At Popular, we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.

Are you ready for a rewarding career?

Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.

Come and join our community!

General Description

We seek a highly skilled and experienced IT and IS Assurance Manager to join our team. As an IT and IS Assurance Manager, you will be critical in ensuring the effectiveness, efficiency, and reliability of our organization's IT and Cyber controls. You will lead a team of IT and Cyber risk professionals and develop and oversee various IT and Cyber assurance activities to test the design and effectiveness of controls and provide recommendations to enhance IT and Cyber controls and compliance with regulatory and industry frameworks. The IT and IS Assurance Manager will report to the 2nd Line of Defense (2LOD) IT and Cyber Risk organization and will lead the development of a control assurance function that will conduct testing of IT and Cyber based on risk and regulatory frameworks.

Essential Duties and Responsibilities

• Develop and execute 2LOD validation program strategy for Cyber and IT-related controls following recommendations. Establishing the 2LOD Control Assurance function includes:
o Staffing – selection of resources
o Selection of tools for control evaluation and documentation
o Development of policies, procedures, methodology, and communication strategy
o Testing program, test planning, control selection
o Establish reporting metrics and escalation process.

• Prepare the annual review plan for IT and Cybersecurity controls considering the results of the 2nd Line of Defense Risk and Control Self Assessments (RCSA), applicable laws and regulations, industry best practices, emerging risks, etc.
• Oversee the planning and execution of tests to ensure compliance with laws, regulations, or industry standards and evaluate the effectiveness and efficiency of IT and Cybersecurity systems and processes.
• Coordinate with the Division Managers the tests to be performed.
• Communicate findings from testing engagements to Managers, Division Managers, and Group Managers and recommend enhancements or changes based on test results. Prepare clear, concise, and well-supported reports that communicate findings and recommendations in a manner that influences management to take corrective action.
• As appropriate, present results and status of testing engagements to Management Committees.
• Monitor action plan completion for recommendations resulting from the reviews.
• Communicate with internal and external stakeholders the results of the testing engagements.
• Administrative functions – team management, training, and mentoring team members, budget, updates of policies and procedures, etc.


Bachelor’s degree in computer science or information systems.
Certifications in Cyber or IT Audits (CISSP, CISA, etc) required (or working towards a related-certification within a specific period of time)


• At least 5+ years of experience overseeing control testing within internal or external auditing of information technology, cybersecurity, IT risk management, IT SOX, or general hands-on IT or cyber experience (cyber operations, networking, programming, infrastructure, database); preferably supporting financial institutions.
• Minimum of 3 years of experience in supervising and leading teams, providing direction and guidance on IT assurance projects.
• In-depth understanding of cyber controls, and IT controls related to: IT infrastructure, network security, database management, and system development life cycle.
• Expertise in conducting risk assessments, vulnerability assessments, and control evaluations.
• Excellent analytical, problem-solving, and decision-making skills.
• Outstanding communication and interpersonal skills to effectively engage with stakeholders at all levels.
• Ability to work independently, manage multiple priorities, and meet deadlines in a fast-paced environment.

Other Qualifications

• Comprehensive understanding of internal control environments within the IT function. Understanding information security standards, best practices for securing computer systems, and applicable laws and regulations.
• Knowledge of internal auditing, controls, risk management, and finance and accounting practices and methods.
• Experience with multiple technology domains, including aspects of Windows / Office 365, web and/or database management, software development, networking, and automation.
• Working knowledge of MS Office: Word, Excel, PowerPoint, ACL or Arbutus, and Database Querying (SQL). Excellent people skills to develop and maintain good relationships with stakeholders.
• Ability to work under pressure to meet deadlines.
• Excellent organizational skills to work with multiple things and comply with established deadlines.
• Excellent leadership and teamwork skills.

Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.

If you have a disability and need assistance with the application process, please contact us [email protected]. This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.

As Puerto Rico’s leading financial institution, we reaffirm our commitment to always offer essential financial services and solutions for our customers, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.

If you are a California resident, please click here to learn more about your privacy rights.


Popular is an Equal Opportunity Employer

Learn more about us at and keep updated with our latest job postings at

Connect with us!

LinkedIn | Facebook | Twitter | Instagram

Manager I/ IT & IS Assurance

Solicitar ahora
Back to search page