Job Description

Date Active

Jul 25, 2022 3:33:55 PM

Requisition #


Hours Per Week



436 Slater Road-HF308


New Britain



Job Description/ Requirements

If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.


Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!

The Senior Cybersecurity Analyst is a hands-on, technical & strategic role within Webster's Security Operations Center (SOC). As an integral member Webster's Security Operations Center (SOC) team, the Senior Cybersecurity Analyst evaluates the end-to-end efficacy of the SOC's handling of security alerts, and makes recommendations to improve the detection and response capabilities of the SOC. The recommendations come in the form of roadmaps, or specific enhancements to technologies or workflow processes. The Senior Cyber Security Analyst will function as a content developer for alerts, coordinate threat hunting initiatives, approve requests for rule tuning, and review/approve requests for ticket closure. Additionally, this role will require suggestions for process improvements and control gaps applicable to the SOC. The Senior Analyst will work closely with Architecture and Engineering to ensure security controls are deployed in a manner to close identified gaps.

This role is the senior (L2/L3) subject matter expert (SME) for SOC investigations, in collaboration with our Managed Detection and Response (MDR) provider. As such, this candidate should be fluent in Threat Hunting, as well as Security Incident and Event Management (SIEM) technologies, alert correlations, Security Orchestration and Automated Response (SOAR), malware analysis, event triage, and Enhanced Detection and Response (EDR) systems. This position will report to Webster's Vice President of Information Security Operations, and will require extensive collaboration with other Security Architects, the Cybersecurity Incident Response Coordinator, and other IT platform owners.


The Senior SOC Cybersecurity Analyst will be responsible for evaluating the effectiveness and improving the following technology domains in place at Webster:

o Security Incident and Event Management (SIEM) -- Splunk experience is highly preferred.

o Security Orchestration and Automated Response (SOAR) tools -- Phantom experience is highly preferred.

o Data Protection Domain: includes DLP, URL Content filtering, CASB.

o Endpoint Threat Detection: includes EDR capabilities, traditional antivirus, asset management, and familiarity with baseline and configuration management tools.

o Next Generation Firewalls and/or IDS/IPS.

o Threat Hunting & Threat Intelligence.

o Threat Intelligence Platforms (TIP).

o Malware sandbox technologies & interpreting results.

o Incident Response tools, process, and capabilities.

o Splunk Enterprise Security experience desired.

* The Senior Cybersecurity Specialist will also be responsible for producing security roadmaps that into consideration the threat landscape and business needs

* Perform other duties as assigned.

* Bachelor's Degree required
* 5 -7 years (preferred) working within Cybersecurity field with
o Proven technical proficiency across multiple technologies & controls identified above.
o Proven proficiency with the identification, triage, and analysis of security events using a SIEM.
* Ability to work highly matrixed organization in order to identify stakeholders and Subject Matter Experts (SMEs).
* Experience assessing new security technology solutions.
* Prior experience managing vendor relationships.
* Strong attention to detail.
* Ability to develop security roadmaps and document workflow processes, in order to identify areas needing improvement.
* Splunk experience is highly preferred.
* Experience with malware analysis or at least the ability to interpret the results of a sandbox solution.
* Familiarity with threat intelligence and using external data sources for threat hunting.
* Experience with SIEM correlation searches, tuning, and rule creation.
* Proven technical expertise, evidenced by vendor or security certifications -- preferably (ISC)2 CISSP and ISSAP, or ISACA CISM, or SANS GIAC certifications.
* Strong desire to constantly improve personal skillsets, attend training, learn new concepts, enthusiasm, be curious etc.
* Ability to think outside the box, be creative, and act independently.
* Providing feedback and recommendation for process improvement is required for this role.
* Passion & drive for security is a must.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online