Junior Security Risk Officer (French Speaker) | SG

The Groupe BPCE DSG provides the second line of defense (LoD2) regarding IT risks (including cyber risk) business continuity safety of staff and premises and external fraud.
The Groupe BPCE DSG oversights all the entities of the Group.
The TRM center of expertise (CE TRM) coordinates LoD2 operations (risk analysis level 2 controls action plans security reviews etc.) for all group establishments that have adopted the Technology Risks Management (TRM) model.
The DSG works in close collaboration with the entities of the Group (BPCE-IT BPCE SI IT departments of Natixis and BPCE SA etc.) and the Operational Risk departments.
The G-TRM team at Natixis Portugal oversees operating level 2 controls of TRM type for all the entities covered by CE TRM. These L2 controls are related to all taxonomies covered by CE-TRM and policies validated on BPCE Groupe.

Key tasks and objectives:
Take responsibility for carrying out LoD2 control operations. 
Follow up on remediations in case of non-compliance. 
Identify potential improvements and share them with CE TRM.
Gap analysis and refinement of use cases for relevant threat response.
Ensure continuous improvement of level 2 permanent controls level
Develop and maintain the technology risk management framework policies and procedures.
Develop and maintain comprehensive reports on level 2 permanent controls compliance level.
Communicate effectively with stakeholders to report on the status of level 2 permanent controls.
 
What we require of you
Strong background across the wide security landscape
Analysis skills to assess security tools to improve BPCE security by design framework
Evidence of a strong understanding of securing a software development life cycle
Significant experience in a role with all IaaS / SaaS / Cloud; specifically AWS and MS Azure
You will be in close cooperation with all the players in the second line of defense teams (Information system Security Legal Business Continuity Data Privacy) and other IT Departments

Qualifications :

We would expect you to have:
Degree in one of these areas: Cybersecurity; IT Engineer; Managing IT Systems
Fluency in English and Good level of French (Mandatory);
Advanced Knowledge of Drive (Archer); MS Excel; PowerBI; Splunk.
Certification of other security or IS audit standard (preferred)
a good knowledge of information systems and technologies.
a critical and result-oriented mindset.
been able to demonstrate your autonomy and proactiveness.
knowledge of the banking and insurance sectors.
Experience with Power BI and Excel.
Knowledge of regulatory requirements and industry standards related to technology risk management such as ISO27001.
Results oriented.
Comfortable communicating with various stakeholders and senior management.

Additional Information :

Our workplace reflects the vibrant spirit of our locations with initiatives such as a Green Transportation Budget electric bikes and a flexible Hybrid Work Policy. We promote wellbeing through the Honolulu Wellness Club a Prayer Room a Lactation Room and themed Villages that inspire creativity and collaboration. Through our ESG and DEI strategies we are commit to being inclusive caring and fair ensuring every voice is heard and valued.

Remote Work :

No

Employment Type :

Full-time