Global Cybersecurity Expert

CEVA Logistics provides global supply chain solutions to connect people, products and providers all around the world. Present in 170 countries and with more than 110,000 employees spread over 1,300 sites, we are well on our way to achieving our vision: to be a Top 5 global 3PL.

We believe that our employees are the key to our success. We want to engage and empower our diverse, global team to co-create value with our customers through our solutions in contract logistics and air, ocean, ground, and finished vehicle transport. That is why CEVA Logistics offers a dynamic and exceptional work environment that fosters personal growth, innovation, and continuous improvement.

DARE TO GROW! Join CEVA Logistics, and you will be part of a team that values imagination, encourages boldness and exemplarity, and is committed to excellence in everything we do. Join us in our mission to shape the future of global logistics as we become a global leader in the logistics industry. As we continue growing at a fast pace, will you “Dare to Grow” with us?

YOUR ROLE

Are you interested in facilitating the implementation of a comprehensive risk based approach of critical applications? Would you like to work on the steps of risk assessment, risk treatment farming and risk acceptance process handling?

If so, we have the opportunity to make a meaningful and valued contribution, joining us as our Cybersecurity Risk Analyst (GRC) for CMA CGM Group.

This role is open in Morocco, Tunesia, Algeria and Lebanon.

WHAT ARE YOU GOING TO DO?

In this role you will be doing liaison with Third Party Risk Management, Governance and Compliance teams, in order to assess the level of security of critical applications, produce executive reports on the recommendations identified and establish security plans to be implemented and monitored.

• You will be the referent analyst for one or several Business Lines (Shipping, Ships, Logistics, Transport, Corporate Functions, Media, Innovation)
• You challenge and validate application prequalification CIA scoring by the Risk Owners
• You perform security risk assessments following ISO 27005 methodology
• You review security architectures, cloud & networks integration for critical application ecosystems
• You identify security objectives & define remediation plans in regard to security policies or standards
• You act as a technical expert with cybersecurity & IT stakeholders
• You act as a functional expert/evangelist with Business stakeholders
• You tackle critical applications legacy and perform backlog treatment through project management
• You will be a key contributor or project lead for framework enhancement, maturity level improvement, KRIs/KPIs dashboarding reporting
• You determine security requirements by evaluating business strategies and threat landscapes.
• You ensure that policy compliance is appropriate to the organization level of risk acceptance.
• You evaluate if appropriate controls are in place and oversee/create actions plans
• You advise stakeholders on how to apply the relevant remediations and assist with solutions to support it
• You support security initiatives deliveries as needed and track progress with compliance team.
• You develop and maintain close working relationships with GRC teams, Architecture Security teams and IT stakeholders.
• You build and maintain a cybersecurity Risk Register with strategic & operational risks identification and scoring on your defined scope
• You promote and develop cybersecurity awareness and cybersecurity by-design culture in CMA CGM Group

WHAT ARE WE LOOKING FOR?

• You have a bachelor or Master degree in Cybersecurity, Computer Science, Information Technology or equivalent
• You have 5-8 years experience in a similar role or GRC related (IT audit, risk management or advisory, etc.)
• You hold one or more relevant industry certifications, including but not limited to:

▪ Risk Manager ISO 27005

▪ EBIOS RM ▪ NIST CSF

▪ Certificate of Cloud Security Knowledge (CCSK)

▪ Certified Information Systems Security Professional (CISSP)

▪ ISO 27001 Lead auditor or Lead Implementer

▪ Certified Information System Auditor (CISA)

▪ Certified Cloud Security Professional (CCSP)

▪ Certified Ethical Hacker (CEH)

• You have excellent verbal, written and interpersonal communication skills.
• You have the ability to adapt communication language depending on the audience (technical to non-technical with businesspeople & top management)
• You have Analytical skills, pragmatic approach to IT and OT security issues
• You have the ability to properly manage time and priorities
• Yoi like to work in an international environment, in contact with multicultural teams
• You are fluent in English, French is a plus

WHAT DO WE HAVE TO OFFER?

With a genuine culture of reward and recognition, we want our employees to grow, develop and be part of our journey. We offer a benefits package that depend on the country you apply for.

In this role you will receive training on the job.

There’s no doubt that you will be compensated for your hard work and commitment so if you’d like to work for one of the top Logistics providers in the world then please do get in touch to find your next role.

CEVA Logistics is proud to be an equal opportunity work place and an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other characteristic. We are an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individual with Disabilities.