If you're looking for a meaningful career, you'll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster's values, these set us apart as a bank and as an employer.
Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!
Job Summary:
Managing Director, Information Risk is reporting to Senior Managing Director, Head of Information Risk Management, supporting execution of the program for Webster Financial Corporation and its subsidiaries.
The role responsibilities include: - manage policies, standards, and procedures to support processes and controls in place to comply with applicable laws and regulations for existing and new activities. - provide oversight for metrics (KPI / KRI) definition, creation, performance, and periodic review in conjunction with Enterprise Risk Management - lead preparation of Information Risk Committee presentation materials - provide subject matter expertise and guidance to Information Technology organization.
- Support Information Risk Program portfolio, RCSA, issue management, and regulatory response.
-Job Responsibilities:
Full cycle ownership of the firm Information Technology Policies and Standards: from creation, updates, to approvals on the Board level, as required. Ensure incorporation of regulatory and risk-based guidance into Technology policies and standards. Conduct periodic attestation of Information Technology procedures.
Assist in defining enterprise-wide risk appetite for relevant risk types.
In partnership with compliance and legal, monitor for new regulatory requirements, communicate across Webster Technology as required; monitor progress toward implementation; support management responses to regulatory exam requests.
Provide oversight for metrics (KPI / KRI) definition, creation, performance, and periodic review in conjunction with Enterprise Risk Management.
Maintain Information Risk Book of Work, lead preparation of Information Risk Committee presentation materials. Maintain and oversee Information Risk internal process documentation.
Provide oversight, assessment, review and challenge of first processes and control performance activities, including review of RCSAs, issues management, and external risk assessments (SOC2, HiTrust, CAT Assessment, Heightened Standards, and the OCC IT Handbook)
Provide subject matter expertise to Information Technology organization.
Education, Experience and Skills:
Strong written and verbal communication skills - excellent ability to write, edit, collaborate and communicate across the organization with internal/external partners.
7-10 years of experience in Information Risk, Technology, Information Security or Audit functions in a financial services environment.
Effective in presenting and influencing leaders at all levels of the organization.
Ability to plainly articulate risk concepts to Information Technology teams.
Proven skills to resolve conflicting opinions without compromising high quality risk management.
Proven ability to effectively work in a dynamic team environment with shifting priorities, must be detail oriented with a systems mindset, have strong project management / organizational skills.
Knowledge of ISO: 27001, NIST CSF 2.0, FFIEC, HIPAA / HITECH standards, frameworks, and regulations
CRISC, CGEIT, CISA or CISSP preferred.
Bachelor's degree, preferably in a computer science, or one requiring analytical skills and mindset
The estimated salary range for this position is $160,000USD to $185,00USD. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.
#LI-BY1
#LI-HYBRID
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.