Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

MISSION

We are seeking a Cybersecurity GRC specialist for governace activities.

You will be responsible for control model maintenance and assessment based on our internal Security policies and NIST CSF framework. In addition, you will oversight audit findings resolution .

WHAT ARE YOU GOING TO DO
• Update Control model according to CMA CGM Group changes and security posture evolution
• Assist in conducting internal compliance reviews and gap analyses against Internal Security Thematic Policy
• Assist in conducting internal compliance reviews and gap analyses against NIST CSF
• Contribute to the drafting, review, and maintenance of cybersecurity policies, standards, and procedures.
• Oversight the delivery of actions identified from TERMINALS audits.

WHAT ARE WE LOOKING FOR

Your profile meets the following criteria
• Knowledge of at least one of the following security standard: ISO27001, NIST CSF, NIST 800-53, PCI-DSS, SOC2 ,.
• Relevant certifications in cybersecurity or IT, such as ISO 27001 ISMS Lead Auditor or Lead Implementer and IT Infrastructure Library (ITIL) are a plus;
• Good understanding of cybersecurity management processes and methodologies (e.g., ISMS ISO 27001, NIST framework).
• Experience in Security control implementation.
• Minimum 3 years of experience in IT-related fields.
• Minimum 1 year of experience in information security or audits.
• Good understanding of IT operations, processes, and methodologies, audit and internal control methodologies (COSO, Cobit).
• Experience in the transport/shipping/logistics sector is a plus.
• Proficiency in English.

You also possess the following qualities:
• Autonomy and proactive behavior.
• Ability to adapt to various situations and adjust behavior based on the environment and type of interlocutor.
• Ability to simplify and synthesize issues and proposed solutions.
• Good written communication, analytical, and synthesis skills, especially orally.
• Team spirit, pedagogy, ability to develop partners' skills.
• Ability to work in an international environment, in contact with multicultural and offshore teams.

Please ensure you are familiar with the CMA CGM Corporate Internal Mobility guidelines