Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

YOUR ROLE

Are you interested in facilitating the implementation of a comprehensive risk based approach of critical applications? Would you like to work on the steps of risk assessment, risk treatment farming and risk acceptance process handling?

If so, we have the opportunity to make a meaningful and valued contribution, joining us as our Cybersecurity Risk Analyst (GRC) for CMA CGM Group.

This role is open in Puteaux and Marseille.

WHAT ARE YOU GOING TO DO?

• You will be the referent analyst for one or several Business Lines (Shipping, Ships, Logistics, Transport, Corporate Functions, Media, Innovation)
• You will perform security risk assessments following ISO 27005/EBIOS RM methodology
• You will ensure Risk Assessments are documented and communicated as relevant to technical stakeholders and understandable to non-technical audiences.
• You review security architectures, cloud & networks integration for critical application ecosystems
• You identify security objectives & define remediation plans in regard to security policies or standards
• You will act as a technical expert with cybersecurity & IT stakeholders
• You will act as a functional expert/evangelist with Business stakeholders
• You will be a key contributor or project lead for framework enhancement, maturity level improvement, KRIs/KPIs dashboarding reporting
• You will evaluate if appropriate controls are in place and oversee/create actions plans
• You will advise stakeholders on how to apply the relevant remediations and assist with solutions to support it.
• You will support security initiatives deliveries as needed and track progress with compliance team.
• You will develop and maintain close working relationships with GRC teams, Architecture Security teams and IT stakeholders.
• You will build and maintain a cybersecurity Risk Register with strategic & operational risks identification and scoring on your defined scope
• You will build and maintain a cybersecurity Risk Map based on the Risk Register on your defined scope

WHAT ARE WE LOOKING FOR?

• You have a Bachelor or Master degree in Cybersecurity, Computer Science, Information Technology or equivalent

• You have minimum 2-3 years of experience in a similar role or GRC related (IT audit, risk management or advisory, etc.)
• You hold one or more relevant industry certifications, including but not limited to:

• Risk Manager ISO 27005
• EBIOS RM
• NIST CSF
• Certificate of Cloud Security Knowledge (CCSK)
• Certified Information Systems Security Professional (CISSP)
• ISO 27001 Lead auditor or Lead Implementer
• Certified Information System Auditor (CISA)
• Certified Cloud Security Professional (CCSP)
• Certified Ethical Hacker (CEH)

Please provide your CV in English (global IT role).

WHAT DO WE HAVE TO OFFER?

With a genuine culture of reward and recognition, we want our employees to grow, develop and be part of our journey.

There's no doubt that you will be compensated for your hard work and commitment so if you'd like to work for one of the top Logistics providers in the world then please do get in touch to find your next role.

Come along on CMA CGM's adventure !