Since 1935, Webster Bank has been helping individuals, families and businesses meet their financial goals. As a leading regional bank, Webster's strong foundation is built on our core values of responsibility, respect, teamwork, trust and commitment to our communities. Webster bankers remain our most valuable asset, and we pride ourselves on our diverse, equitable and inclusive work environment. Come join our team!
This position is responsible for the technical and operational support of Webster Bank's vulnerability management and risk assessment programs. Additionally, the Information Security Analyst is required to incorporate vulnerabilities and control effectiveness findings into meaningful risk assessments of Webster Bank's information assets.
- Perform all phases of the vulnerability management lifecycle including discovery, prioritization of vulnerabilities, assessments, reporting, and remediation verification
- Support internal and external vulnerability scanning and web application scanning.
- Discover, categorize, and analyze vulnerabilities, recommend/develop remediation, or mitigation strategies, and escalate the security issue to the appropriate internal department.
- Produce and submit deliverable reports on a periodic basis as needed.
- Work to onboard third parties to perform penetration testing, process results through remediation
- Analyze sensor and scanning tool outputs.
- Model and analyze the likelihood that an emerging threat will impact the organization and identify where the weaknesses exist.
- Perform initial, changes to, and periodic security risk assessments on Webster's internal assets.
- Consult on the implementation of Information Security controls.
- Assess and report risk on customer facing applications supporting compliance with FFIEC Guidance for Authentication in an Internet Banking Environment.
- Accurately report results of assessments and remediation status.
- Analyze, monitor, and escalate security events.
- Consult with Information Security Network Architect to ensure safe and secure network environments and configurations.
- Partner, educate and consult the Webster lines of business on asset risks.
- Support Webster lines of business executing their initiatives on time and in a secure fashion.
Education, Experience and Skills Required:
Ability to work independently
- Bachelor's degree in related field or equivalent experience
- 5+ years of professional Information/Cyber Security Experience
- 3+ years of professional IT experience.
- Experience with vulnerability scanning tools and administration
- Experience with application security vulnerability management tools
- Versed in Cyber Threat Actor Tactics, Techniques and Procedures
- Strong documentation and communication (written and verbal) skills
- Application Administration
- Organizational skills
- Detail oriented
- Problem resolution skills
- Strong analytical and technical skills
- Ability to multi-task
- Excellent verbal, written communication skills, and strong collaboration skills to work in a team environment
- Excellent customer service skills
- Self-motivation and initiative