investigation and response to cloud security events.

• Create automated monitoring, alerting, and remediation workflows using

EventBridge, Lambda, and Step Functions.

• Strong understanding of network protocols and security (TCP/IP, SSL/TLS, IPSEC,

HTTP/S).

• Coordinate with the team for vulnerability scanning, configuration validation, and log

analysis.

• Work with DevOps to integrate security controls into GitOps pipelines.

• Familiarity with cryptography and secure coding practices.

• Proficiency in scripting and programming languages (e.g., Python, Java, Ruby).

• Experience with log management and correlation systems (e.g., Splunk, ELK).

• AWS certifications (e.g., AWS Certified Security – Specialty) are highly desirable. •

Advantage to have AWS Certified Advanced Networking – Specialty

With a fleet of 313 modern container ships and a total transport capacity of 2.5 million TEU, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 14,000 employees and 400 offices in 140 countries. Hapag-Lloyd has a container capacity of 3.7 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 133 liner services worldwide ensure fast and reliable connections between more than 600 ports on all the continents. In the Terminal & Infrastructure segment, Hapag-Lloyd has equity stakes in 21 terminals in Europe, Latin America, the United States, India and North Africa. Around 3,000 employees are assigned to the Terminal & Infrastructure segment and provide complementary logistics services at selected locations in addition to the terminal activities.