Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations and work culture of Groupe BPCE worldwide. 
As part of Groupe BPCE’s international division, Natixis in Portugal designs and delivers solutions for its two core areas — Corporate & Investment Banking and Asset & Wealth Management — as well as transversal services that support all entities across the Group. 
With more than 3,000 employees representing 46 nationalities, the teams work across Information Technology, Banking Support Activities, and Compliance, in an integrated, inclusive, and cross-functional way, supporting all business lines and platforms of the Group.  
A disruptive mindset and a culture of proximity and agility identify Natixis in Portugal Team and reflect the company's mission to transform traditional banking at a global scale: a perfect match in the Portuguese dynamics and entrepreneurial ecosystem.

We are looking for a SOC Analyst L2 (local contract) to join our BPCE IT business Unit.
Integrated within the Security Operation Center (SOC) BPCE-IT, the Blue Team is the first line of defence, responsible for defending the
enterprise's use of information systems by maintaining its security posture against attackers.
The main activities are the ones below:
• Detection, categorization and investigation of infrastructure, applications and security incidents
• Vulnerability management on critical vulnerabilities (handling, categorization and follow-up)
• Leading incident response plans
• Follow-up of remediation plans
• Implementation of detection scenarios and treatment of associated alerts
The L2 SOC Analyst is responsible for monitoring and analyzing the organization’s networks and systems on a daily basis to detect, identify,
investigate, and mitigate potential threats. They must be able to identify anomalous behavior, recognize patterns of malicious activity, and
take appropriate corrective action.
In addition to their daily duties, the L2 SOC Analyst will provide recommendations for improving security posture and assist with incident
response plans, policies, and procedures. Some additional responsibilities may include recommending tools or solutions, participating in
audit activities, providing reporting on security events/incidents and collaborating with other teams across the organization.
Main Tasks and Responsabilities:
The candidate will have 3 main missions:
1) Analysis:
• Participation in improving correlation and l
Conduct investigations and research including statistics
• Interpret or perform first level (Sandbox or manual) minimum scans on malicious codes
• Improve our Threat Intelligence activity
• Perform Threat-hunting
2) Handling incidents:
• Creating, and managing service requests via our ticketing tools (ServiceSnow / SecOps / TheHive)
• Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities
use, tactics, technics), the scope and the perimeter of compromise, the action of remediation and the lessons learned for different
types of security incidents
• Perform Retro-Hunting
3) Training:
• Knowledge transferring in-house and writing documentation
Apart from these activities the candidate will have to maintain and develop his expertise:
• in techniques and tools of digital investigation
• methods and tools for analysis (monitoring, training, international conferences, etc.)

Main requirements:
The candidate must have a minimum of 4 years experiences as a SOC analyst.
The candidate must be operational on the security tools used in the BPCE IS and master the architectures in place.
Solid knowledge in most of the following technical areas is required, keeping in mind that no one is an expert in every topic.
The ideal candidate should have advanced problem-solving skills and a background in cybersecurity engineering.
1) SIEM/SOAR
• Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).
• Good experience of Splunk and Regex search syntax.
• Good experience of theHive
3) SYSTEM/NETWORK
• Good knowledge of network and system architectures
• Knowledge of the operation of intrusion detection probes and event log correlation tools
4) SECURITY:
• Good knowledge of Mitre Attack framework and counter measures link to the technics and tactics
• Good knowledge of Information monitoring and analysis tools and methods.
• Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall,
etc.)
• Have a good knowledge on one or more of the following topics:
• Web application vulnerabilities
• Malware types (rootkit, ransomware, botnet, etc.)
• Obfuscation and persistence technics (cryptography, packing, etc.).
• Digital investigation/analysis tools
SandBox behavioral 

Other requirements:
Good level of English – minimum B2 level;
• Good level of French - minimum B1 level;
• Ability to keep up with a demanding and fast-paced environment;
• Good communication skills;
• Good priority definition skills;
• Know how on implementing pedagogy methods;
• Ability to work in a team

Our workplace reflects the vibrant spirit of our locations, with initiatives such as a Green Transportation Budget, electric bikes and a flexible Hybrid Work Policy. We promote wellbeing through the Honolulu Wellness Club, a Prayer Room, a Lactation Room, and themed Villages that inspire creativity and collaboration. Through our ESG and DEI strategies, we are commit to being inclusive, caring, and fair, ensuring every voice is heard and valued.