If you're looking for a meaningful career, you'll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster's values, these set us apart as a bank and as an employer.
Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!
DISASTER RECOVERY TEST MANAGEMENT
The Disaster Recovery/Business Continuity Analyst works with Corporate Information Security, Resiliency team and IT functional teams to ensure that Disaster Recovery capabilities meet the Recovery Time (RTO) and Recovery Point (RPO) objectives as defined by Business Impact Analyses.
- Assist in planning and helping in the execution of enterprise disaster recovery tests in accordance with regulatory and Resiliency Program requirements.
- Understand regulatory requirements as it relates to disaster recovery (FFIEC, and other pertinent agencies).
- Assisting in creating the scope of the tests [applications, business process, client participation, stretch objectives].
- Providing support in documenting the scope within a Test Plan Summary that will outline the objectives, participation and logistics associated with the exercise.
- Assisting in coordinating with the technology teams on the application requirements and recovery plans associated with critical applications.
- Assisting in interfacing with relationship teams and prepare client participation documents and communications.
- Providing support in preparing and delivering comprehensive Post Test Summaries after each exercise evaluation performance against stated objectives.
VENDOR BCDR PROGAM MANAGEMENT
The Disaster Recovery/Business Continuity Analyst is charged with maintaining adherence for ensuring critical IT risk vendors are delivering secure and resilient products and services by delivering a comprehensive due diligence and vendor review process.
- As requested by the bank's business lines, review vendor Business Continuity Program document and evaluate its competency and ensure it meets Webster Bank standards.
- Provide evaluation feedback to the business line concerning the acceptability of the vendors submitted program documentation.
BUSINESS CONTINUITY MANAGEMENT COLLABORATION AND SUPPORT
The Disaster Recovery/Business Continuity Analyst will also be working with peers collaboratively within Resiliency to address and work on critical initiatives throughout the year.
- Assisting in the development of strategies and maintaining business continuity plans,
- Assisting with the coordination associated with conducting business impact assessments,
- Leading tabletop exercises to validate that the processes and procedures contained in business recovery plans are capable of restoring essential operability after a disaster.
- Supporting the processes and procedures that are in place so to ensure that Webster mission-critical business functions are operational after a disaster.
- Providing support as needed for the day-to-day activities of the BCDR, ensuring that the Bank is in full regulatory compliance with all BCPDR requirements by performing quality control reviews and monitoring for completeness in this area.
- Maintaining adherence that the BCDR team is compliant with new regulatory requirements and with the bank's policies and procedures.
- Assisting the Manager of Resiliency in the administration of all aspects of the Bank's BCDR practices and standards, ensuring compliance with regulatory requirements, with the bank's policies and procedures and any additional duties as directed by the CISO.
INCIDENT RESPONSE MANAGEMENT AND SUPPORT
This role requires a combination of business acumen, security expertise, and strong organization skills to coordinate incident response upon escalation of crisis events. The role is responsible for coordinating the escalation of all cyber and crisis events, in collaboration with the Crisis Incident Response Team (CIRT). This role will work with the Security Operations Center (SOC) to coordinate incident response which includes coordinating meetings, maintaining documentation, act as a liaison between security and the major incident management team (MIM), corporate communications, legal and other stakeholders.
Additional collaboration with the SOC will include planning, documenting, and testing response plans and dovetailing those playbooks with their respective BCP plans. The ideal candidate works well in high pressure situations and also has project management experience to track residual action-items related to SP1 (Critical) and SP2 (Elevated) security incidents.
- Contribute to the implementation of a comprehensive Incident Response Process.
- Maintain engagement plans for specific activities and customer feedback (IT systems and business customers).
- Validate Incident Response Playbooks.
- Facilitate regular CIRT tabletop exercises - document results, and track action items.
- Provide logistical support during SOC SP1 crisis events
- Assist VP of Security Operations in documenting event details for SP1 Security Incident Report
- Document "Lessons Learned" process improvements for all SP2 Incidents
- Work with MIM team to track residual action items for SP1 and SP2 Security Incidents
- Conduct investigations for Unauthorized Disclosure, with Legal and Compliance teams.
- 5-7 years of related experience including IT Disaster Recovery planning and/or testing in a medium to large IT organization.
- Banking Line of Business Experience is a plus,
- BS/BA in Computer Science or a related field can be substituted on a year-for-year basis for experience
- 5+ working in large enterprise environments.
- CBCI or CBCP is preferred.
- Strong written and verbal communication skills - both technical and non-technical,
- Adherence to solid project management principals and structure.
- Understanding on a broad level IT infrastructure, database, and application development and design; this should include an understanding of AWS or other Cloud based service topology.