Cloud Security Architect

At **Popular, **we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.

**Are you ready for a rewarding career?**

**Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.**

**Come and join our community**

**Job Type**

Full Time Position

**General Description**

Designs cloud security architecture for public clouds and define architecture principles and patterns for cloud service models, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). The Cloud Security Architecture (Mid-level) role is responsible for the security architecture and solution designs across multiple cloud service providers.

**Essential Duties and Responsibilities**
- Responsible for securing the organization's assets in the cloud IAW governance laws, regulatory compliance, and Popular's standards.
- Designs and develops the cloud security infrastructure and cloud services.
- Responsible for development and validation of cloud security policies, standards, and best practices
- Responsible for development of the cloud architecture strategy, establishing governance, facilitating adoption and execution.
- Research emerging cloud security solutions assess the relevance and potential value to the organization and presents information to senior management and peers.
- Responsible for the development of the cloud security roadmap
- Embeds cloud security capabilities into organizational-level business requirements and initiatives.
- Cross-pollinate and works closely with all domain architects to ensure cloud security requirements are adopted to all cloud solutions and proposals.
- Design security principle to Application Programming Interface (API) and perform API security reviews.
- Participates in the Center of Excellence Council and ensures cloud security requirements are implemented to all cloud solutions and initiatives

**Education**

Bachelor's Degree in Computer Science or related fields

**Experience**
- 6+ years of relevant IT experience
- 4+ years of Security engineering and architecture experience in a complex technology environment
- 2+ years working with public cloud platforms.
- Experience in working in complex public cloud infrastructure, platform, and software services (AWS, GCP, Azure, Salesforce, etc.)
- Experiences in working with home-grown, CSP-native, and third-party technology solutions such as AWS Security Hub, Azure Sentinel, Azure AD, HashiCorp Vault, etc.
- Experience in risk-based authentication and Azure AD MFA
- Experience in AWS/salesforce/cloud security tools/solutions such as AWS WAF, AWS Secrets Manager, AWS Config, HashiCorp Vault, Salesforce Shield.
- Experience with software development methodologies and secure coding practices
- Experience with data center operations
- Experience in financial services/banking is a plus.

**Certifications / Licenses**

Certifications are highly desirable but not required.
- CompTIA Cloud+
- AWS Certified Solutions Architect - Associates, or Professional
- Microsoft AZ 303, or 304
- Certified Cloud Security Professional (CCSP)

**Knowledge, Skills & Abilities (KSA's)**
- Ability to architect and drive adoption of solutions and platforms into production.
- Ability to work independently across multiple initiatives simultaneously.
- Solid knowledge of cloud security architecture patterns, cloud security blueprints, and cloud security components/services comprised of third-party and native services.
- Solid knowledge of IT Governance, data governance, architecture, and security frameworks such as COBIT, SABSA, TOGAF, MITRE, NIST, OWASP, CIS
- Solid knowledge of the capabilities of all cloud providers
- Solid understanding of scripting and programming languages such as Python, Ruby, JavaScript, etc.
- Skills in technology, information security architecture standards, system architecture
- Skills in risk management, security architecture, and secure SDLC practices

**Region Locations**

Puerto Rico or Colombia.

**Work Schedule**

Remote and Hybrid work available.

**Competencies**

Accountability

Analytical Discipline

Business Excellence

Change Agent

Character

Collaboration & Teamwork

Customer Centric

Self Development

**Additional Requirements**

The information provided here is only a general guide as to the nature of the position and does not constitute an exact description of the goals, tasks, duties, and responsibilities of the position. The specific details of each position are described in the employee’s performance evaluatio