Share this Job
Apply now »
ID:  119616

Marseille, FR

Application Security Manager


CMA CGM Group, founded by Jacques R. Saadé, is a leading worldwide shipping & logistics group.

Now headed by Rodolphe Saadé, CMA CGM reinvents transport and logistics in order to offer an integrated maritime, port and land service that exceeds its customers' expectations. 

Present in over 160 countries through 755 offices, 750 warehouses, equipped with a young and diverse fleet of 511 vessels, CMA CGM serves 420 of the world's 521 commercial ports and operates on more then 200 shipping lines. The group currently employs 110,000 people worldwide, including nearly 2,400 in its headquarters in Marseilles.




The CMA CGM Group’s incredible growth is dramatically transforming our core business, reinforcing our leading position as an innovative, bold, and customer-oriented company, enhancing more than ever the security of its global operations. 

With more than 250 team members, the Group Cybersecurity Department, covers all subsidiaries and entities of CMA CGM, with a global roadmap composed of 6 major domain streams (Maritime, Logistics, Ships, Terminals, Warehouses, and Subsidiaries). The Department currently monitors around 80 projects and provides through its 24/7 Operations continuous reliability. 

In two and a half years, our Cybersecurity team has operated major strategic changes and implemented top-level solutions to secure even further our business activities worldwide: Risk Management tools, IAM, Office 365 security, Networks, Endpoints and Cloud protection, Application Security Enhancement, Cyber Defense Center (SOC and CERT) construction. 

We look now to reinforce our teams with new skills to reach the next level of Cybersecurity and continue building a globally structured team based in Marseilles, Beirut, Manila, Montreal, Miami, and more…

As a key focus for the Group, our Top Management fully sponsors this Global Cybersecurity Program, through strategic investments in the best market technologies and an ambitious recruitment campaign in 2022, providing assets, skills, and top-level resilience to face the world’s global challenges ahead.

For this, the Application Security Manager is the global lead and SME for application security within CMA CGM Group and will take care of implementing secure coding practices, security testing and mitigation, developers training.

The manager will be responsible for a team of application security professionals and penetration testers (offensive security).




  • Manage a team of Application Security Expert team and Offensive Security team
  • Schedule testing base on Business needs (On Prem, SaaS, Cloud)
  • Manage Tools and framework used
  • Follow OWASP methodology and Offensive Security framework
  • Work closely with Cyber Defense Center
  • Implement SSDLC (Secure Software Development Life Cycle) practice across CMA CGM globally
  • Research and protect against typical threats, exploits
  • Develop and execute training session for CMA CGM’s development units to increase knowledge and awareness around SSDLC
  • Overall responsibility over application and end to end security testing
  • Act as a subject matter expert for secure coding practices, security around new software products (both internally developed and off the shelf solutions implemented in CMA CGM)
  • Manage set of tools (Aquasec, AppScan, Fortify) to support automation of application security as part of the development lifecycle, including: testing tools, code review technologies, (application) vulnerability management etc.
  • Analyze external providers penetration test reports
  • Provide recommendations / Mitigations to remediate or mitigate vulnerabilities
  • Coordinate with various IT and business teams to prepare and organize penetration tests





  • Bachelor or Master degree in Computer Science, Information Technology or relevant degree
  • OSCP/OSWE/OSCE/GPEN/GXPN or any other relevant certification

Knowledge & Experience:  

  • Experience of managing an operation team
  • Excellent knowledge of Owasp Top10, CWE…
  • Excellent understanding of micro-services architectures & APIs
  • Knowledge and proven experience with modern containerized infrastructures (Kubernetes)
  • Use of various tools such as Burp Suite, Zap, Kali distribution…



  • The ability to interact with CMA CGM colleagues, build good relationships at all levels and across all business units and organisations, and the ability of influence stakeholders of all levels. Change management skills an asset
  • Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience
  • Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams
  • Highly self motivated and directed, with keen attention to detail
  • Planning, organization and coordination skills
  • Ability to properly manage time and priorities
  • Leadership, team spirit, creativity, rigor and quality
  • Customer-oriented approach
  • Fluent in French and English



Come along on CMA CGM’s adventure !











Apply now »