Container Security Engineer

Porto, Portugal

Natixis in Portugal

Global Financial Services is the global arm of Groupe BPCE. It comprises two businesses – Asset & Wealth Management and Corporate & Investment Banking – that support their clients in facing today’s major environmental, technological and...

View company page

Company Description

Founded in 2015, BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures, End-User Environment, Security and Production. Driven by growth, expertise, transformation and agility, this project embraces an international mindset and a diverse skill set. You’ll find yourself in a dynamic and enriching workplace or, as we like to name it, a real tech playground, where you’ll be able to explore a huge tech stack.

Job Description

As a Container Security Engineer, you will be a member of the Cloud, Application and Data Protection security team - a team operating at the heart of the IT Security in the bank.

You will be part of a multidisciplinary team distributed between Porto and France that works on all topics related to application, cloud and architecture security.

We are looking for someone enthusiastic about security, and with good knowledge of Cloud and Container best practices to join our team.

Whether you are a seasoned SRE engineer with experience in maintaining clusters up and running, or a security architect familiar with container technologies, if you are looking to further your experience on Cloud and Container Security, then here’s your chance!



You will be assisting the team in their areas of operation, performing tasks such as:

- Designing and implementing Container security recommendations, both from a project architecture and control implementation point of view

- Ensure compliance with the Container security rules of the BPCE group

- Assisting Infrastructure and Security teams to define and implement safe container standards in the bank (image security & automation, openshift & kubernetes secure architecture, …)

- Validating and reviewing architecture security for critical Cloud and Container business projects

- Creating security workflows and controls for deployment and auditing of containers

- Assist business lines in evaluating and understanding container security problems and their respective mitigations


What we’re looking for: 
Qualifications and Hard Skills:


  • Experience in Kubernetes or Openshift configuration or management
  • Solid knowledge of Openshift and/or Kubernetes networking and architecture
  • Solid knowledge in container and cluster security practices (architecture, vulnerability management, RBAC, network policies, ...)
  • Nice to have: Basic experience in container Cloud technologies (at least one of GCP, AWS, Azure)
  • Nice to have: experience in development and/or scripting (Python or others), and/or integrating containers in CI/CD tools is a plus
  • Minimum 3 years experience in similar roles


Soft Skills: 

  • Good level of English – minimum B2 level
  • French is a plus
  • On-call mandatory
  • Ability to keep up with a demanding and fast-paced environment.
  • Good communication skills
  • Strong organizational and project management skills
  • Good problem-solving skills
  • Attention to detail

Additional Information

At Natixis, we are committed to fostering a working environment where each and every one of our people is treated with dignity and respect and where every voice is heard. Our differences make us collectively stronger and are a source of fulfilment, innovation and performance.
In the framework of its Diversity, Equity & Inclusion policy, Natixis in Portugal has implemented a Blind CV Screening process, with the purpose of reducing hiring bias. A blind CV excludes any personal details which refer to the applicant’s gender, age or ethnicity. When applying for our positions, please submit a blind CV, that is, with no picture, name, gender, age, nationality, ethnicity and address. Your personal statement, work experience, courses and certifications, education, skills and contact information is what matters to us.


Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. Start your day having breakfast with the Team and grab fresh fruit on the way to your seat, in one of Porto’s most typical neighborhoods. This Purple Day is going to be a busy one: daily meeting ensuring all team members are on the same page regarding work status, priorities and blockers, language class and, just after, a Talent Management meeting with your manager, discussing your career path. 
Lunch break. Today, your Team is onboarding newcomers, but also welcoming French colleagues: the perfect excuse to walk downtown and bond over a francesinha. When returning, inhale nature and peace of mind in Natixis Urban Garden (look at the crops; ready to harvest!). 
Back inside. Brainstorming session on a new, exciting project in our disruptive and immersive Manaus Village. The afternoon went flying (tasks, meetings, some jokes with your teammates). End it on a high note: celebrating cultural diversity with a Diwali, the Indian festival of lights. 
Tomorrow, you attend a conference led by influential speakers in your industry and, the day after, you will work from home, benefitting from some focus time to complete that report and soft skills course on LinkedIn Learning. Once you are done with your work for the day, strike the right note playing with Natixis band or be part of a board games session. If that is too steady for you, meet your colleagues to catch some waves or sail the Douro river during golden hour.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits Automation AWS Azure CI/CD Cloud Compliance GCP Kubernetes Python Scripting Vulnerability management

Perks/benefits: Career development Home office stipend Startup environment

Region: Europe
Country: Portugal
Job stats:  8  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.