Popular

Cybersecurity Vulnerability Analyst

Popular  •  San Juan, PR (Hybrid)  •  2 days ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

General Description

The Cybersecurity Vulnerability Analyst is a hands on technical role within Cyber Operations program. The Analyst supports the organization’s capability to reduce cyber risk by identifying, validating, and analyzing vulnerabilities across Popular’s enterprise technology ecosystem — including internally managed systems, cloud environments, and third party platforms.


The analyst performs vulnerability assessments, reviews the daily scan schedules and develops and maintains the solutions to recommend adjustments and create new schedules. Reviews the results of scans and assists the specialists and engineers with metrics and prioritization processes This role contributes to remediation planning, and supports the improvement of vulnerability management processes, tooling, and reporting. This role works closely with information security, IT operations, cloud teams, and business stakeholders to ensure accurate identification of security weaknesses and timely mitigation of risk.


Essential Duties and Responsibilities

Vulnerability Assessment & Analysis

  • Execute vulnerability assessments across networks, applications, cloud services, APIs, and platforms using approved tools and methodologies.
  • Perform validation and analysis of identified vulnerabilities to confirm exploitability, impact, and relevance to Popular’s environment.
  • Works with 3rd parties and stakeholders to educate and support the program
  • Ensure that tickets are open and works with the business units to document and exceptions or deviations to the vulnerability program

Tooling & Research

  • Maintain and operate offensive security tools, scanners, and testing environments to ensure accurate and efficient assessments.
  • Conduct continuous research on new vulnerabilities, exploitation trends, and industry security developments to strengthen assessment capabilities.

Reporting & Documentation

  • Produce clear, detailed technical reports that describe vulnerabilities, exploitation evidence, risk ratings, and recommended remediation steps.
  • Prepare summaries and risk narratives tailored to technical teams and non technical stakeholders.

Cross Team Collaboration

  • Work closely with cyber defense, IT, cloud, and application teams to communicate findings and assist in defining effective mitigation strategies.
  • Support periodic vulnerability scanning cycles by preparing scoping information, validating results, and escalating critical issues.


Vendor & Third Party Activity Support

  • Assist in coordinating penetration testing activities conducted by external vendors.
  • Validate vendor identified findings and ensure consistent methodology and accuracy.

Governance & Compliance Support

  • Ensure vulnerability assessment activities follow corporate policies, procedures, and regulatory frameworks (e.g., NIST 800 53, PCI DSS, GLBA).
  • Provide evidence and documentation for audit requests and compliance reviews.


Knowledge and Skills

  • Some experience with applications, network, mobile, and API penetration testing techniques.
  • Knowledge of and working skills in offensive security tools (e.g., Burp Suite, Nmap, Nessus, custom scripts, OSINT tools).
  • Strong understanding of security principles, common vulnerabilities, and exploitation techniques.
  • Familiarity with OSSTMM, OWASP, SAMM, NIST SP 800 53, PTES, and related testing frameworks.
  • Ability to communicate technical security issues clearly to technical and non technical audiences.
  • Strong analytical mindset and able to evaluate vulnerability severity, identify false positives, and understand systemic risks.

Education and Experience

  • Bachelor’s degree in Computer Science, Information Security, MIS, or equivalent experience or 1–3 years of experience in vulnerability assessment, offensive security, or related cybersecurity roles.
  • Experience conducting application or infrastructure security testing in complex enterprise environments.
  • Experience performing cloud-focused testing (AWS, Azure, GCP, or SaaS platforms) is preferred.
  • Experience developing or modifying offensive tools or scripts is a plus.


Preferred Certifications and Licenses

Base Certifications (One required):


Security +, Network +, OSCP, GPEN, GWAPT, eJPT, CRTO, or equivalent entry/intermediate offensive certifications

Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.

Our hybrid work model benefit applies to certain positions and is subject to changes based on the organizational needs.

Applicants must be authorized to work for any employer in the United States. This position is not open to applicants who need visa sponsorship or transfer of visa sponsorship at this time.

ABOUT US

Popular is Puerto Rico’s leading financial institution and have been evolving since it was founded over a century ago. From a small bank it has developed into a large corporation that offer a wide variety of services and financial solutions to our customers, with presence in the United States, the Caribbean and Latin America.

As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.

We reaffirm our commitment to always offer essential financial services and solutions for our customers and communities, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.

If you have a disability or need more information about requesting an accommodation, please contact us at asesorialaboral@popular.com This email inbox is monitored for such types of requests only All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.

Are you ready for a rewarding career?

Popular is an Equal Opportunity Employer, including Disability/Vets
Learn more about us at www.popular.com and keep updated with our latest job postings at www.jobs.popular.com
Connect with us!
LinkedIn | Facebook | Twitter | Instagram

If you are a California resident, please click here to learn more about your privacy rights.

Popular

About Popular

A través de nuestros más de 129 años de historia, nos hemos distinguido por la excelencia y diversidad de talento de nuestra gente, unido a los valores institucionales que nos han guiado. Continuamente buscamos atraer y retener al mejor talento para fomentar una cultura de alto desempeño, donde se reconoce la calidad del trabajo con salarios competitivos y los mejores beneficios en la industria. ¡Sé parte del equipo Popular! Encuentra más información en la sección de Jobs, o visita popular.com/empleos y contáctanos para oportunidades de empleo. En Popular ponemos a la gente en el centro del progreso. Comprendiendo y conectando con ustedes, nuestros clientes, compañeros y compañeras, comunidades y accionistas, es la mejor manera para impulsar el progreso.

Si eres un emprendedor o representas una start-up en busca de oportunidades de inyección de capital, visita https://www.popular.com/impact-fund/ o contáctanos en impactfund@popular.com para conocer más sobre nuestro Popular Impact Fund.

Si deseas desarrollar tu start-up de 2 años o menos, conoce sobre Start Up Popular, el único programa que te ofrece apoyo, asesoramiento y financiamiento. Conoce más en https://www.popular.com/startup/

Si deseas orientarte sobre el manejo de riesgos para tu negocio o sobre la amplia variedad de productos de seguros que ofrecemos para fortalecer y proteger tu negocio, visita popular.com/negocios/seguros/ , o contáctanos a través del 787-731-6900 o PRSsales@popular.com

Cuenta con nosotros.

Contáctanos: TeleBanco Popular® 787-724-3650 o TeleBanco Popular® 787.724.3650 (ENG 787.724.3659) CHAT POPULAR: https://www.popular.com/popular-chat-online/ Guía de moderación en las redes sociales: http://pop.pr/3kjJAkU

Industry
Finance & Insurance
Company Size
5,001-10,000 employees
Headquarters
San Juan, PR
Year Founded
Unknown
Social Media