Job DescriptionThe Groupe BPCE DSG provides the second line of defense (Lo D2) regarding IT risks (including cyber risk), business continuity, safety of staff and premises and external fraud. The Groupe BPCE DSG oversights all the entities of the Group. The TRM center of expertise (CE TRM) coordinates Lo D2 operations (risk analysis, level 2 controls, action plans, security reviews, etc.) for all group establishments that have adopted the Technology Risks Management (TRM) model. The DSG works in close collaboration with the entities of the Group (BPCE-IT, BPCE SI, IT departments of Natixis and BPCE SA, etc.), and the Operational Risk departments. The G-TRM team at Natixis Portugal oversees operating level 2 controls of TRM type for all the entities covered by CE TRM. These L2 controls are related to all taxonomies covered by CE-TRM and policies validated on BPCE Groupe.Key Tasks And ObjectivesTake responsibility for carrying out Lo D2 control operations.Follow up on remediations in case of non-compliance.Identify potential improvements and share them with CE TRM.Gap analysis and refinement of use cases for relevant threat response.Ensure continuous improvement of level 2 permanent controls level.Develop and maintain the technology risk management framework, policies, and procedures.Develop and maintain comprehensive reports on level 2 permanent controls compliance municate effectively with stakeholders to report on the status of level 2 permanent controls.What We Require Of YouStrong background across the wide security landscape.Analysis skills to assess security tools to improve BPCE security by design framework.Evidence of a strong understanding of securing a software development life cycle.Significant experience in a role with all Iaa S / Saa S / Cloud; specifically AWS and MS Azure.You will be in close cooperation with all the players in the second line of defense teams (Information system Security, Legal, Business Continuity, Data Privacy) and other IT Departments.QualificationsDegree in one of these areas: Cybersecurity; IT Engineer; Managing IT Systems.Fluency in English and Good level of French (Mandatory).Advanced Knowledge of Drive (Archer); MS Excel; Power BI; Splunk.Certification Of Other Security Or IS Audit Standard (preferred).A good knowledge of information systems and technologies.A critical and result-oriented mindset.Been able to demonstrate your autonomy and proactiveness.Knowledge of the banking and insurance sectors.Experience with Power BI and Excel.Knowledge of regulatory requirements and industry standards related to technology risk management such as ISO27001.Results fortable communicating with various stakeholders and senior management.Additional InformationOur workplace reflects the vibrant spirit of our locations, with initiatives such as a Green Transportation Budget, electric bikes and a flexible Hybrid Work Policy.We promote wellbeing through the Honolulu Wellness Club, a Prayer Room, a Lactation Room.Through our ESG and DEI strategies, we are committed to being inclusive, caring, and fair, ensuring every voice is heard and valued.