Description The Incident Response Manager (m/f/d) is responsible for overseeing the management and coordination of Threat Detection and Response (TDR) activities across Hapag-Lloyd, ensuring effective day-to-day operations within the TDR team. For this role, a successful candidate will need strong leadership and management skills and be proactive in advancing TDR capabilities on behalf of Hapag-Lloyd. They must ensure the timely and accurate execution of security incident response activities and collaborate closely with other teams within the Cyber Security Operations organization. Additionally, the role includes contributing to strategic planning for TDR processes, toolsets, and methodologies to keep pace with evolving cyber threats. An ideal candidate will understand the critical role incident response plays and know how to apply insights from TDR activities to improve threat detection strategies and response playbooks. Technical expertise in security incident response methodologies, including digital forensics, is essential. You will oversee operations to ensure they are well-structured and effectively prioritized. Delivering regular performance reports and operational briefings to stakeholders, based on in-depth analysis of security incidents and their business impact on the organization, is a key component of this role. Responsibilities Lead and manage our threat detection and response strategies, plans, capabilities, activities, and improvements. Oversee the daily operations of the TDR team, ensuring timely, accurate, and effective security incident response and proactive threat hunting activities. Serve as a primary liaison between technical teams and business units to reduce the impact of security incidents and maintain business operations. Guide and mentor the TDR team, fostering a collaborative and cohesive environment, promoting knowledge sharing, and encouraging continuous improvement. Develop and maintain TDR playbooks, defining procedures, best practices, and escalation protocols to enhance response capabilities. Review incident response cases, offering guidance on anomaly-based detection, and facilitating improvements in detection and analysis. Provide timely and detailed post-incident reports, summarizing root cause analyses, and making recommendations to stakeholders and executive sponsors. Drive the continuous improvement of processes and procedures. Qualifications Master’s or bachelor’s degree Information Technology, Cybersecurity, or related field. Five years of experience in cybersecurity, with a primary focus on Threat Detection and Response (TDR) functions in large companies. Experience in incident response, security monitoring, digital forensics and/or advanced malware analysis. Proven experience in a managerial role within TDR, demonstrating the ability to lead and coordinate a high-functioning team. Strong understanding of TDR principles, including security products, network protocols, data center operations, and cloud computing. Familiarity with cybersecurity tools and platforms, including Microsoft Sentinel, Microsoft Defender, IBM QRadar, and Palo Alto, to enhance monitoring and response functions. Experience in identifying, managing, and producing executive-level incident updates, reports, and recommendations to guide decision-making and risk management.