Share this Job
Apply now »
ID:  119828

Montreal Qc, CA

SOC L2 Analyst


Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group also acts in humanitarian crises that require an emergency response by mobilizing the Group’s shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 130,000 people worldwide, including 2,900 in Marseilles where its head office is located.




The CMA CGM Group’s incredible growth is dramatically transforming our core business, reinforcing our leading position as an innovative, bold, and customer-oriented company, enhancing more than ever the security of its global operations.

With more than 250 team members, the Group Cybersecurity Department, covers all subsidiaries and entities of CMA CGM, with a global roadmap composed of 6 major domain streams (Maritime, Logistics, Ships, Terminals, Warehouses, and Subsidiaries). The Department currently monitors around 80 projects and provides through its 24/7 Operations continuous reliability.


In two and a half years, our Cybersecurity team has operated major strategic changes and implemented top-level solutions to secure even further our business activities worldwide: Risk Management tools, IAM, Office 365 security, Networks, Endpoints and Cloud protection, Application Security Enhancement, Cyber Defense Center (SOC and CERT) construction.

We look now to reinforce our teams with new skills to reach the next level of Cybersecurity and continue building a globally structured team based in Marseilles, Beirut, Manila, Montreal, Miami, and more…


As a key focus for the Group, our Top Management fully sponsors this Global Cybersecurity Program, through strategic investments in the best market technologies and an ambitious recruitment campaign in 2022, providing assets, skills, and top-level resilience to face the world’s global challenges ahead.


We are therefore looking for a SOC L2 Analyst to join our Cyber Defense Center. He/She will be in charge to protect CMA-CGM group by detecting and responding to cyber incidents. Security threats have increased drastically in the last few years and organizations are facing an increasingly complex threat landscape.

He/She will have the opportunity to work with a highly dynamic and motivated team and a high level of security solutions. The SOC L2 Analyst will report to the SOC Manager.


As a SOC Level 2 Analyst within the Cyber Defense Center, you will:
• Protect the CMA-CGM group:
o Participate in a 24x7 Security Operation Center (SOC) environment following the sun
o Analyze, contextualize and monitors the security alerts from different and advanced security platforms;
o Effectively troubleshoot and investigate security events, communicate findings, and escalate concerns to staff as directed;
o Process and manage requests for various security services such as responding to security inquiries from affiliates/ stakeholders, reviewing malicious/suspicious files;
o Provide Incident Response (IR) support when analysis confirms an actionable incident;
• Contribute to continuous improvement of SOC posture:
o Tuning of SOC Use Cases;
o Design, maintain and continuous improve SOC playbooks, SOC standard operating procedures (SOP), processes and guidelines;
• Learn, grow and develop on the Blue team
o Participate to hunting sessions with our CTI team
o Participate to Incident Response simulation
o Collaborate and works closely with SOC RUN Senior Analyst (L3) and SOC RUN Lead towards the continuous improvement of the service;
o Support Lead, Manager in various tasks and projects
• Participate to small projects:
o Develop SOC Use Cases;
o Testing security solutions;
o Implementation of SOC platform tools / solution;
These activities are non-exhaustive and can evolve according to operational needs.


You profile corresponds to the following criteria:
• Bachelor's degree in Computer Science, Computer Engineering, IT Security, or a related field; alternatively, equivalent demonstrated knowledge.
• Highly technical with at least 3 years of relevant experience as an analyst in IT Security or SOC.
• Experience with Security Operations Center, network event analysis and/or threat analysis
• Knowledge of various security methodologies and technical security solutions.
• Experience analyzing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway.
• Knowledge of commonly accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges, and access restricted information.
• Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics.
• Knowledge of the common attack vectors on various layers.
• Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix.
• Experience in the transport/shipping/logistics is a plus.

You also possess the following qualities:
• Highly motivated and willing to learn;
• Autonomy and proactive behavior;
• Great understanding of the device’s security logs;
• Analysis and synthesis capacity;
• Strong ability to work and interact with management, business customers, functional & technical oriented teams;
• Discretion with regard to sensitive matters



We are an equal opportunity employer. 

You must have a legal authorization to work in Canada. 



Come along on CMA CGM’s adventure !











Apply now »