ISO Security Specialist

Date: Nov 10, 2023

Location: Remote, PR

Company: Popular

At Popular, we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.


Are you ready for a rewarding career?

Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.

Come and join our community!

Job Type

Full Time

General Description

Applies skills as an experienced professional to ensure the security of all information pertinent to the company. Recommends methods and techniques to achieve optimal results and helps establish a culture of security across the organization. Supports the achievement of compliance and regulatory goals that are based on the high level of security built into our products. Creates processes to support high quality security-operations, with real-time monitoring of security and compliance in cloud and on-prem environments with a global user community. The incumbent will need to be highly knowledgeable of the concepts of security, compliance, and risk assessment as well as have the technical ability to converse with other team members about their plans and security concerns.

Essential Duties and Responsibilities

  • Leads the implementation of technical and operational security controls that are considered safeguards and /or countermeasures to prevent unauthorized access, modification and disclosure of data, software, and infrastructure.
  • Assess SecOps factors and facilitates remediation of identified vulnerabilities for security across the enterprise. 
  • Assesses SecOps factors and facilitates remediation of identified vulnerabilities with the companies' network, systems, and applications. 
  • Aligns security deliverables with legal, regulatory, and contractual requirements that conforms with security framework and standards such as NIST SP 800-53 rev 4, ISO/IEC 27000 series, OWASP Top 10, among others.
  • Establishes processes and procedure for continuous monitoring to allow operational visibility in enterprise environments.
  • Reports on findings and recommendations for corrective action.
  • Performs SecOps related assessments as assigned utilizing security tools and methodologies. 
  • Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of security related scenarios.
  • Facilitates and monitors performance of remediation tasks, changes related to mitigation factors & reports on findings. 

Essential Duties and Responsibilities (cont.)

  • Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications. 
  • Provides periodic status reports, including outstanding issues. 
  • Assist in all Cybersecurity audits, risk assessments and regulatory compliance.
  • Serve as SME within security projects and perform security operational defined processes.
  • Promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the company.
  • Address questions from internal and external audits and examinations.
  • Create concise and comprehensive reports related to security violations, including recommendations for addressing any identified control weaknesses.
  • Periodically discuss any SecOps related event and/or innovative ideas that shall mature the companies’ security measures.
  • Participate in pre-defined capacitation trainings defined by the unit.


Bachelor's degree in Computer Science, or related field, or equivalent work experience.


Five (5) years’ experience in ensuring the security of all information pertinent to the company.


Certifications are highly desirable but not required.


Knowledge, Skills and Abilities (KSA's)

  • Analytical skills: Stays focused on main issues, prevents irrelevant issues or distractions from interfering with timely completion of assignments.  Collects, research and complements data; Synthesizes complex or diverse information.  Demonstrates attention to detail; Applies design principles; Generate creative solutions.  Strong quantitative, research and analytical skills.  Experience with data analysis, persuasive and informative writing, workload management, and process management.
  • Problem Solving: Identifies and resolves problems in a timely manner; Develops alternative solutions. 
  • Communication skills: effectively interact with internal and external stakeholders. Ability to foster trusting relationships with colleagues and clients. Highly develop written and verbal communications skills in English. Presents data effectively. Superior communication and people skills. Excellent report-writing and presentation skills. Polished in preparing presentations, executive summaries, and business reports in English for executive audiences.
  • Strong technical/business acumen: ability to understand the needs and concerns of business stakeholders and colleagues and respond promptly and effectively to stakeholder requests. Ability to conduct analysis on work procedures, business results, and recommends changes to improve the effectiveness of the business's management.
  • Operational/Regulations Processes: Knowledge on budget administration, resources allocation, organization’s policies, and regulations. Ability to establish, conduct and track operational processes properly.
  • Project Management: Ability to prioritize and work with multiple projects and tasks with minimum supervision; self-direct and task switch between strategic and tactical initiatives regularly. Capacity to achieve results according to plan ensuring the expected quality. Excellent organization capacity to define priorities, meet deadlines, and flexible to change. Knowledge on project coordination, identification of business needs, work plan, budget control, time management, resource allocation, team management and status reports. Must demonstrate leadership, logic, and reasoning skills.

Regions Locations

Puerto Rico, US or Colombia.

Work Schedule

Hybrid or Remote.


Analytical Discipline
Business Excellence
Change Agent
Collaboration & Teamwork
Customer Centric
Self Development

Additional Requirements

The information provided here is only a general guide as to the nature of the position and does not constitute an exact description of the goals, tasks, duties, and responsibilities of the position. The specific details of each position are described in the employee’s performance evaluation.

Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.


If you have a disability and need assistance with the application process, please contact us This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.


As Puerto Rico’s leading financial institution, we reaffirm our commitment to always offer essential financial services and solutions for our customers, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.


If you are a California resident, please click here to learn more about your privacy rights.




Popular is an Equal Opportunity Employer

Learn more about us at and keep updated with our latest job postings at

Connect with us!

LinkedIn |   Facebook   |   Twitter   |   Instagram

Job Segment: Compliance, Law, Data Analyst, Legal, Data