Scrum Team Security Engineer

Maersk | Posted 23-02-2021

København (Generelt IT)

Maersk is going through a time of unprecedented change, transforming our business to becoming the global integrator of container logistics. We are transforming into a product and platform led organisation and undertaking an agile transformation across our enterprise.
In this role you will become a key part of our scrum teams in our newly established cyber security platform where we develop cyber security products and services to our customers thereby providing a cyber secure IT environment for our colleagues, customers and third parties we collaborate with.
You will be part of forming a new platform within Maersk and you are expected to contribute to our agile journey. Being part of Maersk means working and communicating across geographical and cultural borders that will enable you to build a strong professional network. We will provide you with opportunities to broaden your knowledge and strengthen your technical and professional foundation.

We offer

Joining Maersk T&L will embark you on a great journey with career development in a global organisation. As a Scrum Team Security Engineer you will gain broad business knowledge of the company’s activities globally, as well as understand how the com-plexity of IT supports the transport and logistics business.
At Maersk we value the diversity of our talent and will always strive to recruit the best person for the job – we value diversity in all its forms, including but not limited to: gender, age, nationality, race, sexual orientation, disability or religious beliefs. We are proud of our diversity and see it as a genuine source of strength for building high performing teams

Key responsibilities

  • Work with your scrum team colleagues to break user stories into concrete tasks for the scrum team and facilitate their prioritization to optimize delivery time of a whole epic.
  • Develop and deliver user stories together with the scrum team.
  • Work closely with other interdependent engineers and solution architects to produce technical requirement and ensure solutions work together and fulfill business needs.
  • Work with the team to create sprint plans.
  • Instilling quality by adhering to a Definition of ready and Definition of Done.
  • Willingness to work to the Team Working Agreement.
  • Working and adapting your plan as required to reach the Sprint Goal.
  • Holding each other accountable as professionals.
  • Work as team to provide an accurate estimation of the development time to the product owners.
  • Activity participate in the scrum rituals.

Primary internal stakeholders:
  • Your scrum team colleagues
  • Product & Solution Engineering
  • Infrastructure Engineering teams
  • Security Operations
  • Cyber Security Risk and Compliance Teams
  • Enterprise Architecture
  • Maersk Product Managers.

Primary external stakeholders:
  • Maersk customers

We are looking for

  • Bachelors degree in Computer Science, Computer Engineering or related field, or 5+ years relevant work experience
  • Experience with working in an agile environment.
  • Experience with application of Cyber Security within DEVSECOPS with a good understanding of customer centric design principles and software development.
  • Excellent written and verbal communication skills with Stakeholder management and interpersonal skills at both a technical and non-technical level
  • Ability to manage conflicting priorities and multiple tasks
  • Proven ability to work and effectively prioritize in a dynamic, collaborative and decentralized work environment
  • Attention to detail
  • Knowledge of compliance standards like CIS, NIST in conjunction with PCI-DSS and GDPR. With working knowledge of secure development practices and standards such as OWASP and BSIMM especially on cloud providers
  • Identifying the need for new, or changes to existing, security patterns for API (Authorisation and OAuth 2.0 for key data), EDI and Event Streaming
  • Threat Modelling and Security testing Experience, to identify any security risks before live deployment (DAST and SAST)
  • Development experience in .Net and/or Java. Experience with scripting (e.g. python, ruby, bash). Knowledge of XML and JSON. Hands on Azure security configuration and scripting skills
  • Demonstrable experience and execution of security automation, and configuration of Azure cloud native tools to maximise their effectiveness
  • Microsoft Azure certifications, e.g. Azure Security Engineer, Azure DevOps Engineer, Azure Solutions Architect
  • Exposure across one or more of the following: Identity Governance; Access Management; Privileged Access Management; Customer Identity, Enterprise Identity, OT Identity, Identity for M&A
  • Working with one or more of the following technologies: Saviynt; CyberArk; Azure; ForgeRock; SAP HR; WorkDay;
  • Business analysis experience such as requirements gathering and modelling use cases and scenarios
  • Business development experience supporting new features and solutions to meet business requirements