AtPopular,we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.Are you ready for a rewarding career?Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.Come and join our community!General DescriptionThis role works closely with the Corporate Security and IT Groups in order to secure information, create, and implement strategies to minimize the variety of risks that could threaten the key information of the Organization. Is responsible to ensure that IT systems are structured in a way that is effective and efficient for the organization. It also involves monitoring and managing the IT systems to ensure they are secure.Essential Duties and Responsibilities• Develop IT risk strategy, program, and governance frameworks.• Develop and support IT and cyber units' risk and control self-assessments (RCSAs) and support the day-to-day risk management of the IT risk and control environment.• Identify issues and support IT and cyber leadership in overseeing issue remediation, including the development and execution of viable issue remediation plans.• Support IT and cyber in the managing and monitoring of technology and cyber risk events, including reporting, remediation progress, and escalation to the risk committees and crisis management team, when needed.• Oversee the IT and cyber control framework including QA and 2LOD control testing to evaluate the design and effectiveness of individual IT and cyber controls.• Evaluate external risk events for potentially emerging risk that may impact IT and cyber. Identify opportunities to proactively address and mitigate emerging technology and cyber risks.• Manage IT and cyber second line relationship with regulators and facilitate IT and cyber exams.• Represent enterprise risk in IT and Cyber initiatives in providing effective challenge and risk alignment in the design of enterprise technology and cyber programs.• Review and provide effective challenge on IT and Cyber Policy, program and standards to ensure alignment with regulatory expectations, risk mitigation and control frameworks.• Lead implementation, change management, and execution of enterprise risk programs for IT and cyber divisions.• Work in partnership with senior management of IT and cyber to define the risk appetite and create Key Risk Indicator (KRI) reporting to monitor key compliance and risk metrics.• Ensure appropriate reporting and escalation of KRIs to various committees is performed.• Ensure IT and cyber management and employees are aware of and comply with regulations and risk framework requirements, bank policy, department standards and procedures through the development of key measurement and testing strategies.EducationBachelor's degree in Technology or Cyber. Master degree preferredCertification in Technology or Cyber (e.g. CISA, CISSP, CISM, CRISC)ExperienceOverall 15 years of experience minimum, divided as:• 10 years of experience in IT risk, cyber risk, IT/Cyber control testing, IT Audit, five of those leading teams• 5 years in role related to technology or cyber operations in the financial industry• Practical knowledge of IT and Cyber frameworks, laws and regulations impacting financial institutions (COBIT, NIST, FFIEC IT Handbooks, other)• Significant knowledge of IT and cyber processes and controls, working knowledge preferredOther Qualifications• Proven ability to partner effectively across all levels of the organizations and develop positive working relationships.• Able to manage and execute multiple complex projects within required timeframes.• Experience defining and documenting IT policies, standards, and processes.• Ability to analyze and assess the adequacy of IT controls and identify opportunities for reducing risk.• Solid understanding of FFIEC requirements and Risk and Control Self-Assessments (RCSA)• Solid understanding of IT risk management and industry best practices.• Excellent verbal and written communication skills with comfort around presenting new ideas and presentations to senior management.• Ability to think critically and logically. Highly perceptive, inquisitive and methodical.• Proactive self-starter with good people management skills and strong work-ethic.• This is a technical role, but also it requires a deep understanding of business risks, critical thinking and presentation skills as this role will present to Senior Leaders and prepare board presentations.ValuesPassion for PeopleOwn Every MomentSucceed TogetherBuild the FutureImportant:The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.If you have a disability and need assistance with the application process, please contact ******. This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.As Puerto Rico's leading financial institution, we reaffirm our commitment to always offer essential financial services and solutions for our customers, including during emergency situations and/or natural disasters. Popular's employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.If you are a California resident, pleaseclick hereto learn more about your privacy rights..Popular is an Equal Opportunity EmployerLearn more about us atwww.popular.comand keep updated with our latest job postings atwww.jobs.popular.com.Connect with us!LinkedIn|Facebook|Twitter|InstagramJob Segment:Compliance, QA, Change Management, Manager, Law, Legal, Quality, Management
