Natixis in Portugal is fully integrated in the global organization of Natixis, a French multinational financial services firm specialized in Asset & Wealth Management, Corporate & Investment Banking, Insurance and Payments. A subsidiary of Groupe BPCE, Natixis counts nearly 16.000 employees across 38 countries. 

Based in Porto, Natixis Centre of Expertise mission is to transform traditional banking by developing innovative solutions for the bank’s business, operations and work culture worldwide, as a key driver of the company’s culture of agility and innovation. Teams of IT and Banking Support Activities work in an integrated, inclusive and transversal way, supporting all the business lines and country platforms. 

Natixis in Portugal is the best combination of a “start-up mindset” with a large, solid structure. Its unique culture gives true meaning to a “beyond banking” personality: to be a real entrepreneur, self-challenging, ever striving to excel and go that extra mile. 

Founded in 2015, BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures, End-User Environment, Security and Production. Driven by growth, expertise, transformation and agility, this project embraces an international mindset and a diverse skill set. You’ll find yourself in a dynamic and enriching workplace or, as we like to name it, a real tech playground, where you’ll be able to explore a huge tech stack. 

We are seeking a highly skilled and experienced Technology Risk analyst to join our team and oversee the technology risk management framework for our banking operations. The ideal candidate will have a background in technology risk management within the banking or financial services industry, as well as understanding of technology infrastructure, security principles, and risk assessment methodologies. 

Main Tasks & Responsibilities: 

• Communicate corporate governance, risk management, control strategies, frameworks, and policies. 
• Communicate effectively with stakeholders, including senior management, to report on the status of technological risks, potential vulnerabilities, and the effectiveness of risk mitigation measures. 
• Report on enterprise-wide technology risks to senior management. 
• Provide independent oversight and challenge of IT team choices. 
• Provide training tools and advice to your perimeters and promote a strong risk management culture. 
• Ensure that activities comply with applicable laws and regulations. 
• Identify potential technological risks that could impact the bank's operations, including cybersecurity threats, data breaches, system failures, and other IT-related risks. 
• Assess the potential impact and likelihood of technological risks and work to quantify and prioritize these risks based on their severity and potential impact on the bank's operations. 
• Continuously monitor and analyze the bank's technology infrastructure and systems to identify any emerging risks or vulnerabilities that could pose a threat to the bank's operations and data security. 
• Ensure that the bank's technology systems and operations comply with relevant regulatory requirements and industry standards, such as data protection regulations and cybersecurity best practices. 
• Develop and implement risk mitigation strategies and controls to address identified technological risks, including collaborating with IT teams to implement security measures and controls. 
• Contribute to the development and implementation of technology risk management policies and procedures to ensure the bank's technology infrastructure is secure and resilient. 

Specific Responsibilities: 

• Develop and maintain the technology risk management framework, policies, and procedures. 
• Communicate effectively with stakeholders, including senior management, to report on the status of technological risks, potential vulnerabilities, and the effectiveness of risk mitigation measures. 
• Provide training, tools, and advice to staff members to promote a strong risk management culture and awareness of technology risks. 
• Develop and maintain comprehensive reports on technological risks, vulnerabilities, and risk mitigation measures for senior management and stakeholders. 

• Bachelor's degree in Computer Science, Information Technology, or related field 
• Proven experience in technology risk management within the banking or financial services industry. 
• Strong understanding of technology infrastructure, security principles, and risk assessment methodologies. 
• Knowledge of regulatory requirements and industry standards related to technology risk management. 
• Experience with Power BI and Excel. 
• Knowledge of Splunk is a plus. 
• Knowledge of COBIT and ITIL framework is a plus. 
• Relevant certifications such as ISO27001, ISO27005, CISSP, CISM, or CRISC are a plus. 
• English level minimum B2 
• Excellent analytical, problem-solving, and communication skills. 
• Creative and proactive. 
• Results oriented. 
• Comfortable communicating with various stakeholders and senior management. 

If you are a proactive and results-oriented IT professional, we encourage you to apply for this exciting opportunity. 

#MuchMoreThanJustAJob 

Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. After grabbing a cup of coffee and fresh fruit, pick up your laptop and choose your spot for the day. It's going to be a busy one: French class before lunch and, just after, quick medical appointment at Natixis doctor's office. 

Lunch break. Outside in the big terrace (look at your crops at the Urban Garden; ready to harvest!) or, if you feel like stretching your legs, walk downtown to grab lunch. 

Back inside. Quick sprint review (working together anywhere means virtual happy birthday to that colleague in Paris that just turned 35). The afternoon went flying (tasks, reports, calls, some jokes with your teammates). End it on a high note: just one PlayStation game or the final match for that ping-pong tournament. 

Tomorrow, you complete that certified technical training and the day after, you will work from home, taking advantage to finally do that online course on Udemy. Once you are done with your tasks for the day, you can visit the office for a board games session or show up at the rehearsal of one of Natixis bands. If that is too steady for you, meet your colleagues to surf some waves or join them in a football match.