Share this Job
Apply now »
ID:  119434
Location: 

Marseille, FR

BISO Corporate functions (RH, Finance, etc)

 

CMA CGM Group, founded by Jacques R. Saadé, is a leading worldwide shipping & logistics group.

Now headed by Rodolphe Saadé, CMA CGM reinvents transport and logistics in order to offer an integrated maritime, port and land service that exceeds its customers' expectations. 

Present in over 160 countries through 755 offices, 750 warehouses, equipped with a young and diverse fleet of 511 vessels, CMA CGM serves 420 of the world's 521 commercial ports and operates on more then 200 shipping lines. The group currently employs 110,000 people worldwide, including nearly 2,400 in its headquarters in Marseilles.

 

 

CONTEXT & ROLE:

The CMA CGM Group’s incredible growth is dramatically transforming our core business, reinforcing our leading position as an innovative, bold, and customer-oriented company, enhancing more than ever the security of its global operations. 

With more than 250 team members, the Group Cybersecurity Department, covers all subsidiaries and entities of CMA CGM, with a global roadmap composed of 6 major domain streams (Maritime, Logistics, Ships, Terminals, Warehouses, and Subsidiaries). The Department currently monitors around 80 projects and provides through its 24/7 Operations continuous reliability. 

In two and a half years, our Cybersecurity team has operated major strategic changes and implemented top-level solutions to secure even further our business activities worldwide: Risk Management tools, IAM, Office 365 security, Networks, Endpoints and Cloud protection, Application Security Enhancement, Cyber Defense Center (SOC and CERT) construction. 

We look now to reinforce our teams with new skills to reach the next level of Cybersecurity and continue building a globally structured team based in Marseilles, Beirut, Manila, Montreal, Miami, and more…

As a key focus for the Group, our Top Management fully sponsors this Global Cybersecurity Program, through strategic investments in the best market technologies and an ambitious recruitment campaign in 2022, providing assets, skills, and top-level resilience to face the world’s global challenges ahead.


For this, the Business Information Security Officer’s (BISO) role will be the focal point for effective engagement between CMA CGM Corporate functions departments (Finance, HR, Legal, Communication), and the CMA CGM Group Information Security function.

Reporting to the Group Security Business Enablement Manager, this role will be a trusted adviser to senior business and technology stakeholders and provide broad knowledge of CMA CGM’s Information Security strategies, policies, processes, architecture and road maps to enable the CMA CGM Corporate Functions departments to understand and meet Information Security requirements.

 

 

RESPONSIBILITIES:

  • Build and maintain effective relationship with the CMA CGM Corporate functions business stakeholders. Be the voice of Information Security in the business departments and be their voice within Information Security
  • Facilitate planning, introduction, delivery of Information Security services and initiatives e.g.
    • To support compliance activities, security audits
    • Security capability / maturity improvement
    • Delivery of point services such as vulnerability assessments, cybersecurity assessments, vendor assessments
    • Business Departments security awareness and education
    • Delivering targeted security and risk briefing
  • Determines security requirements by evaluating business strategies and threat landscapes
  • Ensure that policy compliance is appropriate to the organizational and business departments level of risk acceptance
  • Demonstrate to stakeholders that appropriate controls are in place and oversee/create actions plans to manage improvement or change where necessary
  • Advise stakeholders on how to achieve the relevant controls and assist with solutions to support them
  • Where necessary ensure that processes are documented and communicated in language that is relevant and understandable to non-technical audiences
  • Support security initiatives deliveries as needed and be in a position to demonstrate and track progress to stakeholders
  • Raise the profile of security within the organisation by being pro-actively involved with stakeholders and customers
  • Establishment of ongoing cybersecurity monitoring and compliance according to best practices
  • Develop and maintain close working relationships with business stakeholders, IT & operational teams
  • Establish the vulnerability level of the business departments and recommend the measures necessary to ensure the protection of the company
  • Lead business departments participation and provide guidance in security incidents and other investigations
  • Act as a mentor and contribute to the development of the team in areas of expertise
  • Any other duties relating to the remit of a role of this standing as required by the needs of the business

 


PROFILE & QUALIFICATIONS:

Education: 

  • Bachelor or Master degree in Computer Science, Information Technology or relevant degree  
  • Security certifications such as CISSP, CISM or GIAC Certifications an asset


Knowledge & Experience:  

  • Knowledge of all areas of IT security across technical and GRC domains
  • Knowledge of standards and regulations governing the security of information (ex. NIST CSF, NIST 800-82, ISO 27001, ISO 62443, IMO) an asset
  • Up-to-date knowledge of cyber and information security trends and threats
  • Minimum (8) years of experience in information security
  • Proven skills and experience balancing the security needs with the business requirements to deliver world-class service to internal and external customers
  • Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams
  • Project management experience highly desired
  • Ability to interpret and apply policies and regulations across a large, complex business
  • High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions


Other:

  • The ability to interact with CMA CGM colleagues, build good relationships at all levels and across all business units and organisations, and the ability of influence stakeholders of all levels. Change management skills an asset
  • Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience
  • Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams
  • Highly self motivated and directed, with keen attention to detail
  • Analytical skills, pragmatic approach to IT security issues
  • Planning, organization and coordination skills
  • Ability to properly manage time and priorities
  • Leadership, team spirit, creativity, rigor and quality
  • Customer-oriented approach
  • Bilingual (French and English) an asset

 

 

Come along on CMA CGM’s adventure !

 

 

 

 

 

 

 

 

 

 

Apply now »