Apply now »
ID:  535256
Location: 

Casablanca, MA

Cybersecurity Risk Analyst

Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group’s shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

 

 

YOUR ROLE

 

Are you interested in facilitating the implementation of a comprehensive risk based approach of critical applications? Would you like to contribute to the Risk Framework enhancement and participation to key projects with high visibility at group level?

If so, we have the opportunity to make a meaningful and valued contribution, joining us as our Cybersecurity Risk Analyst (GRC) for CMA CGM Group.

 

Important: This role is open in the locations of Morocco, Tunesia, Algeria and Lebanon.

 

WHAT ARE YOU GOING TO DO?

 

In this role you will be doing liaison with Third Party Risk Management, Governance and Compliance teams, in order to assess the level of security of critical applications, produce executive reports on the recommendations identified and establish security plans to be implemented and monitored.

 

  • You will be the referent analyst for one or several Business Lines (Shipping, Ships, Logistics, Transport, Corporate Functions, Media, Innovation)
  • You challenge and validate application prequalification CIA scoring by the Risk Owners
  • You perform security risk assessments following ISO 27005 methodology
  • You review security architectures, cloud & networks integration for critical application ecosystems
  • You identify security objectives & define remediation plans in regard to security policies or standards
  • You act as a technical expert with cybersecurity & IT stakeholders
  • You act as a functional expert/evangelist with Business stakeholders
  • You tackle critical applications legacy and perform backlog treatment through project management
  • You will be a key contributor or project lead for framework enhancement, maturity level improvement, KRIs/KPIs dashboarding reporting
  • You determine security requirements by evaluating business strategies and threat landscapes.
  • You ensure that policy compliance is appropriate to the organization level of risk acceptance.
  • You evaluate if appropriate controls are in place and oversee/create actions plans
  • You advise stakeholders on how to apply the relevant remediations and assist with solutions to support it
  • You support security initiatives deliveries as needed and track progress with compliance team.
  • You develop and maintain close working relationships with GRC teams, Architecture Security teams and IT stakeholders.
  • You build and maintain a cybersecurity Risk Register with strategic & operational risks identification and scoring on your defined scope
  • You promote and develop cybersecurity awareness and cybersecurity by-design culture in CMA CGM Group

 

 

 

WHAT ARE WE LOOKING FOR?

 

  • You have a bachelor or Master degree in Cybersecurity, Computer Science, Information Technology or equivalent
  • You have 5-8 years experience in a similar role or GRC related (IT audit, risk management or advisory, etc.)
  • You hold one or more relevant industry certifications, including but not limited to:

▪ Risk Manager ISO 27005

▪ EBIOS RM ▪ NIST CSF

▪ Certificate of Cloud Security Knowledge (CCSK)

▪ Certified Information Systems Security Professional (CISSP)

▪ ISO 27001 Lead auditor or Lead Implementer

▪ Certified Information System Auditor (CISA)

▪ Certified Cloud Security Professional (CCSP)

▪ Certified Ethical Hacker (CEH)

  • You have excellent verbal, written and interpersonal communication skills.
  • You have the ability to adapt communication language depending on the audience (technical to non-technical with businesspeople & top management)
  • You have Analytical skills, pragmatic approach to IT and OT security issues
  • You have the ability to properly manage time and priorities
  • Yoi like to work in an international environment, in contact with multicultural teams
  • You are fluent in English, French is a plus

 

WHAT DO WE HAVE TO OFFER?

 

With a genuine culture of reward and recognition, we want our employees to grow, develop and be part of our journey. We offer a benefits package that depend on the country you apply for.

 

In this role you will receive training on the job. You have access to the CMA CGM Acadamy for training opportunities

We have a hybrid policy (3 days office/ 2 days remote)

 

Come along on CMA CGM’s adventure !

Apply now »