Security Engineer

Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group’s shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

CMA CGM Montreal is seeking a skilled Security Engineer to join the Global Cybersecurity team who will  be responsible for securing our digital infrastructure, services, and applications across multiple environments, ensuring the confidentiality, integrity, and availability of cloud-based resources. This role is instrumental in safeguarding our cloud ecosystems and enabling secure business innovation.

ALL CANDIDATES MUST BE LEGALLY AUTHORISED TO WORK IN CANADA: VALID WORK PERMIT, PERMANENT RESIDENT OR CITIZEN

RESPONSIBILITIES

• Design and implement security controls and solutions across public, private, and hybrid environments.
• Apply and maintain security baselines, guardrails, reference architectures, and security blueprints aligned with industry best practices.
• Perform security assessments using recognized frameworks, identifying risks and developing mitigation and remediation roadmaps.
• Collaborate with engineering and DevOps teams to integrate security into CI/CD pipelines and enable secure DevOps practices.
• Contribute to enabling monitoring, detecting, and responding to security threats and misconfigurations.
• Develop Identify and Access Management (IAM) policies, ensuring proper role-based access control, least privilege, and identity federation.
• Contribute to security strategy and roadmap by identifying emerging threats, opportunities for automation, and process improvements.
• Contribute to maintaining compliance with regulatory and industry standards such as ISO 27001, NIST, SOC 2, CIS Benchmarks, and GDPR.
• Support architecture and application teams by providing security guidance on architecture reviews, threat modeling, and risk assessments.
• Evaluate and implement security technologies, including workload protection, data loss prevention (DLP), encryption, container security, and secrets management.
• Collaborate with internal stakeholders to create and enforce -specific security policies, standards, and procedures.
• Stay current with evolving security trends, threat landscapes, and vendor roadmaps to ensure proactive risk management.

QUALIFICATIONS

ALL CANDIDATES MUST BE LEGALLY AUTHORISED TO WORK IN CANADA: VALID WORK PERMIT, PERMANENT RESIDENT OR CITIZEN

Education: 

• You hold a Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related cybersecurity field.
• Cybersecurity & Cloud security Certifications are an asset

Knowledge & Experience: 

• engineering across enterprise-scale environments.
• Experience working with multi-domain and hybrid infrastructures is highly valued.
• Experience to automated security tooling, cloud-native logging, and infrastructure-as-code (IaC) security is required.
• Strong hands-on knowledge of at least one major cloud provider (AWS, Azure, or GCP) and its security capabilities.
• Familiarity with security frameworks and compliance standards.
• Proficiency in implementing and managing security solutions in different environments and setups.
• Experience with cloud-native security tools such as AWS Security Hub, Azure Defender, GCP Security Command Center, or third-party platforms.
• Working knowledge of containers and Kubernetes security is considered an advantage.
• Experience implementing IAM controls, including RBAC, least privilege, and identity federation

Other:

• Detail-oriented, analytical, and proactive in identifying and resolving cloud security issues.
• Strong collaboration and communication skills, working seamlessly with cross-functional teams including DevOps, infrastructure, and compliance.
• You thrive in a fast-paced, cloud-first environment.
• Strong problem-solving capabilities.
• Prioritize work effectively, managing time and competing demands efficiently.
• English required and French language is an asset.

We thank all candidates for their interest in applying for this position and working at CMA CGM, please note, only those selected for an interview will be contacted.

We are an equal opportunity employer!

Come along on CMA CGM’s adventure !