Regional Chief Information Security Officer (EMEA)

Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

THE ROLE

The Regional Chief Information Security Officer (RCISO) for Europe (excluding the Marseille headquarters), Middle East, and Africa is a senior leadership position tasked with safeguarding information assets against breaches and cyberattacks. This role provides strategic oversight in alignment with CMA CGM Group Cybersecurity global policies and works collaboratively with the cybersecurity department to ensure effective implementation of security measures. Reporting directly to the Director of the Group CISO's Office, the RCISO operates from our Paris La Défense office, directing cybersecurity initiatives across all CMA CGM entities within the EMEA region, supported by an Operational Cybersecurity Expert (ISTO).

WHAT ARE YOU GOING TO DO?
• Represent Group Information Security interests throughout the EMEA region.
• Foster strong relationships with local business units (excluding the headquarters in Marseille) and CMA CGM Group stakeholders.
• Facilitate Information Security Awareness programs and training.
• Support the execution of Group Cybersecurity strategies through targeted projects aimed at mitigating cyber risks.
• Coordinate with Group Cybersecurity operational teams, IT Operations, and Internal Audit to address and resolve local IT and OT risks and vulnerabilities in collaboration with the ISTO.
• Ensure accountability and understanding of information security controls among stakeholders.
• Participate in internal and external cyber forums and risk committees, delivering updates on cybersecurity matters to local management.
• Drive process improvements, eliminate information security gaps, and enhance tools to lower risk exposure.
• Maintain compliance with security practices and standards to minimise audit, regulatory, and legal liabilities.
• Assist the Vice President & Group CISO in developing and implementing cybersecurity policies, standards, and initiatives.
• Collaborate with peer CISOs globally to advance a proactive Information Security program.
• Partner with regional business leaders and global CISO leadership to implement process enhancements and operational efficiencies.
• Oversee financial and workforce planning for EMEA Cybersecurity Teams in close coordination with service line directors.
• Monitor technology stack remediation efforts, including vulnerability management and lifecycle support, with guidance from the ISTO.
• Work alongside Cyber Security Operations to enhance and deploy cybersecurity technologies and use cases.
• Lead cybersecurity service processes, track performance indicators, and drive continual improvement of core services.
• Oversee the creation and maintenance of standard operating procedures.

WHO ARE WE LOOKING FOR?
• Bachelor's or master's degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Professional certifications (CISSP, CISM, ISO27001, CISA) are strongly preferred.

Knowledge & Experience
• Proven ability to manage multiple complex priorities and competing agendas, often without direct authority over delivery teams.
• Competence in interpreting and applying policies and regulations across large, complex organisations.
• Strong interpersonal skills to engage effectively with leadership at all levels and facilitate team collaboration.
• Experience interfacing with governmental institutions.
• Expertise in incident management, including post-mortem analyses.
• Knowledge in overseeing SLA governance and key indicator management.
• Track record in leading process development, implementation, and the maintenance of robust security countermeasures.
• Demonstrated leadership, communication, conflict resolution, and performance management capabilities.
• Willingness and ability to travel (~20%), including participation in team meetings, trainings, and presentations.
• Innovative mindset, capable of developing cost-effective solutions without compromising reliability.
• Excellent project management abilities and aptitude for working in dynamic, fast-paced environments.
• Experience with NIS2 initiatives/programs, regional cyber compliance, and regulations.

Additional Requirements
• Strong relationship-building skills across all levels and business units within the CMA CGM Group.
• Change management expertise is advantageous.
• Exceptional verbal, written, and presentation skills; able to communicate technical concepts to diverse audiences.
• Collaborative approach to working with internal teams, third parties, and international business units, promoting knowledge sharing.
• Highly self-motivated and detail-oriented with a customer-centric focus.
• Analytical, pragmatic, and solution-driven regarding IT and OT security challenges.
• Demonstrates leadership, creativity, rigor, and commitment to quality.
• Fluency in French and English is mandatory.

Please ensure you are familiar with the CMA CGM Corporate Internal Mobility guidelines