Lead SecOps

Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group’s shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

YOUR ROLE :
 

Reporting to the CMA CGM Group's Operational Security department, you will be required to carry out various consulting and integration activities in the management of security operation services.
With your knowledge of the operational security (and IT) professions and how they work, technical expertise in the field of vulnerability management - traceability and encryption, knowledge of architecture, technical project integration and communication, you will be working in an international and heterogeneous environment.

WHAT ARE YOU GOING TO DO :
 

-    Reporting to the CMA CGM Group's Operational Security department, you will work jointly with the Group's project managers to support the delivery of SecOps projects in operation. You will ensure the improvement and implementation of processes and procedures enabling the industrialization of these activities. You will also support SecOps management in ensuring the sustainability of their activities in support of solution tech-leads, by participating in the creation and/or updating of operating documentation for projects delivered over the last 3 years, and ensuring their integration within the operations department.

-    Your expertise in operational security will enable you to support and advise SecOps management in improving performance indicators and service reports.
You will provide your expertise to the Technical Lead of the O365 security tools and/or any other security tools to identify and improve the best indicators that will help our management in its decisions.
You will also be responsible for improving collaboration and communication with other departments in the company, particularly those in cybersecurity and IT.

-    As an expert in encryption and vulnerability management, you will support local IT teams in achieving compliance and reducing the risk of loss of confidentiality and integrity of sensitive data in transit. 
This mission involves several activities, including:
•    Defining, planning and organizing audit campaigns customized to the company's different contexts (On Prem, Cloud AWS, etc.),
•    Conducting audits,
•    Drawing up resolution plans and evolution projects to ensure the non-regression of corrections made and improving configuration lifecycle management and the deployment of digital certificates.
•    Provide advice and expertise on encryption and associated obsolescence.

Eventually, you will take the technical lead of this new activity within the company.
 

WHAT ARE WE LOOKING FOR :

Must have:

•    You can apply creative solutions to an environment in perpetual evolution.
•    You have a minimum of 10 years of experience in information technology and the security domain.
•    You have advanced knowledge of Endpoint security, WAF, PKI, Microsoft Security Tools and Email Security platforms.
•    You are also experienced in risk assessment and bring a good knowledge of tools, technologies, and methods.
•    You also have a good understanding of standards, regulations, and laws like NIST, GDPR, and ISO.
•    You can identify and mitigate vulnerabilities as well as explain how to avoid them. 
•    You are fluent in English.

Nice to have :

•    Advanced knowledge of Firewalls, Web Proxy, NAC
•    Scripting skills
•    Metric reporting skills
•    Knowledge about SOC activities
•    Understanding SIEM
 

Come along on CMA CGM’s adventure !