Technical Officer Governance, Risk, Compliance

  • Sep 12, 2019
Full time Tech

Job Description


Job Description



Location : Beirut

Mission Length : Permanent

Start Date : November 2019 Onwards

Job Role : Technical Officer Governance, Risk, Compliance


  1. Position Summary


The Technical Officer Governance, Risk, Compliance is responsible for the application and coordination of the Governance, Risk and Compliance program with Information Security

  1. About CMA CGM & Digital Centre

CMA CGM, headed by Rodolphe Saadé, is a leading worldwide shipping group.  Its 509 vessels call more than 420 ports in the world on 5 continents. In 2017, they carried nearly 19 million TEUs (twenty-foot equivalent units). With a presence in 160 countries and through its 755 agencies network, the Group employs 34,000 people worldwide, including 2,400 in its headquarters in Marseilles.

CMA CGM Digital Centre is part of the Digital Department which includes Digital Office, Data and Digital Factory. Digital core team is based in Marseilles with Regional Project Managers located in North & South America, Asia and Africa.

CMA CGM Digital Centre mission statement is to create a unifying digital vision and to help rethink and design products and processes for the digital age. This mission is achieved by leveraging the latest technology trends; sourcing best practices from other industries; teaming up with CMA CGM key business departments: Lines, Commercial & Agency Network, Supply Chain & Logistics, Intermodal, Operations and ships; enabling Digital Factory & IT as key partners for execution and realization of projects.


  1. Position Responsibilities


  • Reviewing and define policies, standards, methodologies, tools, and patterns.  
  • Maintain expertise on security trends through training, research and development in order to mitigate potential security exposures.
  • Responsible for compliance with applicable regulatory and legal requirements.
  • Supervise and establish risk analysis program for various Information services systems and processes.
  • Determines security requirements by evaluating business strategies and threat landscapes.
  • Conducting cybersecurity vulnerability analyses and risk assessments if needed.
  • Establishment of ongoing cybersecurity monitoring and compliance according to best practices.
  • Ensure architecture teams apply the framework consistently and in a meaningful way.
  • Assuring all solutions and products are evaluated to meet architectural designs and are aligned and optimised to deliver the business goals in a cost effective, scalable and agile way, as well as leading the business and technical engagement to drive adoption of the IT strategy.


  1. Skills & Qualifications


  • In-depth understanding of regulatory framework as well as industry security frameworks.
  • Advanced knowledge of risk assessment design and delivery.
  • Professional security management certification: ISO27001, CISSP, GIAC or CISA preferred.
  • Knowledgeable of governance, risk and compliance systems and how to design a GRC framework.
  • Bacchelor Degree in IT security (an asset)
  • At least 5 years of relevant professional experience in information technology
  • Knowledge of standards, regulations and law governing the security of information (NIST, ISO 27001, GDPR, NIS) an asset
  • Knowledge of the shipping industry and the regulations related, an asset
  • Analytical skills, pragmatic approach to IT security issues and issues
  • Planning, organization and coordination skills
  • Ability to properly manage time and priorities
  • Leadership, team spirit, creativity, rigor and quality
  • Ability to influence through expertise and negotiate with various stakeholders
  • Customer-oriented approach
  • Bilingual (French and English)