C-TRM (CISO)
Natixis in PortugalPortugal8 hours ago
Full-timeRemote FriendlyInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Company Description
Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations and work culture of Groupe BPCE worldwide.
As part of Groupe BPCE’s international division, Natixis in Portugal designs and delivers solutions for its two core areas — Corporate & Investment Banking and Asset & Wealth Management — as well as transversal services that support all entities across the Group.
With more than 3,000 employees representing 46 nationalities, the teams work across Information Technology, Banking Support Activities, and Compliance, in an integrated, inclusive, and cross-functional way, supporting all business lines and platforms of the Group.
A disruptive mindset and a culture of proximity and agility identify Natixis in Portugal Team and reflect the company's mission to transform traditional banking at a global scale: a perfect match in the Portuguese dynamics and entrepreneurial ecosystem.
Job Description
The Secretary General (SG) area ensures business follows external as well as internal rules and policies, and also internal controls, protecting therefore business activities and employees from non-compliance risks.
At Natixis in Portugal, SG provides specialized services worldwide for Natixis and Groupe BPCE.
With growing security threats and ever-increasing regulatory complexity, our information security and risk practices continue to expand. As part of our technology risks management framework, the C-TRM will help to ensure that appropriate risk management policies exist and are implemented to safeguard business activities at Natixis in Portugal. The role will work in close liaison with Head Office to ensure, where appropriate, that Group policies are incorporated locally.
This role sits within the Secretary General, and it will report directly to Natixis in Portugal Manager of SG Support.
Main Tasks And Goals
As a control function, the CTRM is independent from the Technology operational units. It is directly accountable to the management body and responsible for monitoring and controlling adherence to the Technology Risk Management (TRM) framework.
The CTRM Will
Qualifications
Our workplace reflects the vibrant spirit of our locations, with initiatives such as a Green Transportation Budget, electric bikes and a flexible Hybrid Work Policy. We promote wellbeing through the Honolulu Wellness Club, a Prayer Room, a Lactation Room, and themed Villages that inspire creativity and collaboration. Through our ESG and DEI strategies, we are commit to being inclusive, caring, and fair, ensuring every voice is heard and valued.
Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations and work culture of Groupe BPCE worldwide.
As part of Groupe BPCE’s international division, Natixis in Portugal designs and delivers solutions for its two core areas — Corporate & Investment Banking and Asset & Wealth Management — as well as transversal services that support all entities across the Group.
With more than 3,000 employees representing 46 nationalities, the teams work across Information Technology, Banking Support Activities, and Compliance, in an integrated, inclusive, and cross-functional way, supporting all business lines and platforms of the Group.
A disruptive mindset and a culture of proximity and agility identify Natixis in Portugal Team and reflect the company's mission to transform traditional banking at a global scale: a perfect match in the Portuguese dynamics and entrepreneurial ecosystem.
Job Description
The Secretary General (SG) area ensures business follows external as well as internal rules and policies, and also internal controls, protecting therefore business activities and employees from non-compliance risks.
At Natixis in Portugal, SG provides specialized services worldwide for Natixis and Groupe BPCE.
With growing security threats and ever-increasing regulatory complexity, our information security and risk practices continue to expand. As part of our technology risks management framework, the C-TRM will help to ensure that appropriate risk management policies exist and are implemented to safeguard business activities at Natixis in Portugal. The role will work in close liaison with Head Office to ensure, where appropriate, that Group policies are incorporated locally.
This role sits within the Secretary General, and it will report directly to Natixis in Portugal Manager of SG Support.
Main Tasks And Goals
As a control function, the CTRM is independent from the Technology operational units. It is directly accountable to the management body and responsible for monitoring and controlling adherence to the Technology Risk Management (TRM) framework.
The CTRM Will
- Establish and communicate Natixis’ governance, risk and control strategies, frameworks and policies;
- Identify, manage, measure and monitor technology risks with regards to business impacts, threats and weaknesses;
- Determine the criticality of the technology assets in coordination with the first line of defence;
- Provide oversight and independent challenge to the first line through an effective, objective assessment that is evidenced and documented where material;
- Identify, assess and communicate relevant regulatory changes;
- Ensure activities are compliant with applicable laws and regulations;
- Monitor and report on compliance with the Natixis Technology Risk Appetite and policies;
- Escalate technology risk issues in a timely manner;
- Provide training, tools, and advice to support the first line in carrying out its accountabilities;
Qualifications
- Graduation in Engineering, Management or Finance;
- Technology Risk Management;
- Information Security Management;
- Governance and technical aspects of data classification, data protection, cyber security, access management, SIEM and incident management;
- Outsourcing project management;
- Establishing risk-based security policies;
- Fluent in English.
- French is a plus;
- Sense of ownership and responsibility;
- Ability to challenge status quo and advocate a risk-based approach of controls;
- Creativity, initiative and result-driven orientation;
- Ability to deal with senior management.
Our workplace reflects the vibrant spirit of our locations, with initiatives such as a Green Transportation Budget, electric bikes and a flexible Hybrid Work Policy. We promote wellbeing through the Honolulu Wellness Club, a Prayer Room, a Lactation Room, and themed Villages that inspire creativity and collaboration. Through our ESG and DEI strategies, we are commit to being inclusive, caring, and fair, ensuring every voice is heard and valued.
Key Skills
Ranked by relevanceReady to apply?
Join Natixis in Portugal and take your career to the next level!
Application takes less than 5 minutes