Security Risk Officer
Social network you want to login/join with:
The Groupe BPCE DSG provides the second line of defense (Lo
D2) regarding IT risks (including cyber risk), business continuity, safety of staff and premises, and external fraud.
The Groupe BPCE DSG oversees all the entities of the Group, including retail banking (such as the French Banques Populaires and the Caisses d’Epargne) and global banking (such as the CIB or the Asset and Wealth Management).
The TRM center of expertise (CE TRM) coordinates Lo
D2 operations (risk analysis, level 2 controls, action plans, security reviews, etc. ) for all group establishments that have adopted the Technology Risks Management (TRM) model.
The DSG works in close collaboration with the Group entities (BPCE-IT, BPCE SI, IT departments of Natixis and BPCE SA, etc. ) and the Operational Risk departments.
The G-TRM team at Natixis Portugal oversees operating level 2 controls of TRM type for all entities covered by CE TRM. These controls relate to all taxonomies covered by CE-TRM and policies validated on BPCE Groupe.
As part of the G-TRM team, you will be part of the Security Design & Delivery team, working alongside our global Governance, Risk & Compliance, and Security Operations teams. Your mission is to support the TRM Center of Expertise (CE TRM) in Paris by performing Security by Design activities.
Main tasks and goals:
- Owning the security architecture deliverables within SI’s cloud Center of Excellence strategy;
- Owning the creation and development of all technical standards within the security roadmap, working with Security Operations and Leadership to deliver functional requirements;
- Providing dedicated technical expertise and knowledge to support the risk management framework;
- Driving security by design throughout the organization through stakeholder engagement;
- Assessing business requirements to select appropriate security controls;
- Mastering the internal catalog of security solutions and advising the business on requirements implementation and technical alternatives;
- Identifying new tools and technologies to achieve business goals;
- Proactively identifying vulnerabilities and designing security controls.
Gap analysis and refinement of use cases for response to relevant threats.
What we require of you:
- Strong background in the security landscape;
- Experience in senior technical and
- on security roles; - Proven track record in designing and delivering cloud security controls;
- Skills in
- benefit analysis of security tools; - Understanding of securing the software development lifecycle;
- Experience with Iaa
S/Saa
S/Cloud, specifically AWS and MS Azure; - Competence in delivering technical projects using Project Management methods.
You will collaborate closely with second line of defense teams and other IT Departments.
#J-18808-Ljbffr- Informações detalhadas sobre a oferta de emprego
Empresa: TN Portugal Localização: Porto
Porto, Porto District, PortugalPublicado: 18. 5. 2025
Vaga de emprego atual
Seja o primeiro a candidar-se à vaga de emprego oferecida!