Global Cybersecurity Expert
Mumbai, IN
CMA CGM
CEVA Logistics provides global supply chain solutions to connect people, products and providers all around the world. Present in 170 countries and with more than 110,000 employees spread over 1,300 sites, we are well on our way to achieving our vision: to be a Top 5 global 3PL.
We believe that our employees are the key to our success. We want to engage and empower our diverse, global team to co-create value with our customers through our solutions in contract logistics and air, ocean, ground, and finished vehicle transport. That is why CEVA Logistics offers a dynamic and exceptional work environment that fosters personal growth, innovation, and continuous improvement.
DARE TO GROW! Join CEVA Logistics, and you will be part of a team that values imagination, encourages boldness and exemplarity, and is committed to excellence in everything we do. Join us in our mission to shape the future of global logistics as we become a global leader in the logistics industry. As we continue growing at a fast pace, will you “Dare to Grow” with us?
YOUR ROLE
Are you interested in facilitating the implementation of a comprehensive risk based approach of critical applications? Would you like to work on the steps of risk assessment, risk treatment farming and risk acceptance process handling?
If so, we have the opportunity to make a meaningful and valued contribution, joining us as our Cybersecurity Risk Analyst (GRC) for CMA CGM Group.
This role is open in Morocco, Tunesia, Algeria and Lebanon.
WHAT ARE YOU GOING TO DO?
In this role you will be doing liaison with Third Party Risk Management, Governance and Compliance teams, in order to assess the level of security of critical applications, produce executive reports on the recommendations identified and establish security plans to be implemented and monitored.
- You will be the referent analyst for one or several Business Lines (Shipping, Ships, Logistics, Transport, Corporate Functions, Media, Innovation)
- You challenge and validate application prequalification CIA scoring by the Risk Owners
- You perform security risk assessments following ISO 27005 methodology
- You review security architectures, cloud & networks integration for critical application ecosystems
- You identify security objectives & define remediation plans in regard to security policies or standards
- You act as a technical expert with cybersecurity & IT stakeholders
- You act as a functional expert/evangelist with Business stakeholders
- You tackle critical applications legacy and perform backlog treatment through project management
- You will be a key contributor or project lead for framework enhancement, maturity level improvement, KRIs/KPIs dashboarding reporting
- You determine security requirements by evaluating business strategies and threat landscapes.
- You ensure that policy compliance is appropriate to the organization level of risk acceptance.
- You evaluate if appropriate controls are in place and oversee/create actions plans
- You advise stakeholders on how to apply the relevant remediations and assist with solutions to support it
- You support security initiatives deliveries as needed and track progress with compliance team.
- You develop and maintain close working relationships with GRC teams, Architecture Security teams and IT stakeholders.
- You build and maintain a cybersecurity Risk Register with strategic & operational risks identification and scoring on your defined scope
- You promote and develop cybersecurity awareness and cybersecurity by-design culture in CMA CGM Group
WHAT ARE WE LOOKING FOR?
- You have a bachelor or Master degree in Cybersecurity, Computer Science, Information Technology or equivalent
- You have 5-8 years experience in a similar role or GRC related (IT audit, risk management or advisory, etc.)
- You hold one or more relevant industry certifications, including but not limited to:
▪ Risk Manager ISO 27005
▪ EBIOS RM ▪ NIST CSF
▪ Certificate of Cloud Security Knowledge (CCSK)
▪ Certified Information Systems Security Professional (CISSP)
▪ ISO 27001 Lead auditor or Lead Implementer
▪ Certified Information System Auditor (CISA)
▪ Certified Cloud Security Professional (CCSP)
▪ Certified Ethical Hacker (CEH)
- You have excellent verbal, written and interpersonal communication skills.
- You have the ability to adapt communication language depending on the audience (technical to non-technical with businesspeople & top management)
- You have Analytical skills, pragmatic approach to IT and OT security issues
- You have the ability to properly manage time and priorities
- Yoi like to work in an international environment, in contact with multicultural teams
- You are fluent in English, French is a plus
WHAT DO WE HAVE TO OFFER?
With a genuine culture of reward and recognition, we want our employees to grow, develop and be part of our journey. We offer a benefits package that depend on the country you apply for.
In this role you will receive training on the job.
There’s no doubt that you will be compensated for your hard work and commitment so if you’d like to work for one of the top Logistics providers in the world then please do get in touch to find your next role.
CEVA Logistics is proud to be an equal opportunity work place and an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other characteristic. We are an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individual with Disabilities.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCSP CEH CIA CISA CISSP Cloud Compliance Computer Science Governance ISO 27001 ISO 27005 KPIs NIST Risk assessment Risk management
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs