CMA CGM
Head of Cyber Defense Center
Job Location
Provence-Alpes-Côte d'Azur, France
Job Description
Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.
Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.
Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.
YOUR ROLE
The Head of Cyber Defense Center leads key cybersecurity functions, including Cyber Threat Intelligence, Vulnerability Management, Security Operations Center (SOC), and Incident Response. This role ensures that the organization can detect, assess, and respond to cyber threats, minimizing risks, improving security posture and increasing the overall business operational resilience. The Head of Cyber Defense Center report to the Group CISO.
WHAT ARE YOU GOING TO DO
Leadership:
• Lead Cyber Defense Center Service Line with high level of integrity and quality of service.
• Lead, advise on and implement CDC strategy, processes and capabilities roadmap while ensuring the alignment of the CDC Mission and Vision with the CISO vision & strategy, to the business ecosystem and its continuous evolution.
• Build and maintain an efficiently functional and collaborative CDC model with the appropriate interfaces, processes and workflows between SOC, incident response, vulnerability management, and threat intelligence functions.
• Be the focal point of contact of senior leadership concerning cybersecurity incidents.
• Advise on CDC build and continuous improvement with reliance on industry best practices.
• Lead automation strategy and CDC enablement with tech and AI capabilities where beneficial.
• Lead and advise on CDC strategy in relevance with the industry's threat landscape and actors.
• Regularly direct and coordinate with the Managers of SOC, CTI, IR and Vulnerability Management to ensure cohesive operations.
• Provide leadership, mentorship, and performance management for SOC personnel, fostering professional growth and skills development.
• Interact with others Cybersecurity, IT and Business teams.
SOC Management Oversight:
o Provide strategic guidance to the SOC Manager.
o Ensure efficient operations of the SOC and adherence to SOC SLAs.
o Ensure effective monitoring, detection, and response to security incidents.
o Oversee use cases libraries and detection capabilities in IT/OT environments.
o Guide and support the SOC Manager in achieving operational excellence.
o Perform executive reporting of SOC KPIs, metrics and reports.
Cyber Threat Intelligence (CTI) Oversight:
o Provide strategic guidance to CTI Manager in gathering, analyzing, and disseminating threat intelligence.
o Lead the cyber threat intelligence capabilities through proactive approach to gather, vet, analyze, disseminate and act on threat intelligence to anticipate and detect potential threats.
o Build partnerships with external intelligence-sharing stakeholders for improved threat detection.
o Ensure integration of threat intelligence into SOC operations and incident response.
o Develop strategies to anticipate and mitigate emerging threats.
o Perform executive reporting of CTI KPIs, metrics and reports.
Vulnerability Management Oversight:
o Oversee the Vulnerability Management Manager in identifying, assessing, and remediating vulnerabilities.
o Ensure regular vulnerability scans are conducted through the service line.
o Oversee and enforce policies for vulnerability management.
o Foster cross-functional collaboration to remediate security weaknesses.
o Perform executive reporting of Vulnerability Management KPIs, metrics and reports.
Incident Response Oversight:
o Provide strategic guidance to Incident Response Manager.
o Oversee and empower incident response plans build, review, updates and improvements.
o Oversee and empower IR teams in investigating and resolving security incidents quickly and effectively.
o Foster post-mortem lessons learned culture throughout the service line and the company.
o Perform executive reporting of incidents, IR KPIs, metrics and reports.
CDC Governance, Workflows and Processes:
• Develop and enforce CDC workflows and procedures.
• Ensure compliance with company requirements, external regulations and standards where applicable.
• Regularly review and update CDC operational model when necessary.
Reporting and Metrics:
• Develop and track key performance indicators (KPIs) for all CDC functions.
• Provide regular reports to senior management on the Cyber Defense Center's activities and performance.
Quality of Service:
• Oversee CDC quality of service, SLAs and ensure continuous improvement.
• Ensure customer satisfaction through QoS KPIs, regular surveys and exchanges.
Tools and Process Optimization:
• Oversee the implementation of new technologies and tools in CDC.
• Ensure CDC adherence to best industry practices and tools.
• Oversee continuous process improvements to enhance efficiency and effectiveness.
Budget and Resource Management:
• Manage and optimize the budget for the Cyber Defense Center.
• Ensure optimal use of resources while aligning with business priorities.
• Ensure the center has the necessary tools, technologies, and personnel.
• Foster continuous development culture and strategy for CDC personnel, and sponsor capacity building, knowledge transfer and training activities.
WHO ARE WE LOOKING FOR?
• Bachelor's degree in Cybersecurity, Information Technology, Master's is a plus.
• Significant experience in cybersecurity, with several years in CDC leadership.
• Proven track record in managing security operations, threat intelligence, vulnerability management, responding to cyber incidents, and overseeing cross-functional security teams.
• Deep understanding of information security frameworks and standards such as SOC CMM, ISO 27000, NIST, MITRE ATT&CK, and others.
• Ability to explain technical concepts to non-technical stakeholders.
• Good understanding of incident management lifecycle.
• Experience managing cyber defence strategies and coordinating efforts across the organization.
• Proven awareness and adaptability to governance and compliance requirements with exposure to regulatory framework and regulatory requirements.
• Experience in converged IT/OT environments is a plus.
• Expertise in risk assessment, with the ability to evaluate and mitigate security risks while ensuring operational continuity.
• Good understanding of risk management lifecycle and activities.
• Strong decision-making skills in high-pressure, fast-evolving environments.
• Relevant certifications (e.g., GSOC, GSLC, LDR, CISSP, CISM) are a plus.
Soft Skills:
• Strong leadership and management skills, with the ability to oversee and drive large teams and coordinate activities across global or regional security operations footprint.
• Demonstrated ability to mentor and develop technical teams, driving improvements and ensuring adherence to security best practices.
• Capability to report and interact with executive level.
• Strategic thinking combining security awareness and business savviness.
• Pragmatic mindset with capability to engage with different stakeholders.
• Robust decision making and problem-solving capabilities under pressure.
• Fluent in English (oral and written) with strong reporting and presentation skills.
• Full professional proficiency in French is a plus.
Please ensure you are familiar with the CMA CGM Corporate Internal Mobility guidelines
Location: Provence-Alpes-Côte d'Azur, FR
Posted Date: 11/25/2024
Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.
Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.
YOUR ROLE
The Head of Cyber Defense Center leads key cybersecurity functions, including Cyber Threat Intelligence, Vulnerability Management, Security Operations Center (SOC), and Incident Response. This role ensures that the organization can detect, assess, and respond to cyber threats, minimizing risks, improving security posture and increasing the overall business operational resilience. The Head of Cyber Defense Center report to the Group CISO.
WHAT ARE YOU GOING TO DO
Leadership:
• Lead Cyber Defense Center Service Line with high level of integrity and quality of service.
• Lead, advise on and implement CDC strategy, processes and capabilities roadmap while ensuring the alignment of the CDC Mission and Vision with the CISO vision & strategy, to the business ecosystem and its continuous evolution.
• Build and maintain an efficiently functional and collaborative CDC model with the appropriate interfaces, processes and workflows between SOC, incident response, vulnerability management, and threat intelligence functions.
• Be the focal point of contact of senior leadership concerning cybersecurity incidents.
• Advise on CDC build and continuous improvement with reliance on industry best practices.
• Lead automation strategy and CDC enablement with tech and AI capabilities where beneficial.
• Lead and advise on CDC strategy in relevance with the industry's threat landscape and actors.
• Regularly direct and coordinate with the Managers of SOC, CTI, IR and Vulnerability Management to ensure cohesive operations.
• Provide leadership, mentorship, and performance management for SOC personnel, fostering professional growth and skills development.
• Interact with others Cybersecurity, IT and Business teams.
SOC Management Oversight:
o Provide strategic guidance to the SOC Manager.
o Ensure efficient operations of the SOC and adherence to SOC SLAs.
o Ensure effective monitoring, detection, and response to security incidents.
o Oversee use cases libraries and detection capabilities in IT/OT environments.
o Guide and support the SOC Manager in achieving operational excellence.
o Perform executive reporting of SOC KPIs, metrics and reports.
Cyber Threat Intelligence (CTI) Oversight:
o Provide strategic guidance to CTI Manager in gathering, analyzing, and disseminating threat intelligence.
o Lead the cyber threat intelligence capabilities through proactive approach to gather, vet, analyze, disseminate and act on threat intelligence to anticipate and detect potential threats.
o Build partnerships with external intelligence-sharing stakeholders for improved threat detection.
o Ensure integration of threat intelligence into SOC operations and incident response.
o Develop strategies to anticipate and mitigate emerging threats.
o Perform executive reporting of CTI KPIs, metrics and reports.
Vulnerability Management Oversight:
o Oversee the Vulnerability Management Manager in identifying, assessing, and remediating vulnerabilities.
o Ensure regular vulnerability scans are conducted through the service line.
o Oversee and enforce policies for vulnerability management.
o Foster cross-functional collaboration to remediate security weaknesses.
o Perform executive reporting of Vulnerability Management KPIs, metrics and reports.
Incident Response Oversight:
o Provide strategic guidance to Incident Response Manager.
o Oversee and empower incident response plans build, review, updates and improvements.
o Oversee and empower IR teams in investigating and resolving security incidents quickly and effectively.
o Foster post-mortem lessons learned culture throughout the service line and the company.
o Perform executive reporting of incidents, IR KPIs, metrics and reports.
CDC Governance, Workflows and Processes:
• Develop and enforce CDC workflows and procedures.
• Ensure compliance with company requirements, external regulations and standards where applicable.
• Regularly review and update CDC operational model when necessary.
Reporting and Metrics:
• Develop and track key performance indicators (KPIs) for all CDC functions.
• Provide regular reports to senior management on the Cyber Defense Center's activities and performance.
Quality of Service:
• Oversee CDC quality of service, SLAs and ensure continuous improvement.
• Ensure customer satisfaction through QoS KPIs, regular surveys and exchanges.
Tools and Process Optimization:
• Oversee the implementation of new technologies and tools in CDC.
• Ensure CDC adherence to best industry practices and tools.
• Oversee continuous process improvements to enhance efficiency and effectiveness.
Budget and Resource Management:
• Manage and optimize the budget for the Cyber Defense Center.
• Ensure optimal use of resources while aligning with business priorities.
• Ensure the center has the necessary tools, technologies, and personnel.
• Foster continuous development culture and strategy for CDC personnel, and sponsor capacity building, knowledge transfer and training activities.
WHO ARE WE LOOKING FOR?
• Bachelor's degree in Cybersecurity, Information Technology, Master's is a plus.
• Significant experience in cybersecurity, with several years in CDC leadership.
• Proven track record in managing security operations, threat intelligence, vulnerability management, responding to cyber incidents, and overseeing cross-functional security teams.
• Deep understanding of information security frameworks and standards such as SOC CMM, ISO 27000, NIST, MITRE ATT&CK, and others.
• Ability to explain technical concepts to non-technical stakeholders.
• Good understanding of incident management lifecycle.
• Experience managing cyber defence strategies and coordinating efforts across the organization.
• Proven awareness and adaptability to governance and compliance requirements with exposure to regulatory framework and regulatory requirements.
• Experience in converged IT/OT environments is a plus.
• Expertise in risk assessment, with the ability to evaluate and mitigate security risks while ensuring operational continuity.
• Good understanding of risk management lifecycle and activities.
• Strong decision-making skills in high-pressure, fast-evolving environments.
• Relevant certifications (e.g., GSOC, GSLC, LDR, CISSP, CISM) are a plus.
Soft Skills:
• Strong leadership and management skills, with the ability to oversee and drive large teams and coordinate activities across global or regional security operations footprint.
• Demonstrated ability to mentor and develop technical teams, driving improvements and ensuring adherence to security best practices.
• Capability to report and interact with executive level.
• Strategic thinking combining security awareness and business savviness.
• Pragmatic mindset with capability to engage with different stakeholders.
• Robust decision making and problem-solving capabilities under pressure.
• Fluent in English (oral and written) with strong reporting and presentation skills.
• Full professional proficiency in French is a plus.
Please ensure you are familiar with the CMA CGM Corporate Internal Mobility guidelines
Location: Provence-Alpes-Côte d'Azur, FR
Posted Date: 11/25/2024
Contact Information
Contact | Human Resources CMA CGM |
---|