San Juan, PR
At Popular, we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.
Are you ready for a rewarding career?
Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.
Come and join our community!
Full Time Opportunity
The Threat Intelligence Cyber Security Engineer will work closely with in-house software development teams, Information Technology teams, and other business units, along with vendors/third-party organizations to ensure that Security testing and Threat modeling assessments are included in the workflow and performed as required per documented Standards. In addition, this role will work with the internal Threat Intel unit and other Cyber Security units to define project plans, implement, and operationalize Red team activities with in-house staff, and improve the current Threat Intelligence Program. This role will be expected to maintain industry and cyber knowledge to optimize and align Popular’s Security testing and Threat Intelligence processes and systems.
Essential Duties and Responsibilities
- Develop and implement processes to effectively operationalize threat intelligence duties.
- Integrate threat intelligence into security operations for real-time response.
- Proactively search for signs of malicious activities within the organization's network and systems.
- Streamline incident response procedures based on threat intelligence insights.
- Analyze threat intelligence feeds and incorporate findings into security strategies.
- Analyze to improve the current Threat Modeling process, implementing identified gaps.
- Collaborate with cross-functional teams to integrate threat modeling into development processes.
- Conduct threat modeling exercises to identify potential vulnerabilities and weaknesses.
- Participate in penetration testing to identify and address vulnerabilities in systems, networks, and applications.
- Develop and implement the ability to run penetration testing activities with internal tools and internal staff.
- Manage and respond to security requests reported through ticketing systems.
EducationBachelor's Degree in Computer Science or related fields
Three (3) years of relevant experience in threat intelligence aspects of security engineering.
- Expertise on various security and compliance frameworks such as NIST, CIS, PCI DSS, GLBA, etc.
- Skilled in Threat Intelligence frameworks & methodologies like STRIDE and MITRE Attack.
- Proficient in Penetration testing frameworks such as OWASP, PTES and OSSTMM.
- Achieve effective threat hunting.
- Perform Threat modeling assessments.
- Ability to implement DEVSECOPS or other SDLC methodologies.
- Define security requirements and guidelines for development teams.
- Maintain detailed documentation of Threat Modeling exercises, security findings, and recommendations for stakeholders and management.
Preferred Certifications and Licenses
Certifications are highly desirable but not required.
- CompTIA CySA+
- CompTIA PenTest+
Knowledge, Skills, and Abilities (KSA’s)
- Analytical skills: Stays focused on main issues, prevents irrelevant issues or distractions from interfering with timely completion of assignments. Collects, research and complements data; Synthesizes complex or diverse information. Demonstrates attention to detail; Applies design principles; Generate creative solutions. Strong quantitative, research and analytical skills. Experience with data analysis, persuasive and informative writing, workload management, and process management.
- Problem Solving: Identifies and resolves problems in a timely manner; Develops alternative solutions.
- Communication skills: effectively interact with internal and external stakeholders. Ability to foster trusting relationships with colleagues and clients. Highly develop written and verbal communications skills in English. Presents data effectively. Superior communication and people skills. Excellent report-writing and presentation skills. Polished in preparing presentations, executive summaries, and business reports in English for executive audiences.
- Strong technical/business acumen: ability to understand the needs and concerns of business stakeholders and colleagues and respond promptly and effectively to stakeholder requests. Ability to conduct analysis on work procedures, business results, and recommends changes to improve the effectiveness of the business's management.
- Operational/Regulations Processes: Knowledge on budget administration, resources allocation, organization’s policies, and regulations. Ability to establish, conduct and track operational processes properly.
- Project Management: Ability to prioritize and work with multiple projects and tasks with minimum supervision; self-direct and task switch between strategic and tactical initiatives regularly. Capacity to achieve results according to plan ensuring the expected quality. Excellent organization capacity to define priorities, meet deadlines, and flexible to change. Knowledge on project coordination, identification of business needs, work plan, budget control, time management, resource allocation, team management and status reports. Must demonstrate leadership, logic, and reasoning skills.
- Computer and technological skills: proficient in MS Office 365 in programs such as MS Excel and Power Apps.
Puerto Rico or US.
Remote and Hybrid work available.
ValuesPassion for PeopleSucceed TogetherOwn Every MomentBuild the Future
The information provided here is only a general guide as to the nature of the position and does not constitute an exact description of the goals, tasks, duties, and responsibilities of the position. The specific details of each position are described in the employee’s performance evaluation.
Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.
If you have a disability and need assistance with the application process, please contact us email@example.com. This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.
As Puerto Rico’s leading financial institution, we reaffirm our commitment to always offer essential financial services and solutions for our customers, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.
If you are a California resident, please click here to learn more about your privacy rights.
Popular is an Equal Opportunity Employer
Connect with us!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Researcher jobs
- Open Information System Security Officer (ISSO) jobs
- Open C-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs
- Open APIs-related jobs
- Open DevSecOps-related jobs