Cybersecurity Architect (FT Remote)

Date Active

Feb 16, 2023 10:40:36 AM

Requisition #

23-1153

Hours Per Week

40

Location

200 Executive Blvd South-HF433

City

Southington

State

Connecticut

Job Description/ Requirements

If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer. 

 

Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!

 

The Cyber Security Architect will directly support the Managing Director of Security Architecture and is responsible for providing the highest quality Cyber and Information Technology security solutions to Webster Bank associates and customers. The primary functions for this position include formulating, designing, and reviewing bank security systems and solutions as well as ensuring that all bank technology initiatives and projects are implemented in a secure manner.

1. MAJOR DUTIES & RESPONSIBILITIES

• Formulate security architecture recommendations and design security services
• Ensure security and compliance of public Cloud IaaS, PaaS, and SaaS environments
• Ensure that existing network security systems within environment comply with company security policies, standards, and procedures
• Ensure that all bank technology initiatives and projects are implemented in a secure manner.
• Implement technical solutions for requirements supporting GLBA, SOX, FISMA, ISO, PCI, and HIPAA
• Recommend and coordinate the application of fixes, patches, and disaster recovery procedures in the event of a security breach
• Conduct risk assessments, diagnose internet/extranet security issues, intrusion attempts, cyber-crime response, assist in responses to external audits, penetration tests, and vulnerability assessments
• Research emerging technologies in support of security enhancement and development efforts
• Continuously identify gaps in security program coverage, employ secure configuration management processes
• Identify and prioritize critical business functions in collaboration with organizational stakeholders
• Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities -- knowledge may be gained through coursework and on-the-job training
• Follows all bank policies and procedures, compliance regulations, and completes all required annual required or job-specific training
• Actively learns, demonstrates, and fosters the Webster corporate culture in all actions and words
• Takes personal initiative and is a positive example for others to emulate
• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data
• Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
• Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
• Identify and prioritize critical business functions in collaboration with organizational stakeholders.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
• Evaluate security architectures and designs to determine the adequacy of security design and architecture
• Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
• Evaluate new projects/products via intake process and provide security input, guidance & recommendations
• Govern security practices when onboarding new cloud services or cloud migrations within AWS & other SaaS platforms
• Understand who has access & where the weak points of Webster’s systems are
• Recommend ways to improve & update the security of the company’s info & systems via knowledge & understanding

 

II. EDUCATION, EXPERIENCE & SKILLS

• Bachelor's degree in a related field required (Advanced Degree a plus)
• 10+ years of professional IT experience
• 5+ years of professional Information/Cyber Security Experience
• Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Superior communication and analytical skills
• One Information/Cyber Security professional certification (CISSP, GIAC, CCNA Security or comparable)
• Secure coding practices, ethical hacking, and threat modeling
• Experience in public Cloud IaaS such as AWS and Azure
• Knowledge of secure CI/CD pipeline or DevSecOps
• Proficiency in Python, C++, Java, Ruby, Node, Go and/or Power Shell
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Windows, UNIX, and Linux operating systems
• Virtualization technologies
• MySQL/MSSQL database platforms
• Identity and access management principles
• Application security and encryption technologies
• Secure network architectures
• Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
• Experience with advanced persistent threats, phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication.

 

The estimated salary range for this position is $155,000.00 to $170,000.00. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.

 

#LI-Remote

#LI-FO1

#ZR

Equal Opportunities