Security Engineer

Date: Jan 1, 2023

Location: Remote Work Available, PR

Company: Popular

At Popular, we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.

 

Are you ready for a rewarding career?

Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.

Come and join our community!

Full Time Opportunity (Active Directory Expertise)

General Description

Applies skills as an experienced professional to ensure the security of enterprises. Recommends methods and techniques to achieve optimal results and helps establish a culture of security across the organization. Supports the achievement of compliance and regulatory goals that are based on the high level of security built into our products. Creates processes to support high quality security-operations, with real-time monitoring of security and compliance in corporate environments with a global user community. The incumbent will need to be highly knowledgeable of the concepts of security, compliance, and assessment as well as have the technical ability to converse with software engineers about their plans and security concerns.

Essential Duties and Responsibilities

•    Assist in defining and establishing accreditation and validation strategies from an engineering perspective.
•    Solution and design security accreditation and validation strategy for current and future state Active Directory engagements.
•    Assess objects, schemas and dependencies to define proper enhancements and maturity roadmaps for the enterprise Active Directory environment. 
•    Provide recommendations for Active Directory migration patterns to cloud environments for IAM/CIAM adoption strategies.
•    Perform security evaluations and continuous monitoring processes.
•    Provide security requirements analysis of enterprise and cloud architectures and designs.
•    Identify technical gaps, providing solution recommendations for service acquisitions, development, migration, implementation, and performance, and participate in the activities.
•    Explain security controls, requirements, and guidance to security management.
•    Create vulnerability reports and recommend mitigations of risks to corporate environments.
•    Conduct system’s security testing to identify weaknesses, technical flaws, and vulnerabilities.
•    Ensure enterprise system’s components meet compliance requirements.
•    Participate in incident identification and response activities.
•    Perform security evaluations and continuous monitoring processes.
•    Aligns security deliverables with legal, regulatory, and contractual requirements that conforms with security framework and standards such as NIST SP 800-53 rev 4, ISO/IEC 27000 series, OWASP Top 10, among others.
•    Establishes processes and procedure for continuous monitoring to allow operational visibility in enterprise environments.
•    Review and analyze testing (SAST, SCA, DAST) of software systems, and SEC-OPS infrastructure to ensure secure operation of systems with a global user base.
•    Reports on findings and recommendations for corrective action.
•    Performs SecOps related assessments as assigned utilizing security tools and methodologies. 
•    Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of security related scenarios.
•    Facilitates and monitors performance of remediation tasks, changes related to mitigation factors & reports on findings. 
•    Maintains oversight vendors regarding the security maintenance of their systems and applications. 
•    Provides periodic status reports, including outstanding issues. 
•    Assist in all Cybersecurity audits, risk assessments and regulatory compliance.
•    Serve as SME within security projects and perform security operational defined processes.
•    Promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the company.
•    Address questions from internal and external audits and examinations.
•    Create concise and comprehensive reports related to security violations, including recommendations for addressing any identified control weaknesses.
•    Periodically discuss any SecOps related event and/or innovative ideas that shall mature the companies’ security measures.
•    Participate in pre-defined capacitation trainings defined by the unit.

Minimum Education

Bachelor's Degree in Computer Science or related fields

Experience

Three years of experience in security aspects of system engineering.

Preferred Certifications / Licenses

  • CGEIT, GSEC, CASP+, CEH, Security+, CCSP, CISSP
  • Microsoft SC-200, 300, 400, 900; AZ-104, 204, 303, 304, 500, 900; DP-203, 900
  • ITIL 4

Competencies

Accountability
Analytical Discipline
Business Excellence
Change Agent
Character
Collaboration & Teamwork
Customer Centric
Self Development

Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.

 

If you have a disability and need assistance with the application process, please contact us asesorialaboral@popular.com. This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.

 

As Puerto Rico’s leading financial institution, we reaffirm our commitment to always offer essential financial services and solutions for our customers, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.

 

          .

 

Popular is an Equal Opportunity Employer

Learn more about us at www.popular.com and keep updated with our latest job postings at www.jobs.popular.com.

Connect with us!

LinkedIn |   Facebook   |   Twitter   |   Instagram


Job Segment: Compliance, Legal