Share this Job
Apply now »
ID:  119824
Location: 

Montreal Qc, CA

Cybersecurity Governance Advisor

 

CMA CGM Group, founded by Jacques R. Saadé, is a leading worldwide shipping & logistics group.

Now headed by Rodolphe Saadé, CMA CGM reinvents transport and logistics in order to offer an integrated maritime, port and land service that exceeds its customers' expectations. 

Present in over 160 countries through 755 offices, 750 warehouses, equipped with a young and diverse fleet of 511 vessels, CMA CGM serves 420 of the world's 521 commercial ports and operates on more then 200 shipping lines. The group currently employs 110,000 people worldwide, including nearly 2,400 in its headquarters in Marseilles.

 

 

CONTEXT & ROLE :

The CMA CGM Group’s incredible growth is dramatically transforming our core business, reinforcing our leading position as an innovative, bold, and customer-oriented company, enhancing more than ever the security of its global operations.

With more than 250 team members, the Group Cybersecurity Department, covers all subsidiaries and entities of CMA CGM, with a global roadmap composed of 6 major domain streams (Maritime, Logistics, Ships, Terminals, Warehouses, and Subsidiaries). The Department currently monitors around 80 projects and provides through its 24/7 Operations continuous reliability.

 

In two and a half years, our Cybersecurity team has operated major strategic changes and implemented top-level solutions to secure even further our business activities worldwide: Risk Management tools, IAM, Office 365 security, Networks, Endpoints and Cloud protection, Application Security Enhancement, Cyber Defense Center (SOC and CERT) construction.

We look now to reinforce our teams with new skills to reach the next level of Cybersecurity and continue building a globally structured team based in Marseilles, Beirut, Manila, Montreal, Miami, and more…

 

As a key focus for the Group, our Top Management fully sponsors this Global Cybersecurity Program, through strategic investments in the best market technologies and an ambitious recruitment campaign in 2022, providing assets, skills, and top-level resilience to face the world’s global challenges ahead.

 

We are therefore looking for a Cybersecurity Governance Advisor profile for our GRC Department. 

With a risk-based approach, you participate in cybersecurity fund activities, in order to anchor cybersecurity activities in the various business processes and ultimately in the culture of the organization. As a quasi-second line of defense, you establish approaches, methodologies, frameworks, to structure the top-down approach to cybersecurity.

The Cybersecurity Governance Advisor reports to the GRC Director.

 

 

RESPONSIBILITIES : 

  • Ensure the governance of activities and processes related to cybersecurity
  • Know how to conceptualize security management solutions
  • Set up control frameworks, document them, supervise them, and optimize them
  • Carry out security and control audits in compliance with legal procedures
  • Participate in the review and optimization of the activities of our internal partners (HR, Procurement, Finance, Compliance) and external (suppliers and subcontractors)
  • Create effective dashboards to measure and monitor trends and risk levels presented to different levels of management
  • Review service levels during supplier governance processes with our partners
  • Participate in the revision of contracts when necessary with regard to governance aspects
  • Coordinate internal and external audits relating to cybersecurity aspects
  • Identify action plans, monitor them, and facilitate their implementation
  • Keep the documentary corpus on cybersecurity up to date (Policies, norms, standards)
  • Maintain an effective exemption register, based on the balance between security issues and operational realities
  • Develop communications that intervene in awareness raising and training among various user populations

 

These activities are not exhaustive and may change according to operational needs.

 

 

 

PROFILE AND QUALIFICATIONS :

Your profile meets the following criteria:

  • You hold relevant industry certifications in cybersecurity or IT, including:

o Certified Information Systems Security Professional (CISSP)

o IT Infrastructure Library (ITIL)

o ISMS ISO 27001 Lead auditor or Lead Implementer

o Certified Information System Auditor or Manager (CISA-CISM)

  • 10 years minimum experience in a field related to information technology
  • A minimum of 8 years in information security or audits
  • You came from a course focusing on rigor, quality of work and optimization
  • You have a good understanding of Information Technology operations, processes and methodologies, Audit and internal control methodologies (COSO, Cobit) and organizational resilience processes (BCP / DRP)
  • You have a good understanding of cybersecurity management processes and methodologies (e.g.: ISMS ISO 27001, SMCA ISO 22301, NIST framework)
  • You are adept at popularizing and conveying complex messages to an executive audience, including aspects relating to finance, risk, business impacts and performance metrics
  • Experience in the Transport / Shipping / Logistics sector is an asset
  • You speak fluent English

 

You also have the following qualities:

  • Ability to adapt to various situations and adapt their behavior according to the environment and the type of interlocutor
  • Be proactive to unblock complex situations, in the interest of the organization
  • Capacity for popularization and synthesis of issues and proposed solutions
  • Autonomy and proactive behavior
  • Perfect written communication, ability to analyze and synthesize, especially orally
  • Team spirit, pedagogy, ability to develop the skills of its partners
  • Ability to acquire new functional skills
  • Ability to work in an international environment, in contact with multicultural and offshore teams
  • Leadership, perseverance and endurance, challenging the status quo
  • Ability to manage change and unite partners around innovative ideas

 

We are an equal opportunity employer. 

You must have a legal authorization to work in Canada. 

 

 

Come along on CMA CGM’s adventure !

 

 

 

 

 

 

 

 

 

 

Apply now »