Senior Enterprise Security Architect

Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group’s shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

WHAT ARE YOU GOING TO DO?

We are seeking a Senior Enterprise Security Architect to join our team. The candidate will be responsible for driving, designing and implementing reference security baselines and architectures for modern enterprise environments. As a security urbanist, this role is essential for ensuring the security, scalability, and resilience of our group’s infrastructure, supporting organizational business goals and regulatory requirements. Among responsibilities:

• Lead strategic missions on enterprise security architectures and baselines.
• Develop and maintain enterprise-wide security architecture frameworks and roadmaps.
• Advise on the selection, applicability and implementation of security controls.
• Mentor security architects and security engineers on implementation of security baselines.
• Help develop security roadmaps that align security measures with evolving business needs, regulatory mandates, and emerging technologies.
• Enable alignment with industry standards and regulations, including frameworks such as NIST, ISO 27001, GDPR, SOC 2, CIS, and cloud provider-specific standards.
• Stay updated on emerging modern cybersecurity threats and associated risks to proactively address new challenges in the enterprise security landscape.
• Collaborate with cross-functional teams (engineering, IT, business units) to define security requirements and integrate security features into AI, cloud, and IAM systems from development through deployment.
• Evaluate and advise on new security technologies and approaches, helping drive innovation in AI security, secure cloud architectures, and IAM solutions.
• Contribute to security policies and best practices to ensure consistency across the enterprise security architecture.
• Lead the adoption of defensible architectures in digital environments.

WHO ARE WE LOOKING FOR?

• Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a relevant field.
• At least 10 years of experience in security architecture and engineering, of which at least 4 years in enterprise security architecture.
• Expertise in cloud, endpoints, network and application security.
• Knowledge of emerging AI systems, cloud infrastructure, and digital solutions in large and complex environments, and their associated security challenges and regulatory requirements.
• Proven experience in designing and implementing cloud security architecture on major cloud platforms.
• Experience in identity and access management is preferred.
• Familiarity with Zero Trust Architecture and Secure SDLC.
• Industrial cybersecurity experience is a plus.

Qualifications

• In-depth knowledge of security frameworks and industry standards such as NIST Cybersecurity Framework, ISO 27001, SOC 2, CIS, and cloud security best practices.
• Expertise in securing business digital assets in hybrid environments, with experience in using security tools and services available in leading cloud platforms.
• Familiarity with AI security concerns, including model security, data privacy, adversarial machine learning, and securing AI-based applications.
• Preferred certifications include CEH, CISSP, CISM, and CCSP.
• Proven experience in leading security architecture and risk management for enterprise IT business applications and systems in the maritime sector is a big advantage.

Soft Skills

• Strong analytical and problem-solving skills, with the ability to identify and mitigate complex security risks across modern technologies.
• Excellent leadership skills, with a proven ability to influence and collaborate with teams across technical and non-technical departments.
• Ability to plan, organize, and drive security initiatives from conception through execution, managing competing priorities and timelines.
• Excellent communication and presentation skills, with the ability to explain complex technical issues to both technical and business stakeholders.
• Ability to work in a fast-paced environment, adapting quickly to changes in business needs, security threats, and technological advancements.
• A proactive, self-driven, and results-oriented approach, with strong interpersonal skills and a collaborative mindset.
• Fluency in English is required.
• Fluency in French is considered a strong asset.

Come along on CMA CGM’s adventure !