Partager cette offre d’emploi
Postuler »
Identifiant:  119829

Montreal Qc, CA

SOC L3 Analyst


Dirigé par Rodolphe Saadé, le Groupe CMA CGM, un leader mondial du transport maritime et de la logistique, dessert plus de 420 ports dans le monde sur 5 continents. Avec sa filiale CEVA Logistics, et sa division de fret aérien CMA CGM AIR CARGO, le Groupe CMA CGM innove constamment pour proposer à ses clients une offre complète et toujours plus performante grâce à de nouvelles solutions maritimes, terrestres, aériennes et logistiques.

Engagé dans la transition énergétique du transport maritime et pionnier dans l’utilisation de carburants alternatifs, le Groupe CMA CGM s’est fixé un objectif de Net Zéro Carbone d’ici 2050.
À travers la Fondation CMA CGM, le Groupe agit également face à des crises humanitaires nécessitant une réponse d’urgence en mobilisant l’expertise maritime et logistique du Groupe pour acheminer partout dans le monde du matériel humanitaire.

Présent dans 160 pays via son réseau de plus de 400 bureaux et 750 entrepôts, le Groupe emploie 130 000 personnes dans le monde, dont 2 900 à Marseille où est situé son siège social.




The CMA CGM Group’s incredible growth is dramatically transforming our core business, reinforcing our leading position as an innovative, bold, and customer-oriented company, enhancing more than ever the security of its global operations.

With more than 250 team members, the Group Cybersecurity Department, covers all subsidiaries and entities of CMA CGM, with a global roadmap composed of 6 major domain streams (Maritime, Logistics, Ships, Terminals, Warehouses, and Subsidiaries). The Department currently monitors around 80 projects and provides through its 24/7 Operations continuous reliability.

In two and a half years, our Cybersecurity team has operated major strategic changes and implemented top-level solutions to secure even further our business activities worldwide: Risk Management tools, IAM, Office 365 security, Networks, Endpoints and Cloud protection, Application Security Enhancement, Cyber Defense Center (SOC and CERT) construction.

We look now to reinforce our teams with new skills to reach the next level of Cybersecurity and continue building a globally structured team based in Marseilles, Beirut, Manila, Montreal, Miami, and more…

As a key focus for the Group, our Top Management fully sponsors this Global Cybersecurity Program, through strategic investments in the best market technologies and an ambitious recruitment campaign in 2022, providing assets, skills, and top-level resilience to face the world’s global challenges ahead.


We are therefore looking for a Security Operations Center (SOC) Level 3 (L3) Analyst to join our Cyber Defense Center. He/She will be in charge to protect CMA-CGM group by performing advanced triage, incident response and digital forensics. He/She will have the opportunity to work with a highly dynamic and motivated team and a high level of security solutions.
The SOC L3 Analyst will report to the SOC Manager.


As a SOC Level 3 Analyst within the Cyber Defense Center, you will:
• Protect the CMA-CGM group:
o Participate in a 24x7 Security Operation Center (SOC) environment following the sun
o Serve as Tier 3 level for complex cases that may require digital forensics, advance analysis skills and thorough Incident Report.
o Act a technical lead to support and guide SOC L2 analysts in the context of cyber investigations
o Proactively identify indicators of compromise and generate and execute Incident Response Plan upon detection.
o Conduct Threat Hunting sessions
o Advanced analysis of security alerts and incidents identified from different and advanced security platforms;
o Effectively troubleshoot and investigate security events, communicate findings, and escalate concerns to staff as directed;
o Process and manage requests for various security services such as responding to security inquiries from affiliates/ stakeholders, reviewing malicious/suspicious files;
o Provide Incident Response (IR) support when analysis confirms an actionable incident;
• Contribute to continuous improvement of SOC posture:
o Advanced tuning of SOC Use Cases;
o Conduct Security simulation sessions with CTI analysts;
o Design, maintain and continuous improve SOC playbooks, SOC standard operating procedures (SOP), processes and guidelines;
• Learn, grow and develop on the Blue team
o Conduct Incident Response simulation
o Collaborate and works closely SOC RUN Lead towards the continuous improvement of the service;
o Support Lead, Manager in various tasks and projects
• Participate to small projects:
o Build rules and intelligence to detect threats and proliferate to all monitored networks;
o Develop SOC Use Cases;
o Testing security solutions;
o Implementation of SOC platform tools / solution;
These activities are non-exhaustive and can evolve according to operational needs.


You profile corresponds to the following criteria:
• Bachelor's degree in Computer Science, Computer Engineering, IT Security, or a related field; alternatively, equivalent demonstrated knowledge.
• Highly technical with at least 5 years of relevant experience as an analyst in IT Security or SOC.
• Experience with Security Operations Center, network event analysis and/or threat analysis
• Knowledge of various security methodologies and technical security solutions.
• Experience analyzing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway.
• Experience in Digital Forensics (disk and memory analysis)
• Experience on Malware Analysis and reversing.
• Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics.
• Knowledge of the common attack vectors on various layers.
• Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix.
• Experience in the transport/shipping/logistics is a plus.

You also possess the following qualities:
• Highly motivated and willing to learn;
• Autonomy and proactive behavior;
• Great understanding of the device’s security logs;
• Analysis and synthesis capacity;
• Strong ability to work and interact with management, business customers, functional & technical oriented teams;
• Discretion with regard to sensitive matters


Lancez-vous dans l’aventure CMA CGM !










Postuler »