L'offre Application Security Manager F/H a été sauvegardée.


Offre sauvegardée

Entrez votre adresse e-mail pour enregistrer ce travail

Vous enregistrez ce travail sous:

retour à la liste

Application Security Manager F/H posté par CMA CGM SA

Cette annonce expire dans 3 jours
CDI - temps plein

Description de l'offre

Led by Rodolphe Saadé, the CMA CGM Group, global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.
Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group’s shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 130,000 people worldwide, including 2,900 in Marseilles where its head office is located.


The CMA CGM Group’s incredible growth is dramatically transforming our core business, reinforcing our leading position as an innovative, bold, and customer-oriented company, enhancing more than ever the security of its global operations. 

With more than 250 team members, the Group Cybersecurity Department, covers all subsidiaries and entities of CMA CGM, with a global roadmap composed of 6 major domain streams (Maritime, Logistics, Ships, Terminals, Warehouses, and Subsidiaries). The Department currently monitors around 80 projects and provides through its 24/7 Operations continuous reliability. 

In two and a half years, our Cybersecurity team has operated major strategic changes and implemented top-level solutions to secure even further our business activities worldwide: Risk Management tools, IAM, Office 365 security, Networks, Endpoints and Cloud protection, Application Security Enhancement, Cyber Defense Center (SOC and CERT) construction. 

We look now to reinforce our teams with new skills to reach the next level of Cybersecurity and continue building a globally structured team based in Marseilles, Beirut, Manila, Montreal, Miami, and more…

As a key focus for the Group, our Top Management fully sponsors this Global Cybersecurity Program, through strategic investments in the best market technologies and an ambitious recruitment campaign in 2022, providing assets, skills, and top-level resilience to face the world’s global challenges ahead.

For this, the Application Security Manager is the global lead and SME for application security within CMA CGM Group and will take care of implementing secure coding practices, security testing and mitigation, developers training.

The manager will be responsible for a team of application security professionals and penetration testers (offensive security).


  • Manage a team of Application Security Expert team and Offensive Security team
  • Schedule testing base on Business needs (On Prem, SaaS, Cloud)
  • Manage Tools and framework used
  • Follow OWASP methodology and Offensive Security framework
  • Work closely with Cyber Defense Center
  • Implement SSDLC (Secure Software Development Life Cycle) practice across CMA CGM globally
  • Research and protect against typical threats, exploits
  • Develop and execute training session for CMA CGM’s development units to increase knowledge and awareness around SSDLC
  • Overall responsibility over application and end to end security testing
  • Act as a subject matter expert for secure coding practices, security around new software products (both internally developed and off the shelf solutions implemented in CMA CGM)
  • Manage set of tools (Aquasec, AppScan, Fortify) to support automation of application security as part of the development lifecycle, including: testing tools, code review technologies, (application) vulnerability management etc.
  • Analyze external providers penetration test reports
  • Provide recommendations / Mitigations to remediate or mitigate vulnerabilities
  • Coordinate with various IT and business teams to prepare and organize penetration tests



  • Bachelor or Master degree in Computer Science, Information Technology or relevant degree
  • OSCP/OSWE/OSCE/GPEN/GXPN or any other relevant certification

Knowledge & Experience:  

  • Experience of managing an operation team
  • Excellent knowledge of Owasp Top10, CWE…
  • Excellent understanding of micro-services architectures & APIs
  • Knowledge and proven experience with modern containerized infrastructures (Kubernetes)
  • Use of various tools such as Burp Suite, Zap, Kali distribution…


  • Highly self motivated and directed, with keen attention to detail
  • Planning, organization and coordination skills
  • Ability to properly manage time and priorities
  • Leadership, team spirit, creativity, rigor and quality
  • Customer-oriented approach
  • Fluent in French and English

Numéro de référence


Offres similaires

Recevoir des offres similaires

Merci Vous allez recevoir des offres à l'adresse email