Information Security Planning Lead
Date ActiveMar 18, 2022 12:00:00 AM
Hours Per Week40
Location436 Slater Road-HF308
Job Description/ Requirements
Since 1935, Webster Bank has been helping individuals, families and businesses meet their financial goals. As a leading regional bank, Webster's strong foundation is built on our core values of responsibility, respect, teamwork, trust and commitment to our communities. Webster bankers remain our most valuable asset, and we pride ourselves on our diverse, equitable and inclusive work environment. Come join our team!
Oversee technology process inventory and ensure all regulatory and industry requirements are consolidated and incorporated into the technology control framework, including SOX, SOC 2, PCI, and Center for Internet Security controls.
Coordinate and direct assurance and assessment schedules to cover all risks and controls
Collaborate with internal and external stakeholders to implement efficient, effective and sustainable assessment and assurance activities throughout the technology organization.
- Oversee information technology and information security control framework, including requirements from SOX, SOC2, Hitrust, PCI.
- Coordinate with internal and external assessors to provide consistent approach to assurance activities, including regulatory, internal and external audit (SOC 2/SOX/PCI).
- Manage assurance and risk assessment schedules to ensure adequate coverage of processes and risks while providing efficiency.
- Lead opportunities to improve efficiency, reduce audit fatigue and automate coordination activities.
- Contribute to information technology and security risk reporting.
- Collaborate with Agile teams to ensure risk remediation efforts are captured and prioritized.
- Collaborate with second line Information Risk function, including providing review and feedback on policies and standards.
- Bachelor's Degree in Information Technology/Security or another relevant field.
- 5+ years' experience in information security and/or risk management.
- Strong understanding of technology and information security frameworks, regulatory guidance for information security and banking, and risk methodology/terminology.
- Ability to work independently in a fast-paced environment.
- Exceptional organizational skills, strong written and verbal communication skills.
- Ability to collaborate with and influence a wide group of stakeholders across the technology organization.
- Advanced skills in Excel, PowerPoint, and Word required.