Security Architect – Kubernetes Expert

Company Description

Natixis in Portugal is fully integrated in the global organization of Natixis, a French multinational financial services firm specialized in Asset & Wealth Management, Corporate & Investment Banking, Insurance and Payments. A subsidiary of Groupe BPCE, Natixis counts nearly 16.000 employees across 38 countries.

Based in Porto, Natixis Centre of Expertise mission is to transform traditional banking by developing innovative solutions for the bank’s business, operations and work culture worldwide, as a key driver of the company’s culture of agility and innovation. Teams of IT and Banking Support Activities work in an integrated, inclusive and transversal way, supporting all the business lines and country platforms.

Natixis in Portugal is the best combination of a “start-up mindset” with a large, solid structure. Its unique culture gives true meaning to a “beyond banking” personality: to be a real entrepreneur, self-challenging, ever striving to excel and go that extra mile.

Job Description

Founded in 2015, BPCE Infogérance & Technologies BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures, End-User Environment, Security and Production. Improving the quality of service for all Groupe BPCE employees and clients, strengthening IT security, in particular Cybersecurity controls and risks, and improving user experience, while contributing to the business growth in a competitive environment are the priorities at the heart of its strategy. Learn more in this 2-minute video! 

The activities performed in Natixis in Portugal consist of an accelerator of BPCE Infogérance & Technologies strategic ambitions, fully integrated in the global organization model. Driven by growth, expertise, transformation and agility, this project embraces an international mindset and a diverse skill set. You’ll find yourself in a dynamic and enriching workplace or, as we like to name it, a real tech playground, where you’ll be able to explore a huge tech stack.    ​ 

Team Presentation and Main Goal: 

Cloud Security team has like main mission is to ensure the security of BPCE resources and projects in BPCE Regulated Public Cloud (Amazon AWS, Microsoft Azure and Google GCP). It also provides security for containers on-premise & Cloud. 

  To ensure this security, the team’s activity is structured around three mains axes: 

  1- Design axis - With the main objective "Security by Design"   

The team has in charge to ensures that all public cloud services and architectures are compliant with BPCE IT Security Golden Rules. The team Operate the Security analisys for each Services and identify how the services must be configured et how the architecture must be designed to be Secure with the appropriate controls .   

2- DevSecOps axe - With as main objective "Secure Build and Control" 

  The team has in charge of implementing automated security controls in CI/CD pipeline using “Sentinel Hashicorp” solution for the. This controls ensure that all infrastructures built by code are compliant with BPCE IT Security Golden rules before there creation in the cloud. 

 3- Monitoring and supervision of security axe   - With the main objective "Cloud & Container Resources under control" 

  The team has in charge of implementing automated security controls via CSPM & CWPP solutions and via cloud native provider tools to ensures a real time detection of non-compliance services and resources running in the public cloud infrastructure.  

The team ensure also  for the follow-up of remediation all non-compliant resources detected with the owners of the resources. 

Role Explanation:

As a Security Architect, you will be a member of the Cloud, Application and Data Protection security team - a team operating at the heart of the IT Security in the bank.

You will be part of a multidisciplinary team distributed between Porto and France that works on all topics related to application, cloud and architecture security. You will be assisting the team in their areas of operation, performing tasks such as:

• Designing and implementing Container security recommendations, both from a project architecture and control implementation point of view
• Ensure compliance with the Container security rules of the BPCE group
• Assisting Infrastructure and Security teams to define and implement safe container standards in the bank (image security & automation, kubernetes secure architecture on-premise and cloud, cluster controls, …)
• Validating and reviewing architecture security for critical Cloud and Container business projects
• Creating security workflows and controls for deployment and auditing of containers
• Assist business lines in evaluating and understanding container security problems and their respective mitigations

We are looking for someone enthusiastic about security, and with good knowledge Container best practices to join our team. In this role, you will have the chance to work with a wide array of technologies, and develop your expertise on both container and cloud topics while working alongside seasoned security professionals.

Whether you are a seasoned SRE engineer with experience in maintaining clusters up and running, or a security architect familiar with container technologies, if you are looking to further your experience on Cloud and Container Security, then here’s your chance!

Qualifications

Technical Competences:

• Experience in Kubernetes or Openshift configuration or management
• Knowledge of Openshift and/or Kubernetes networking and architecture
• Nice to have: basic experience in container or Kubernetes Cloud services (any of GCP, AWS, or Azure)
• Nice to have: experience in development and/or scripting (Python or others), and/or integrating containers in CI/CD tools is a plus
• Minimum 3 years experience in similar roles

Other competences:

• Very good level of English
• The candidate must have a real interest in security
• Capable of summarizing findings and presenting them to management
• Capable of collaborating with diverse teams & integrating diverse areas of knowledge
• Autonomous and innovative
• Good communication skills

Additional Information

#MuchMoreThanJustAJob

Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. After grabbing a cup of coffee and fresh fruit, pick up your laptop and choose your spot for the day. It's going to be a busy one: French class before lunch and, just after, quick medical appointment at Natixis doctor's office.

Lunch break. Outside in the big terrace (look at your crops at the Urban Garden; ready to harvest!) or, if you feel like stretching your legs, walk downtown to grab lunch.

Back inside. Quick sprint review (working together anywhere means virtual happy birthday to that colleague in Paris that just turned 35). The afternoon went flying (tasks, reports, calls, some jokes with your teammates). End it on a high note: just one PlayStation game or the final match for that ping-pong tournament.

Tomorrow, you complete that certified technical training and the day after, you will work from home, taking advantage to finally do that online course on Udemy. Once you are done with your tasks for the day, you can visit the office for a board games session or show up at the rehearsal of one of Natixis bands. If that is too steady for you, meet your colleagues to surf some waves or join them in a football match.