A-TRM Controller

Social network you want to login/join with:

Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations, and work culture of Groupe BPCE worldwide.

Natixis in Portugal is part of the Global Financial Services division, where it applies technology for the development of financial expertise in its two global business lines – Corporate & Investment Banking and Asset & Wealth Management – and, transversally, for the entities of Groupe BPCE.

The Centre of Expertise, based in Porto, currently has more than 2,400 employees from over 30 nationalities, organized in three main departments: Information Technology, Banking Support Activities, and Compliance. These teams work in an integrated, inclusive, and transversal way, supporting and creating value for all the business lines and platforms of the group. The project in Porto is one of the biggest investments in Human Resources ever made by Groupe BPCE worldwide.

A disruptive mindset and a culture of proximity and agility identify the Natixis in Portugal Team and reflect the company's mission to transform traditional banking at a global scale: a perfect match in the Portuguese dynamics and entrepreneurial ecosystem.

In 2024, Top Employers Institute has awarded Natixis in Portugal the Top Employer Portugal accreditation for the second time. This certification recognizes excellence in people practices, following the example of our head office in France, which was certified Top Employer France for the eighth year in a row.

Team presentation and main goal:

The Compliance area ensures that business follows external as well as internal rules and policies, including internal controls, to protect business activities and employees from non-compliance risks.

At Natixis Portugal, Compliance provides specialized services for worldwide GFS and Groupe BPCE.

With growing security threats and increasing regulatory complexity, our information security and risk practices continue to expand. As part of our technology risks management framework, the ATRM will help the CTRM to mature the strategic direction and risk control frameworks of the business.

The role will work in close liaison with the CTRM to ensure that appropriate risk management policies exist and are implemented to safeguard business activities. The role will report directly to the Natixis in Portugal C-TRM (CISO) under the Manager of Compliance Local Activities.

The ATRM is an independent control function from the Technology operational units. He/she is involved in monitoring and controlling adherence to the Technology risk management framework and works closely with the CTRM to:

• Support the establishment and communication of GFS’s governance, risk, and control strategies, frameworks, and policies;
• Identify, manage, measure, and monitor technology risks related to business impacts, threats, and vulnerabilities;
• Determine the criticality of technology assets in coordination with the first line of defense (LoD1);
• Provide oversight and independent challenge to the first line through objective assessments;
• Identify, assess, and communicate relevant regulatory changes;
• Ensure activities comply with applicable laws and regulations;
• Support monitoring and reporting on compliance with Natixis Technology Risk Appetite and policies;
• Escalate technology risk issues promptly;
• Provide training, tools, and advice to support the first line in fulfilling its responsibilities;
• Promote a strong risk management culture and awareness.

• Graduation in Engineering, Management, or Finance
• 1-3 years of experience in:
• Technology Risk Management
• Information Security Management
• Governance and technical aspects of data classification, data protection, cybersecurity, access management, SIEM, and incident management
• Outsourcing project management
• Establishing risk-based security policies
• Fluency in English is mandatory; knowledge of French is a plus.
• Good knowledge of Banking Regulations and/or corporate and banking business
• Sense of ownership and responsibility
• Ability to challenge the status quo and advocate a risk-based controls approach
• Creativity, initiative, and result-driven orientation
• Ability to deal with senior management
• Certifications: ISO 27001, ISO 27005 (preferred)

We will only consider English CVs.

At Natixis, we are committed to fostering a respectful and inclusive working environment where diversity is valued and every voice is heard. Our Diversity, Equity & Inclusion policy includes a Blind CV Screening process to reduce hiring bias. Applicants are encouraged to submit a blind CV, excluding personal details such as picture, name, gender, age, nationality, ethnicity, and address. We focus on your personal statement, work experience, courses, certifications, education, skills, and contact information.

#MuchMoreThanJustAJob

Start your day in Porto’s vibrant neighborhood, join team meetings, language classes, talent discussions, and enjoy cultural activities and outdoor experiences with colleagues. Embrace a dynamic work-life balance and be part of a diverse, innovative team committed to transformation and excellence.