San Juan, FL, US, 32801
Security Engineer | Cybersecurity
Job Type
Full-Time
General Description
Applies skills as an experienced professional to ensure the security of enterprises. Recommends methods and techniques to achieve optimal results and helps establish a culture of security across the organization. Supports the achievement of compliance and regulatory goals that are based on the high level of security built into our products. Creates processes to support high quality security-operations, with real-time monitoring of security and compliance in corporate environments with a global user community. The incumbent will need to be highly knowledgeable of the concepts of security, compliance, and assessment as well as have the technical ability to converse with software engineers about their plans and security concerns.
Essential Duties and Responsibilities
- Design, implement, and optimize the SIEM system, including the integration of data sources, correlation rules, dashboards, reports, and alerts.
- Monitor and troubleshoot the performance, availability, and security of the SIEM system.
- Develop and update the SIEM documentation, procedures, and training materials.
- Serve as the subject matter expert (SME) for SIEM & EDR/XDR, solutions within the organization.
- Design, configure, and manage security tools and technologies to detect and mitigate threats, ensuring optimal tuning and integration of SIEM, EDR/XDR technologies.
- Continuously monitor security systems for anomalies and potential security incidents, initiating response protocols and mitigating threats in real time.
- Develop, implement, and maintain comprehensive security policies, procedures, and controls that align with industry best practices and regulatory requirements.
- Conduct thorough security assessments, audits, and penetration testing to identify and address vulnerabilities, enhancing the security posture of the organization.
Essential Duties and Responsibilities (cont.)
- Collaborate with IT, network, and development teams to ensure the integration of security considerations in the infrastructure and across the software development lifecycle.
- Provide expert advice and guidance to project teams regarding the selection and implementation of appropriate security technologies.
- Support incident response activities, including forensic analysis and remediation efforts, to minimize impact from security breaches.
- Provide security requirements analysis of enterprise and cloud architectures and designs.
- Identify technical gaps, provide solution recommendations for service acquisitions, development, migration, implementation, and performance, and participate in the activities.
- Explain security controls, requirements, and guidance to security management.
- Aligns security deliverables with legal, regulatory, and contractual requirements that conform with security framework and standards such as NIST SP 800-53 rev 4, NIST-CSF, PCI-DSS, among others.
- Reports on findings and recommendations for corrective action.
Essential Duties and Responsibilities (cont.)
- Performs SecOps related assessments as assigned utilizing security tools and methodologies.
- Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of security related scenarios.
- Maintains oversight vendors regarding the security maintenance of their systems and applications.
- Assist in all Cybersecurity audits, risk assessments and regulatory compliance.
- Serve as SME within security projects and perform security operational defined processes.
- Promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the company.
- Address questions from internal and external audits and examinations.
- Create concise and comprehensive reports related to security violations, including recommendations for addressing any identified control weaknesses.
- Participate in pre-defined capacitation training defined by the unit.
Education
Experience
2+ years of experience in Security and 1+ year of experience with SIEM, and or EDR/XDR.
Certifications / Licenses
CEH, Security+, CISSP
Knowledge, Skills, and Abilities (KSA's)
- Strong business acumen: ability to understand the needs and concerns of business stakeholders and colleagues and respond promptly and effectively to stakeholder requests. Ability to conduct analysis on work procedures, business results and recommends changes to improve the effectiveness of the business's management.
- Strong technical acumen: knowledge of Information Security and Information Technology concepts. Ability to write technical instructions using programs and technology. Robust knowledge of applicable local and federal laws, regulations, and guidelines.
- Communication skills: effectively interact with internal and external stakeholders. Ability to foster trusting relationships with colleagues and clients. Highly develop written and verbal communications skills, strong ability to communicate ideas (storytelling). Presents numerical data effectively. Superior communication and interpersonal skills. Excellent report-writing and presentation skills. Polished in preparing presentations, summaries, and reports for all audiences.
- Analytical skills: Stays focused on main issues, prevents irrelevant issues or distractions from interfering with timely completion of assignments. Collects, research and complements data; Synthesizes complex or diverse information. Demonstrates attention to detail; Applies design principles; Generate creative solutions. Strong quantitative, research and analytical skills. Experience with data analysis, persuasive and informative writing, workload management, and process management.
Knowledge, Skills, and Abilities (KSA's cont.)
- Problem Solving: Identifies and resolves problems in a timely manner; Develops alternative solutions.
- Project Management: Ability to prioritize and work with multiple projects and tasks with minimum supervision; self-direct and task switch between strategic and tactical initiatives regularly. Capacity to achieve results according to plan ensuring the expected quality. Excellent organization capacity to define priorities, meet deadlines, and flexible to change. Knowledge on project coordination, identification of business needs, work plan, budget control, time management, resource allocation, team management and status reports. Must demonstrate leadership, logic, and reasoning skills.
- Operational/Regulations Processes: Knowledge on budget administration, resources allocation, organization’s policies, and regulations. Ability to establish, conduct and track operational processes properly.
- Computer and Technological Skills: Proficient in MS Office 365. Experience with data management tools such as Power Pivot, Power BI, among others is desired. Ability to achieve results by providing innovative ways of working with operational and technological considerations. Knowledge of computer flow charts and programming logic and codes.
Region Locations
Puerto Rico or Colombia
Work Schedule
Hybrid or Remote
Values
Additional Requirements
The information provided here is only a general guide as to the nature of the position and does not constitute an exact description of the goals, tasks, duties, and responsibilities of the position. The specific details of each position are described in the employee’s objectives within the performance evaluation.
Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.
ABOUT US
Popular is Puerto Rico’s leading financial institution and have been evolving since it was founded over a century ago. From a small bank it has developed into a large corporation that offer a wide variety of services and financial solutions to our customers, with presence in the United States, the Caribbean and Latin America.
As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.
We reaffirm our commitment to always offer essential financial services and solutions for our customers and communities, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.
If you have a disability or need more information about requesting an accommodation, please contact us at asesorialaboral@popular.com. This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.
Are you ready for a rewarding career?
Popular is an Equal Opportunity Employer
Learn more about us at www.popular.com and keep updated with our latest job postings at www.jobs.popular.com.
Connect with us!
LinkedIn | Facebook | Twitter | Instagram
If you are a California resident, please click here to learn more about your privacy rights.
Nearest Major Market: Orlando
Job Segment:
Compliance, Data Analyst, Data Management, Legal, Data