If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first-doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.
Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!
The role of Chief Controls Office –Director, RCSA Central Team & Quality Assurance (Non-IT QA) at Webster Bank will play a critical role in the hands-on management of quality reviews to strengthen the bank’s control environment and promote risk transparency. The successful candidate will coordinate the execution of a first-line QA program to evaluate the quality and effectiveness of Risk and Control Self-Assessments (RCSAs) across non-financial risks—including operational and compliance risk. This leader will ensure business-owned RCSAs meet enterprise standards, reflect an accurate risk profile, and are fit for regulatory and audit scrutiny. The leader will partner with process owners, control owners, and risk partners to drive consistency, accountability, and continuous improvement and, as such, must develop and maintain a strong level of partnership with line of business partners through collaboration and communication.
Key Responsibilities
RCSA QA Execution
Execute and oversee QA reviews across all business line owned RCSAs, evaluating the quality of RCSA submissions across non-financial risk types.
Evaluate Risk and Control Documentation
Review risk statements, impact/likelihood ratings, control narratives, and residual risk assessments for completeness, clarity, and alignment with enterprise standards and risk taxonomy.
Drive Quality and Consistency
Identify gaps, weaknesses, or inconsistencies in RCSA documentation and provide practical, risk-based recommendations to strengthen risk assessments.
Elevate RCSA Quality
Provide constructive feedback and escalate systemic gaps and emerging themes.
Promote Risk Culture and Awareness
Serve as a subject matter expert to promote best practices in identifying and assessing non-financial risks (e.g., operational resilience, data privacy, regulatory compliance , information security, and vendor risk).
Reporting and Thematic Analysis
Contribute to QA dashboards and reporting for business and risk leadership. Identify trends, root causes, and systemic control gaps across processes and risk types.
Partner with Key Stakeholders
Collaborate with first-line process/control owners, second-line risk partners, and compliance teams to ensure alignment with enterprise risk standards and regulatory expectations .
Regulatory and Audit Readiness
Ensure RCSA documentation and QA evidence meet internal audit and regulatory standards (e.g., OCC Heightened Standards, FFIEC, SOX, and data governance frameworks).
Support Training and Capability Building
Deliver guidance to first-line staff to enhance understanding of risk identification, control design, and risk rating rationale .
Project Management
Lead or participate in other risk-related projects or initiatives as assigned.
Key Skills/Experience Qualifications
Education
Bachelor’s degree in risk management, Business, Legal, Information Technology, or related field
Advanced degree preferred
Experience
Minimum of 8 years of experience in risk management, operational risk, or internal audit within the banking or financial services industry
At least 5 years in a leadership role within the banking sector
Experience leading QA or audit reviews or building QA frameworks for operational risk and control programs
Deep experience with RCSA programs and control frameworks across non-financial risks
Proven ability to document QA findings and perform root cause analysis.
Knowledge
Strong understanding of risk taxonomies, process risk mapping, and control evaluation
Knowledge of OCC Heightened Standards and Regulatory Category IV banking requirements preferred
Skills
Strong analytical, problem-solving, and decision-making skills.
Excellent verbal and written communication abilities, with the capacity to present complex information clearly.
Strategic thinker with attention to detail and operational acumen.
Strong commitment to quality and continuous improvement.
Collaborative, with strong influence and stakeholder engagement skills.
Skilled in GRC tools (e.g., Archer, Workiva, ServiceNow, or similar data tools.)
Preferred Certifications
Certified Risk Professional (CRP), Certified Internal Auditor (CIA), Certified in Risk Management Assurance (CRMA), Certified in Control Self-Assessment (CCSA), Certified Information Systems Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), Certified Regulatory Compliance Manager (CRCM)
Lean Six Sigma, PMP or control design certifications a plus
This role can be based in our Stamford, Southington, or Waterbury offices, with additional flexibility for Rhode Island or Massachusetts. Remote options may be available for the right candidate.
The estimated base salary range for this position is $140,000 USD to $175,000 USD. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.
#LI-RK1
#LI-HYBRID
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.