Senior DevSecOps Engineer
Porto, Portugal
Natixis in Portugal
Global Financial Services is the global arm of Groupe BPCE. It comprises two businesses – Asset & Wealth Management and Corporate & Investment Banking – that support their clients in facing today’s major environmental, technological and...Company Description
Natixis in Portugal is fully integrated in the global organization of Natixis, a French multinational financial services firm specialized in Asset & Wealth Management, Corporate & Investment Banking, Insurance and Payments. A subsidiary of Groupe BPCE, Natixis counts nearly 16.000 employees across 38 countries.
Based in Porto, Natixis Centre of Expertise mission is to transform traditional banking by developing innovative solutions for the bank’s business, operations and work culture worldwide, as a key driver of the company’s culture of agility and innovation. Teams of IT and Banking Support Activities work in an integrated, inclusive and transversal way, supporting all the business lines and country platforms.
Natixis in Portugal is the best combination of a “start-up mindset” with a large, solid structure. Its unique culture gives true meaning to a “beyond banking” personality: to be a real entrepreneur, self-challenging, ever striving to excel and go that extra mile.
Job Description
We are looking for a DevSecOps Architect (local contract) to work within our Infrastructures & Security Business Unit.
As a part of one of these teams, you will be expected to develop technical and functional knowledge and handle support for the assigned applications, to be pro-active towards incident management and about identifying effective solutions to recurrent incidents, to continuously improve and automate procedures, to keep documentation up to date and to keep up with the dev team with regular follow-ups.
Main Tasks & Responsibilities:
Within the DIS/CAD security team of the IT Security department of Natixis Bank, the candidate will be responsible for:
Creating security workflows for deployment & auditing of application security (on-premise and in Cloud);
Collaborating with DevOps and Security teams to automate security services at all levels of the Bank (integration with CI/CD processes);
Evaluating application risk and suggesting mitigations;
Using industrial tools for dynamic and static scanning of applications;
Support business lines in understanding issues related with the protection of their sensitive data.
Qualifications
Main Technical Requirements:
Minimum 5 years exp. in similar roles;
Solid experience in DevSecOps processes (CI / CD processes, containerization solutions, deployment & automation, …);
Good experience in CI/CD tools: Jenkins pipelines, XLD, Artifactory;
Experience in Cloud technologies (at least one of GCP, AWS, Azure);
Knowledge of Infrastructure as Code (Terraform and/or Sentinel);
Solid experience in development and/or scripting – Python & others;
Solid knowledge in HTTP and API protocols;
Basic knowledge of systems & networks;
Basic security knowledge.
Other requirements:
Good level of English - minimum B2 (mandatory);
The candidate must have a real interest in all areas of security & automation;
Capable of summarizing findings and presenting them to management;
Capable of collaborating with diverse teams & integrating diverse areas of knowledge;
Autonomous and innovative;
Good communication skills.
Additional Information
At Natixis, we are committed to fostering a working environment where each and every one of our people is treated with dignity and respect and where every voice is heard. Our differences make us collectively stronger and are a source of fulfilment, innovation and performance.
In the framework of its Diversity, Equity & Inclusion policy, Natixis in Portugal has implemented a Blind CV Screening process, with the purpose of reducing hiring bias. A blind CV excludes any personal details which refer to the applicant’s gender, age or ethnicity. When applying for our positions, please submit a blind CV, that is, with no picture, name, gender, age, nationality, ethnicity and address. Your personal statement, work experience, courses and certifications, education, skills and contact information is what matters to us.
#MuchMoreThanJustAJob
Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. After grabbing a cup of coffee and fresh fruit, pick up your laptop and choose your spot for the day. It's going to be a busy one: French class before lunch and, just after, quick medical appointment at Natixis doctor's office.
Lunch break. Outside in the big terrace (look at your crops at the Urban Garden; ready to harvest!) or, if you feel like stretching your legs, walk downtown to grab lunch.
Back inside. Quick sprint review (working together anywhere means virtual happy birthday to that colleague in Paris that just turned 35). The afternoon went flying (tasks, reports, calls, some jokes with your teammates). End it on a high note: just one PlayStation game or the final match for that ping-pong tournament.
Tomorrow, you complete that certified technical training and the day after, you will work from home, taking advantage to finally do that online course on Udemy. Once you are done with your tasks for the day, you can visit the office for a board games session or show up at the rehearsal of one of Natixis bands. If that is too steady for you, meet your colleagues to surf some waves or join them in a football match.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Audits Automation AWS Azure Banking CI/CD Cloud DevOps DevSecOps GCP Industrial Python Scripting Terraform
Perks/benefits: Gear Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs