Natixis is a French multinational financial services firm specialized in asset & wealth management, corporate & investment banking, insurance and payments. A subsidiary of Groupe BPCE, the second-largest banking group in France through its two retail banking networks, Banque Populaire and Caisse d’Epargne, Natixis counts nearly 16,000 employees across 38 countries.

As Natixis Innovation Hub, Natixis in Portugal mission is to transform traditional banking by developing innovative solutions for the bank’s business, operations and work culture, being a key driver of the company’s culture of agility and innovation. Teams of IT and Banking Support Activities work in an integrated, inclusive and transversal way, supporting all the business lines and country platforms.

The SQUAD team is one of the teams of the second line of defense for Information and Communication Technology risks regarding Cybersecurity, Resilience, IT Governance, IT Developments and IT Operations.

As part of the SQUAD team, your mission consists in supporting the team located in Paris by performing assessments, level 2 controls and participate in task forces or projects.

Here are some examples of tasks you could have to work on:

1.     Risk assessment:

• Assess the risk inherent to IT processes and regarding given assets
• Ensure that IT risks are properly taken into account within IT projects
• Feed the risk mapping in the global tool (ARCHER)

2.     Level 2 controls:

• Take part of the design and maintenance of the level 2 control plan;
• Operate level 2 controls on a given scope;
• Report on the control plan execution and on the compliance level of the control results

3.     Remediation plan:

• Issue requests for remediation when control results are not compliant;
• Negotiate remediation action plans and due dates with the stakeholders (first line of defense mainly)
• Follow-up the remediation action plans and raise alerts when appropriate
• Report on the progress of the remediation plan

4.     Dashboard construction:

• Collect needs with the sponsor
• Define the supply of these needs
• Build the graphical interface
• Present the work done

You will work in close cooperation with all the players in the second line of defense teams (Information system Security, Business Continuity, Data Privacy) and the IT Departments.

What it takes to be part of this team:

• You are technically familiar with IT processes, project methodologies and the main concepts in IT infrastructure (Cloud, containerization, architecture, networks, etc.),
• ­You have a good knowledge of the information system;
• You have a good knowledge of risk analysis issues and are certified in this field;
• Ideally, you are certified on other security or IS audit standard (e.g. CISA, CISM, GIAC, CISSP, ISO Lead Implementor 27001, ISO Risk Manager 27005, etc.) ;
• You like to work in a team and have good interpersonal skills;
• You have a good verbal and written communication;
• You know how to lead meetings;
• You have a good command of written and spoken English and French;
• You have a good command of risk analysis issues and are certified in this field;
• Knowledge of the banking environment and in particular of NATIXIS would be an additional asset to succeed in the position.

Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. After grabbing a cup of coffee and fresh fruit, pick up your laptop and choose your spot for the day. It's going to be a busy one: French class before lunch and, just after, quick medical appointment at Natixis doctor's office.
 
Lunch break. Outside in the big terrace (look at your crops at the Urban Garden; ready to harvest!) or, if you feel like stretching your legs, walk downtown to grab lunch.
 
Back inside. Quick sprint review (working together anywhere means virtual happy birthday to that colleague in Paris that just turned 35). The afternoon went flying (tasks, reports, calls, some jokes with your teammates). End it on a high note: just one PlayStation game or the final match for that ping-pong tournament.
 
Tomorrow, you complete that certified technical training and the day after, you will work from home, taking advantage to finally do that online course on Udemy. Once you are done with your tasks for the day, you can visit the office for a board games session or show up at the rehearsal of one of Natixis bands. If that is too steady for you, meet your colleagues to surf some waves or join them in a football match.