Cloud Security Engineer

Company Description

Natixis in Portugal is fully integrated in the global organization of Natixis, a French multinational financial services firm specialized in Asset & Wealth Management, Corporate & Investment Banking, Insurance and Payments. A subsidiary of Groupe BPCE, Natixis counts nearly 16.000 employees across 38 countries.

Based in Porto, Natixis Centre of Expertise mission is to transform traditional banking by developing innovative solutions for the bank’s business, operations and work culture worldwide, as a key driver of the company’s culture of agility and innovation. Teams of IT and Banking Support Activities work in an integrated, inclusive and transversal way, supporting all the business lines and country platforms.

Natixis in Portugal is the best combination of a “start-up mindset” with a large, solid structure. Its unique culture gives true meaning to a “beyond banking” personality: to be a real entrepreneur, self-challenging, ever striving to excel and go that extra mile.

Job Description

We are looking for a Cloud Security Engineer (local contract) to join one of our teams in our BPCE - IT business unit in Porto.
 

As a Cloud Security Engineer, you will be a member of the Cloud, Application and Data Protection security team - a team operating at the heart of the IT Security in the bank.

You will be part of a multidisciplinary team distributed between Porto and France that works on all topics related to application, cloud and architecture security. You will be assisting the team in their areas of operation, performing tasks such as:

- Designing and implementing Cloud security recommendations, both from a project architecture and control implementation point of view;

- Ensure compliance with the Cloud security rules of the BPCE group;

- Assisting CAD security team in performing studies on the security of Cloud services for all the 3 major providers (Google, AWS, Azure);

- Validating and reviewing architecture security for critical Cloud business projects;

- Creating security workflows for deployment and auditing of cloud security;

- Support business lines in understanding issues related with the protection of their sensitive data.

Whether you are a seasoned SRE engineer with experience in maintaining Cloud services up and running, or a security architect familiar with cloud technologies, if you are looking to further your experience on Cloud Security, then here’s your chance!

Qualifications

Main Requirements:

• 3 years experience in similar roles;

• Solid knowledge in AWS Cloud technologies, including:

       - Securing PaaS AWS services (Bucket S3, Lambda, CloudFront, Service Control Policy, KMS);

       - Design a secure AWS architecture;

       - Security of AWS networks (VPC, VPC endpoints);

       - Security of container services (EKS);

• Experience in scripting and automation (IaC, Terraform, Python, Jenkins, CI/CD pipeline);

• Nice to have: AWS Solution Architect Associate and/or AWS Certified Security Specialty certifications;

• Nice to have: experience and/or contact with other cloud providers (GCP and/or Azure).

Other Requirements:

• English level B2 

• The candidate must have a real interest in all areas of security & automation;

• Capable of summarizing findings and presenting them to management;

• Capable of collaborating with diverse teams & integrating diverse areas of knowledge;

• Autonomous and innovative;

• Good communication skills.

Additional Information

Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. After grabbing a cup of coffee and fresh fruit, pick up your laptop and choose your spot for the day. It's going to be a busy one: French class before lunch and, just after, quick medical appointment at Natixis doctor's office.
 
Lunch break. Outside in the big terrace (look at your crops at the Urban Garden; ready to harvest!) or, if you feel like stretching your legs, walk downtown to grab lunch.
 
Back inside. Quick sprint review (working together anywhere means virtual happy birthday to that colleague in Paris that just turned 35). The afternoon went flying (tasks, reports, calls, some jokes with your teammates). End it on a high note: just one PlayStation game or the final match for that ping-pong tournament.
 
Tomorrow, you complete that certified technical training and the day after, you will work from home, taking advantage to finally do that online course on Udemy. Once you are done with your tasks for the day, you can visit the office for a board games session or show up at the rehearsal of one of Natixis bands. If that is too steady for you, meet your colleagues to surf some waves or join them in a football match.