NorfolkRecruiter Since 2001
the smart solution for Norfolk jobs

Cyber Security Risk Analyst

Company: CMA CGM
Location: Norfolk
Posted on: September 21, 2022

Job Description:

Led by Rodolphe Saad--, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group also acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 130,000 people worldwide, including 2,900 in Marseilles where its head office is located.

Cybersecurity Risk Analyst (GRC)


Cybersecurity Risk Analyst (GRC) is responsible to facilitate the implementation of a comprehensive risk-based approach for the CMA CGM Group. This includes the steps of risk assessment, risk treatment and risk acceptance, while evolving methodology and internal processes.
Liaison with supply chain activities will be essential, in order to assess the level of security of critical suppliers, produce executive reports on the recommendations identified and establish security plans to be implemented and monitored with these suppliers.

The Cybersecurity Risk Analyst reports to the Director of Cyber Risk, under the Senior Director GRC.

As a Cybersecurity Risk Analyst, within the Group Cybersecurity team, you will be in charge of:


  • Review and sometimes develop security architectures for complex systems

    • Identify security objectives in compliance with security policies and standards

      • Knowing how to conceptualize security management solutions

        • Act as a technical expert with internal partners

          • Define technical security specifications in contract

            • Evaluate supplier contracts, improve them and insert cybersecurity clauses

              • Perform security audits and monitor compliance with procedures

                • Categorize the organization's assets

                  • Evaluate the residual risk when there is a difference between the architecture defined and that implemented

                    • Monitor and improve the risk management methodology

                      • These activities are not exhaustive and may change according to operational needs.
                        SKILLS :

                        Your profile meets the following criteria:

                        • You hold relevant industry certifications in cybersecurity, including but not limited to:

                          • Certificate of Cloud Security Knowledge (CCSK)
                          • Certified Information Systems Security Professional (CISSP)
                          • Risk Manager ISO 27005
                          • ISMS ISO 27001 Lead auditor or Lead Implementer
                          • Certified Information System Auditor (CISA)
                          • CCNA-Security
                          • Certified Cloud Security Professional (CCSP)
                          • Certified Ethical Hacker (CEH)

                          • You come from a course, ideally Engineer or equivalent, focusing on rigor and optimization
                          • You have at least 8 years of experience in a similar role, as a cybersecurity analyst or 4 years of experience in security architecture (confidentiality, authentication, identity and access, standards, policies, intrusion detection , security perimeter, etc.);
                          • You are adept at popularizing and conveying a complex message to an executive audience, including financial aspects, risks, business impacts and performance metrics;
                          • Experience in the Transport / Shipping / Logistics sector is an asset;
                          • You speak fluent English.


                            You also have the following qualities:

                            • Autonomy and proactive behavior,
                            • Written and oral communication, capacity for analysis and synthesis
                            • Ability to adapt to various situations and to adjust their behavior according to the environment and the type of speaker
                            • Team spirit, pedagogy, ability to develop skills
                            • Ability to acquire new functional skills,
                            • Ability to identify the different components of a problem with a view to their treatment
                            • Capacity for popularization and synthesis of issues and proposed solutions
                            • Ability to work in an international environment, in contact with multicultural and offshore teams,
                            • Perseverance and pedagogy, all keen to make things happen, challenge the status quo

                              CMA CGM (America) LLC is committed to equal employment opportunity for all qualified persons without regard to race, color, religion, sex, national origin, pregnancy, age, sexual orientation, marital status, gender identity, veteran status, disability, or any other legally protected classification. PI192002699

Keywords: CMA CGM, Norfolk , Cyber Security Risk Analyst, Professions , Norfolk, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Norfolk RSS job feeds