Security Analyst - Vulnerability Management
Date ActiveAug 29, 2022 3:53:31 PM
Hours Per Week40
Location436 Slater Road-HF308
Job Description/ Requirements
If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.
Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!
Key Responsibilities include but are not limited to:
- Analyze threat data relevant to Webster's internal network and external threat landscape.
- Review vulnerability reports and prioritize remediation efforts.
- Work closely with tech groups and security to drive remediation efforts across the enterprise
- Track remediation efforts and escalate issues as they arise
- Coordinate, track, and drive remediation form penetration tests and other threat assessments.
- Work closely with the security operations team to investigate any threats or incidents.
- Work closely with technology teams to understand and drive configuration compliance for assets within the organization.
- Ensure the value of each security tools is being realized by maturing capabilities and features
- Ensure security tools are updated and properly deployed within the environment
- Ensure that existing network security systems within environment comply with company security policies, standards, and procedures.
- Ensure that all bank technology initiatives and projects are implemented in a secure manner.
- Implement technical solutions for requirements supporting GLBA, SOX, FISMA, ISO, PCI, and HIPAA
- Recommend and coordinate the application of fixes, patches, and disaster recovery procedures in the event of a security breach
- Conduct risk assessments, diagnose internet/extranet security issues, intrusion attempts, cyber-crime response, assist in responses to external audits, penetration tests, and vulnerability assessments
- Research emerging technologies in support of security enhancement and development efforts
- Continuously identify gaps in security program coverage.
- Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities -- knowledge may be gained through coursework and on-the-job training.
- Follows all bank policies and procedures, compliance regulations, and completes all required annual required or job-specific training.
- Actively learns, demonstrates, and fosters the Webster corporate culture in all actions and words.
Desired Skills and Knowledge
- Bachelor's degree in a related field required
- 3+ years of professional Information/Cyber Security Experience
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- Superior communication and analytical skills
- One Information/Cyber Security professional certification (CISSP, GIAC, CCNA Security or comparable)
- Understanding of Secure coding practices, ethical hacking, and threat modeling
- Experience in public Cloud IaaS such as AWS and Azure
- Familiarity with Python and or PowerShell
- IDS/IPS, penetration and vulnerability testing
- Firewall and intrusion detection/prevention protocols
- Windows, UNIX, and Linux operating systems
- Virtualization technologies
- MySQL/MSSQL database platforms
- Identity and access management principles
- Application security and encryption technologies
- Secure network architectures
- Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods