If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first-doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.
Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!
This senior-level leader oversees the Bank’s operational resilience program, including all aspects of business continuity (BC), disaster recovery (DR), and crisis management to ensure all risks are actively and appropriately managed. Additionally, the incumbent will oversee the strategic planning and selection of cybersecurity tools used to protect the Bank’s assets and data. This Senior Managing Director of Operational Resilience, Cybersecurity Analytics & Solutions plays an integral role overseeing and leading all aspects of the Bank’s BC/DR practices which include developing strategies and maintaining business continuity plans, conducting business impact assessments, and organizing & overseeing business continuity exercises; managing the strategic selection of cybersecurity solutions; and oversees analytics related to maturity of the Bank’s cybersecurity posture.
As a key leader on the Information Security team, the successful candidate will lead or perform the following responsibilities:
- Lead the Operational Resilience team in all aspects of the Bank’s BC/DR practices which include; developing strategies and maintaining business continuity plans, conducting business impact assessments, organizing & overseeing business continuity exercises.
- Oversee the enterprise-wide program to support the business continuity lifecycle, including maintaining continuity policies, procedures and systems and ensuring compliance with regulatory requirements.
- Provide effective oversight and/or design, implementation, and execution of the operational resilience program.
- Oversee the enterprise crisis management program.
- Ensure all critical IT risk vendors are delivering secure and resilient products and services by delivering a comprehensive due diligence and third-party vendor review process.
- In partnership with enterprise risk, legal, and compliance, monitor for new legal requirements and communicate and assess across the firm as required.
- Liaison between other first line teams as well as the second line and third line on operational resilience. Support internal audits, external audits, and regulatory exams from an operational resilience perspective.
- Assess, coach, review and challenge operational resilience risks and controls across the firm. Provide guidance to and coordination with all constituencies. Identify emerging risks, synergies, and opportunities for change.
- Oversee processes to identify, assess, and manage the portfolio of cybersecurity tools, including management of cybersecurity technology roadmaps, and managing the process for the assessment and selection of cybersecurity tools to support cybersecurity functions.
- Oversee the management of cybersecurity analytics tools and processes.
Experience needed for the role
- Bachelor's Degree in Computer Science or directly related/ field required; advanced degree preferred.
- Minimum of 15+ years of experience in BC/DR programs including crisis management, policy development, workgroup recovery alternatives, and working with disaster recovery plan repositories.
- Strong risk management skills in field such as Enterprise or Operational Risk, Internal Audit, or Information Security Risk Management.
- CRISC, CISA, and/or any BCP/DR related certifications preferred.
- Familiarity with technology, and an aptitude for learning emerging technologies and how regulatory requirements may evolve.
- Ability to evaluate and assess a wide variety of risk activities, processes, and controls (framework certification, regulatory maturity models such as the NIST CSF, CRI, COBIT, NYDFS, FFIEC, etc.).
- Experience testing controls in an assurance capacity.
- Strong vendor management acumen.
- Able to build successful relationships with all levels of staff and management.
- Strong written and verbal communication skills.
- Ability to collaborate and communicate up/down and across the organization with internal/external partners.
- Able to prepare for and present to Executive and Board-level audiences as well as draft clear, concise, and precise policies, standards.
- Track record of implementing effective programs and processes.
The estimated salary range for this position is $210,000.00 to $220,000.00. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.
#LI-Hybrid
#LI-FO1
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.