JOB DETAILS

Junior Security Risk Officer | BPCE-IT

CompanyNatixis in Portugal
LocationPorto
Work ModeOn Site
PostedApril 6, 2026
About The Company
Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations and work culture of Groupe BPCE worldwide. Natixis in Portugal is part of the Global Financial Services division, where it applies technology for the development of financial expertise in its two global business lines – Corporate & Investment Banking and Asset & Wealth Management – and, transversally, for the entities of Groupe BPCE. The Centre of Expertise, currently has more than 3,000 employees from over 46 nationalities, organised in three main departments: Information Technology, Banking Support Activities and Compliance. These teams work in an integrated, inclusive and transversal way, supporting and creating value for all the business lines and platforms of the group. For recruitment: talent.porto@natixis.com For other questions: communication.porto@natixis.com ___ O projeto Atlas consubstancia a criação de uma nova unidade da Natixis a instalar na Região Metropolitana do Porto, com o objetivo de prestar serviços de tecnologia de informação (TI) para os segmentos da Natixis de Retail, Corporate and Investment Banking, Central Functions e Infrastructure & Security. Para além disso, o Centro Tecnológico visa impulsionar os processos de inovação do Grupo, pelo desenvolvimento de projetos de I&D para desenvolvimento de novas soluções para o setor financeiro. O centro tecnológico idealizado para Portugal será estruturado como uma extensão de todas as atividades de TI do Grupo e dos diversos segmentos de negócio (Retail, Corporate and Investment Bank e Central Function). O projeto ATLAS teve o seu início em março de 2017 com o arranque da sua operação no Porto e contratação de primeiros recursos humanos altamente qualificados. As novas instalações foram formalmente inauguradas a 07/03/2018. https://natixis.groupebpce.com/wp-content/uploads/2022/08/natixis_ficha_de_projeto.pdf
About the Role

Company Description

Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations and work culture of Groupe BPCE worldwide. 
As part of Groupe BPCE’s international division, Natixis in Portugal designs and delivers solutions for its two core areas — Corporate & Investment Banking and Asset & Wealth Management — as well as transversal services that support all entities across the Group. 
With more than 3,000 employees representing 46 nationalities, the teams work across Information Technology, Banking Support Activities, and Compliance, in an integrated, inclusive, and cross-functional way, supporting all business lines and platforms of the Group.  
A disruptive mindset and a culture of proximity and agility identify Natixis in Portugal Team and reflect the company's mission to transform traditional banking at a global scale: a perfect match in the Portuguese dynamics and entrepreneurial ecosystem.

Job Description

Main Tasks & Responsibilities:

Communicate corporate governance, risk management, control strategies, frameworks, and policies.
Communicate effectively with stakeholders, including senior management, to report on the status of technological risks, potential vulnerabilities, and the effectiveness of risk mitigation measures.
Report on enterprise-wide technology risks to senior management.
Provide independent oversight and challenge of IT team choices.
Provide training tools and advice to your perimeters and promote a strong risk management culture.
Ensure that activities comply with applicable laws and regulations.
Identify potential technological risks that could impact the bank's operations, including cybersecurity threats, data breaches, system failures, and other IT-related risks.
Assess the potential impact and likelihood of technological risks and work to quantify and prioritize these risks based on their severity and potential impact on the bank's operations.
Continuously monitor and analyze the bank's technology infrastructure and systems to identify any emerging risks or vulnerabilities that could pose a threat to the bank's operations and data security.
Ensure that the bank's technology systems and operations comply with relevant regulatory requirements and industry standards, such as data protection regulations and cybersecurity best practices.
•Develop and implement risk mitigation strategies and controls to address identified technological risks, including collaborating with IT teams to implement security measures and controls.
Contribute to the development and implementation of technology risk management policies and procedures to ensure the bank's technology infrastructure is secure and resilient.

 

Specific Responsibilities:
Deploy new level 1 permanent controls
Validate and supervise the execution of level 1 permanent controls level
Ensure continuous improvement of level 1 permanent controls level
Develop and maintain the technology risk management framework, policies, and procedures.
Develop and maintain comprehensive reports on level 1 permanent controls compliance level.
Communicate effectively with stakeholders, including senior management, to report on the status of level 1 permanent controls.
Provide training, tools, and advice to staff members to promote a strong risk management culture and awareness of technology risks.

Qualifications

Bachelor's degree in Computer Science, Information Technology, or related field
Proven experience in technology risk management within the banking or financial services industry.
Strong understanding of technology infrastructure, security principles, and risk assessment methodologies.
Knowledge of regulatory requirements and industry standards related to technology risk management such as ISO27001 and NIST.
Experience with Power BI and Excel.
Knowledge of COBIT and ITIL framework is a plus.
Relevant certifications such as ISO27001, ISO27005, CISSP, CISM, or CRISC are a plus.
English level minimum B2
Excellent analytical, problem-solving, and communication skills.
Creative and proactive.
Results oriented.
Comfortable communicating with various stakeholders and senior management.
Project management skills is a plus.

If you are a proactive and results-oriented IT professional, we encourage you to apply for this exciting opportunity.

Additional Information

Our workplace reflects the vibrant spirit of our locations, with initiatives such as a Green Transportation Budget, electric bikes and a flexible Hybrid Work Policy. We promote wellbeing through the Honolulu Wellness Club, a Prayer Room, a Lactation Room, and themed Villages that inspire creativity and collaboration. Through our ESG and DEI strategies, we are commit to being inclusive, caring, and fair, ensuring every voice is heard and valued.

Key Skills
Technology risk managementRisk assessmentISO27001NISTPower BIExcelCOBITITILCybersecurityData protectionRegulatory complianceStakeholder managementAnalytical skillsProblem-solvingCommunication skillsProject management
Categories
Security & SafetyFinance & AccountingTechnologySoftware
Benefits
Green Transportation BudgetElectric bikesHybrid Work PolicyHonolulu Wellness ClubPrayer RoomLactation Room
Job Information
📋Core Responsibilities
The Junior Security Risk Officer will manage and communicate technology risk frameworks, policies, and control strategies to stakeholders. They are responsible for identifying, assessing, and monitoring technological risks while ensuring compliance with regulatory standards.
📋Job Type
full time
📊Experience Level
2-5
💼Company Size
2408
📊Visa Sponsorship
No
💼Language
English
🏢Working Hours
40 hours
Apply Now →

You'll be redirected to
the company's application page