SOC Manager

Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents. With its subsidiary CEVA Logistics, a world leader in logistics, and its air freight division CMA CGM AIR CARGO, the CMA CGM Group is continually innovating to offer its customers a complete and increasingly efficient range of new shipping, land, air and logistics solutions.

Committed to the energy transition in shipping, and a pioneer in the use of alternative fuels, the CMA CGM Group has set a target to become Net Zero Carbon by 2050.

Through the CMA CGM Foundation, the Group acts in humanitarian crises that require an emergency response by mobilizing the Group's shipping and logistics expertise to bring humanitarian supplies around the world.

Present in 160 countries through its network of more than 400 offices and 750 warehouses, the Group employs more than 155,000 people worldwide, including 4,000 in Marseilles where its head office is located.

YOUR ROLE

SOC Strategy and Processes:

• Lead and advise on SOC strategy, processes and products roadmap while ensuring the alignment of the SOC Mission and Vision to the business ecosystem and its continuous evolution.
• Advise on SOC build and continuous improvement with reliance on industry best practices.
• Establish the appropriate interfaces, processes and workflows with incident response, vulnerability management, and threat intelligence functions.
• Lead automation strategy and SOC enablement with tech and AI capabilities where beneficial.
• Lead and advise on use cases strategy in relevance with the industry's threat landscape and actors.
• Advise on onboarding and offboarding strategy for company critical assets and infrastructure.

Oversee SOC Operations:

• Manage the day-to-day operations of the Security Operations Center (SOC), ensuring the team effectively monitors, detects, and responds to security incidents.
• Supervise and guide SOC Leads and their respective teams, ensuring smooth operations with clear accountability and responsibilities.
• Advise on log management framework and efficiency in sources selection.
• Lead the build of a robust triage strategy of alerts, and appropriate qualification through incidents.
• Ensure high quality of SOC services in a timely manner.

Team Leadership and Development:

• Provide leadership, mentorship, and performance management for SOC personnel, fostering professional growth and skills development.

Strategic Alignment and Policy Implementation:

• Develop and enforce SOC policies, procedures, and standard operating guidelines to ensure consistent, high-quality security operations.

Quality, Reporting and Metrics:

• Lead, develop and trace efficient metrics for SOC reporting, quality of service and SOC SLAs.
• Regularly consolidate and present performance metrics, security incident reports, and operational summaries to the Head of Cyber Defense Center and other senior leaders.
• Ensure customer satisfaction through regular surveys and exchanges.

Technology and Process Optimization:

• Drive the implementation of new technologies and security tools in the SOC, ensuring the environment is up-to-date, evolvable and scalable.
• Oversee continuous process improvements to increase operational efficiency, reduce response times, and improve detection capabilities.

Budget and Resource Management:

• Manage the SOC's budget, ensuring optimal use of resources while aligning with business priorities and security needs.
• Ensure the SOC has the necessary tools, technologies, and personnel to meet operational demands.

WHO ARE WE LOOKING FOR?

• Several years of management experience in SOC, CERT, or equivalent security leadership roles.
• Proven experience in SOC operations across various functions and roles.
• Proven track record in managing security operations, responding to cyber incidents, and overseeing cross-functional security teams.
• Proven awareness and adaptability to governance and compliance requirements with exposure to regulatory framework and regulatory requirements.
• Good understanding of incident management lifecycle.
• Experience managing cyber defence strategies and coordinating efforts across the organization.
• Experience in converged IT/OT environments is a plus.

Educational Background:

• Hold a degree in cybersecurity, or a related discipline with a focus on security management, risk assessment, and operational excellence.

Professional Certifications:

• GIAC SOC, IR and Threat Hunting related certifications are a plus.
• GIAC Leadership certifications or equivalent.
• CISSP (Certified Information Systems Security Professional) or equivalent.
• CISM (Certified Information Security Manager) or equivalent.

Framework Knowledge:

• Deep understanding of information security frameworks and standards such as SOC CMM, ISO 27000, NIST, MITRE ATT&CK, and others.

Leadership Skills:

• Strong leadership and management skills, with the ability to oversee and motivate SOC teams and coordinate activities across global or regional security operations.
• Demonstrated ability to mentor and develop technical teams, driving improvements and ensuring adherence to security best practices.

Strategic Thinking:

• Ability to align SOC strategy with organizational goals, risk management policies, and emerging threat landscapes.
• Understanding of security architecture strategy and its integration into broader IT and operational strategies.
• Experience in building and refining SOC operational models, improving incident response procedures, and implementing process optimizations.

Communication Skills:

• Excellent communication skills, with the ability to translate technical concepts for senior leadership and non-technical stakeholders.
• Fluent in English (oral and written) with strong reporting and presentation skills.
• Full professional proficiency in French is a plus.

Technology and Tools:

• Strong technical understanding of SOC tools and technologies, such as SIEM, SOAR, endpoint detection and response, threat intelligence platforms, sandbox and forensic tools and their relevant operational processes.
• Good understanding and experience in security technologies.

Risk Management:

• Expertise in risk assessment, with the ability to evaluate and mitigate security risks while ensuring operational continuity.
• Good understanding of risk management lifecycle and activities.
• Strong decision-making skills in high-pressure, fast-evolving environments.

Please ensure you are familiar with the CMA CGM Corporate Internal Mobility guidelines.