Popular is Puerto Rico’s leading financial institution, evolving over a century to offer a wide variety of financial solutions. They are seeking a Cybersecurity Engineer to serve as a Subject Matter Expert, responsible for designing and implementing security solutions across various environments while integrating AI-driven capabilities to enhance cybersecurity operations.
Responsibilities:
- Design, engineer, and implement security controls and solutions across cloud (AWS, Azure, GCP) and on premise environments in alignment with regulatory requirements and organizational standards
- Build and maintain secure enterprise architectures, ensuring security is fully integrated across infrastructure, applications, identity systems, and data platforms
- Develop and implement security engineering solutions to address vulnerabilities, improve control effectiveness, and strengthen the overall security posture
- Design and implement automation and orchestration capabilities to improve efficiency, consistency, and scalability of cybersecurity operations
- Design and develop AI driven security solutions to enhance detection, analytics, and response capabilities against evolving cyber threats
- Engineer and implement AI based capabilities that automate day to day cybersecurity activities, reduce manual effort, and improve operational efficiency
- Develop solutions that augment analyst decision making by providing intelligent insights, prioritization, and contextual analysis of security events
- Continuously optimize security processes and workflows by leveraging AI and automation to improve scalability, consistency, and overall effectiveness of cybersecurity operations
- Develop and validate security policies, standards, and technical controls aligned to industry frameworks such as NIST, CIS, MITRE ATT&CK, and OWASP
- Engineer and integrate security tools and platforms, including SIEM, EDR, IAM, cloud security, and data protection technologies
- Collaborate with cross functional teams to ensure secure design and implementation of enterprise systems, applications, and technology solutions
- Identify, assess, and mitigate security risks through engineering solutions, architecture improvements, and control enhancements
- Research and evaluate emerging security technologies and innovations, including advanced automation and AI capabilities, and recommend adoption where appropriate
- Support the development and execution of the enterprise cybersecurity roadmap, ensuring alignment with business objectives, regulatory requirements, and evolving risk landscapes
Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related field, or equivalent experience
- 6+ years of experience in cybersecurity or IT
- 3+ years in security engineering roles
- Experience across cloud and on-premise environments
- Experience with enterprise security tools and platforms
- Experience with scripting or automation (Python, PowerShell, etc.)
- Experience with AI tools
- Advanced knowledge of security architecture across cloud, on premise, and hybrid environments, with the ability to design and implement robust, scalable security solutions
- Advanced knowledge of enterprise cybersecurity domains, including Identity and Access Management (IAM), Network Security, Data Protection, Infrastructure Security, Application Security, Vulnerability Management, Endpoint Protection, Cloud Security, Security Operations (Detection and Response), Threat Intelligence, Security Architecture, DevSecOps, Security Automation and Orchestration, and AI driven security capabilities
- Deep expertise in industry frameworks and standards, including NIST, CIS, MITRE ATT&CK, and OWASP, and the ability to apply them to real world security architectures and controls
- Proven experience with automation, orchestration, and AI driven security solutions, including the development and implementation of capabilities that enhance detection, response, and operational efficiency
- Demonstrates a high level of technical acumen with a strong engineering mindset, capable of solving complex security challenges across multiple domains
- Highly analytical and problem solving oriented, with the ability to interpret complex data, identify patterns, and translate findings into actionable security improvements
- Ability to effectively operate and deliver outcomes in complex, matrixed enterprise environments, collaborating across engineering, operations, and business teams
- CISSP, CISM, CISA, or equivalent advanced cybersecurity certifications
- Cloud security certifications such as CCSP, AWS Security Specialty, Azure Security Engineer (AZ 500), or Google Cloud Security Engineer
- AI / Machine Learning certifications such as Azure AI Engineer, AWS Machine Learning Specialty, or Google ML Engineer
- Certified AI Professional (CAIP) or similar
- Security engineering or technical certifications such as Security +, GIAC (GSEC, GCED, GCIH), OSCP, or CEH
- Additional certifications in automation, cloud, or emerging technologies are a plus