INFORMATION SECURITY SUPERVISOR Our Company At FirstBank PR , we strive to be trusted advisors to our clients and our employees are the ones that ensure we deliver on our promise of excellence in personalized customer service. Our more than 3,100 employees in Puerto Rico, the Virgin Islands and Florida share a passion for excellent customer service. We are proud of our team because they are continuously surpassing our client’s expectations. Do you have a passion for helping customers, building relationships, and delivering extraordinary, personalized customer service? If your answer is yes, FirstBank is the number one place for you. A Brief Overview The Corporate Security Office (CSO) is accountable for the corporate strategy regarding Information Security, which includes the creation and maintenance of policies, procedures, and programs for all Regions. As part of the Corporate IT Security Strategy, the Information Security Supervisor is responsible for assisting the Information Security Regulatory Manager in the Identity and Access Management Controls implementation, execution, compliance and alignment with the Information Security program, to ensure the protection of the Bank's information, equipment, applications, and software. What you’ll do • Supervise the Identity and Access Management (IAM) Controls group responsible for user access termination and review as well as privileged access monitoring. • Assist the Information Security Regulatory Manager in the implementation and continuous improvement of Identity and Access Management (IAM) tools and controls. • Maintain the required IAM controls execution service levels (SLAs) and reporting documentation. Submit SLA Metrics to the GRC Unit for Corporate IT Security Metrics Consolidation. • Prepare and maintain IAM Procedures for the execution employees and external terminations, employee transfers, access reviews (applications, ITGC tools, privileged and administrative access, SOX servers and databases), and privileged access monitoring. • Maintain evidence of controls execution and provide them in a timely matter as required for GRC assessments and internal and external audits. • Maintain technical competencies through courses, peer group association, conferences and contract with technical services, vendors, and other companies. • Responsible for managing non-exempt employees. • Capable of mapping complex technical requirements, functionality, and capabilities to prescribe security controls, policies, and practices. • Ability to receive and accurately interpret complex ideas/information, to effectively transmit to applicable stakeholders. • Provides guidelines and recommendations on business requirements, practice, and compliance to ensure the Corporation’s Information Security strategy, regulatory compliance, and continuity requirements are met. • Performs other related functions as needed. What You’ll Need to Succeed Bachelor’s degree in Business Administration, Computer Science, I nformation Systems or a related field. Certified Information Security Auditor (CISA) or another Information Security Professional Certification, such as CISSP or CISM are not required but highly desirable. The incumbent must have at least 3 to 5 years of related experience in IAM controls administration. Previous experience in information technology and information security regulations and guidelines, as well as the information technology frameworks (SOX, GLBA, BSA, FFIEC Guidelines, PCI DSS). Experience in the following fields: information security, auditing, and risk management, preferred. Experience in project management functions, preferred. Or the equivalent combination of Education and Experience needed to be able to perform the functions of this job. Competencies Knowledge of: • The utilization, operation and care of computer and related electronic data processing equipment. • Proficient IT skills, business knowledge, and people skills (need a balance among the three sets of skills to be able to leverage these skills to effectively interact at all levels successfully). • Proficient Information Security and/or Information Technology knowledge. • Proficient knowledge of Information Security Frameworks such as COBIT 5, ISO 27000, NIST among others. • Strong knowledge in IT Controls and how to comply with control objectives. • Focused on learning new technologies to keep up with current industry technologies and standards. • The competencies detailed below are the behaviors to be exhibited by the incumbent while performing his/her duties as relate to our corporate values, culture and philosophy. • Business Acumen: Understands how the organization works, including current and future policies, practices and trends. • Initiative and Business Perspective: Strives to know the business and promotes new initiatives to improve daily operations. • Leadership skills: Superior leadership and communication skills and be able to maximize resource capabilities. • Communication Skills: Superior verbal and written communication in both English and Spanish. Ability to adapt to different types of persons, convey an effective message and listen properly to aligned needs and ensure a proper outcome for all parties involved. • Customer Service: Seeks to satisfy and exceed the interests, expectations and needs of the customer (internal and external) within the highest standards established within the Corporation. • Innovation: Integrates the creation, enhancement and the changes in the compliance with his/her functions to maximize the effectiveness of the job and originate benefits to the Corporation. • Vision and Values: Understands organization’s vision and upholds values in everyday words and actions. Demonstrate the values of the Corporation: Integrity, Respect, Responsibility, Support, Innovator, Agile, Compromised with Quality, Customer Focus • Quality: Demonstrates accuracy and thoroughness and looks for ways to improve and promote quality. Strives for the best quality in offers for properties assigned. • Collaboration and Creating and Maintaining Teamwork: Contributes to building a positive team spirit. Operates cooperatively and cohesively. • Ethics: Treats people with respect and upholds organizational values maintaining composure, tact, and courtesy that could be routinely high volume and demanding. • Multitask: Is able to manage various requirements at the same time and able to plan ahead to ensure these are met effectively and efficiently. Ability to manage multiple projects and priorities across various functions • Organizational Support: Follows policies and procedures and completes administrative tasks correctly and on time. • Responsive: Seeks to address inquiries and requests on an expedited manner. • Building strong relationships: Establishes, sustains and fosters both internal and professional contacts to build, enhance, and connect to FirstBank Services. • Ownership: Takes initiative and assumes personal accountability for goals and outcomes/deadlines. • Problem analysis and solution: Identifies problems, conducts analysis, and searches for the best solutions. • Excellent problem solving and project management skills • Strong analytic thinking capacity • Strong team management, communication, organizational, and follow-up skills First Bank Puerto Rico is a proud to be an Equal Employment Opportunity Employer and takes affirmative action to employ Women, Protected Veterans, People with Disabilities and Minorities regardless of gender identity, sexual orientation, and any other legally protected status.