Senior Engineer, Maritime Cybersecurity

Journey with us! Combine your career goals and sense of adventure by joining our exciting team of employees. Royal Caribbean Group is pleased to offer a competitive compensation and benefits package, and excellent career development opportunities, each offering unique ways to explore the world.

The Royal Caribbean Group’s Global Information Security Team has an exciting career opportunity for a full-time Senior Engineer, Maritime Cybersecurity reporting to the Senior Manager, Maritime & Destinations.

The position is onsite and based in Miramar, Florida.

Position Summary:

The Senior Maritime Cybersecurity Engineer is a key individual contributor responsible for executing RCL's maritime cybersecurity strategy and program initiatives. Serving as subject matter expert, they provide guidance and expertise to peers and leadership across RCL’s shipboard lines of business regarding maritime cyber risks. The role involves ensuring the implementation and maintenance of systems within shipboard environments—including OT navigation/bridge, marine engineering, IT hotel operations, and ET entertainment technology—adhering to maritime cybersecurity guidelines and corporate information security standards. Additionally, this position plays a vital role in influencing IT and maritime business units to enhance awareness of the maritime cybersecurity program and their responsibilities in safeguarding passengers, crew, and critical maritime systems.

Essential Duties and Responsibilities:

• The role will be an individual contributor providing cyber risk management and assurance expertise so that systems located within or connected to RCL shipboard environments consisting of Operational Technology (OT) navigation/bridge, marine engineering, IT hotel operations systems, and onboard entertainment systems (ET), are protected and maintained, adhering to maritime cybersecurity guidelines and corporate information security standards.
• This key position will also help influence IT and maritime business units to raise awareness of the maritime cybersecurity program and their role in ensuring the safety of our passengers, crew, and maritime IT/OT/ET systems.
• Key contributor to the protection of shipboard IT and OT systems and processes to appropriately reduce existing and emerging risks to RCL maritime assets.
• Leverage information security activities and technologies to raise cyber situational awareness and protection.
• Ensure that maritime cybersecurity technology intended to protect shipboard systems and information is configured and operating per established standards.
• Develop technical standards, architectural/engineering diagrams, and procedures for shipboard and newbuild I.T. and marine operations units regarding how to securely configure and implement IT, ET and OT technology.
• Define and track assigned remediation tasks to ensure that shipboard IT, ET and OT vulnerabilities and defects are mitigated in a timely manner to reduce risk to systems and information.
• Where potential system weaknesses are identified, partner with other team members within Information Security, I.T. and business units to implement compensating controls.
• Review, interpret and explain complex maritime cyber guidelines and future regulations such as BIMCO Cybersecurity Guidelines for Ships, U.S. Coast Guard security requirements, and International Maritime Organization (IMO) to peers, IT management, IT staff, and non-technical team members as required to drive improve understanding, awareness, and adoption.
• Establish and manage relationships with engineering and operational staff within I.T, Marine Operations, Newbuild, Global Security and relevant business units and third-party marine and IT shipboard suppliers to assess their cyber assurance program and ensure that there is an effective understanding of responsibilities within their areas.
• Contribute with a high degree of self-sufficiency and resourcefulness individual and departmental performance objectives.
• Demonstrate a high degree of motivation to maintain technical skills and cybersecurity knowledge relevant by seeking self-development opportunities such as industry certifications, investing time to learn new skills, and networking with peers in the security industry.
• Actively engage in liaison activities with maritime industry associations, peer institutions, regulatory and contractual agencies/organizations and IS information sharing communities.

Qualifications, Knowledge and Skills:

• Must have an understanding of Window Active Directory OU, GPO and group permission concepts.
• Proven technical expertise across IT systems (applications, networks, etc.) and information security products (i.e. Firewalls, IPS, SIEM, CrowdStrike) and application security/vulnerability testing tools/techniques. (Nexpose, Nessus, Nipper, etc...)
• Experience with Axonius, CrowdStrike, nMAP, MECM, DarkTrace, Phantom, Splunk, Polarity, Spirion, Atlassian Suite (Jira, Confluence, etc..), Service Now preferred.
• Ability to recognize the use of enterprise applications and understand how to leverage the applicability between them for different scenarios.
• Ability to identify and prioritize remediation activities based on risk to the overall shipboard enterprise.
• Knowledge and experience with performing shipboard cybersecurity assessments of bridge, navigation, marine engineering, hotel operations IT, and onboard entertainment systems preferred.
• Understanding of OT systems (ICS, Engine Control, HVAC, Water Treatment, Power Generation & Management) and Navigation Systems (ECDIS, GPS, Dynamic Positioning Systems, Voyage Management Systems). Knowledge of Marine Engineering preferred
• Understanding of cybersecurity controls related to a number of cybersecurity frameworks/guidelines such as NIST Cybersecurity Framework and IMCO/CLIA/ICS/INTERCARGO/NIST/IACS/UR E26-E27 Cybersecurity Guideline.
• Must have competent verbal and written communication abilities; interpersonal collaborative skills; and the ability to communicate IS and risk-related concepts technical and non-technical audiences.
• Demonstrates strong organization skills and time management.
• Ability to manage multiple tasks / projects while ensuring deadlines are met.
• Displays sound judgment with a high level of integrity, ethics and ability to calmly, diplomatically and effectively deal with stressful situations.
• Able to formulate, communicate exceptions/findings and technical solutions.
• Strong with methodologies, tools, best practices and processes within specific area of responsibility.
• Proven decision-making, reporting, communication and skills.
• Demonstrate a degree of creativity with adept analytical and problem-solving skills.
• Strong with methodologies, tools, best practices and processes within specific area of responsibility.
• Proven decision-making, reporting, communication and skills.
• Ability to influence technical resources both within the company and at third party vendors.
• Bachelor’s degree, preferably in technical discipline, Information Assurance, Cybersecurity, or equivalent industry experience.
• Networking experience preferred.
• At least 7 years of experience within Information Security

Power Skills:

• Action Oriented
• Collaborates Effectively
• Communicates Effectively
• Drives Results
• Situational Adaptability

We know there's a lot to consider. As you go through the application process, our recruiters will be glad to provide guidance, and more relevant details to answer any additional questions. Thank you again for your interest in Royal Caribbean Group. We'll hope to see you onboard soon!

It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. Royal Caribbean Group and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.

#LI-SS1