Director Cybersecurity Architecture
- Southington, CT
- $160,000-170,000 per year
- Permanent
- Full-time
- Formulate security architecture recommendations and design security services
- Ensure security and compliance of public Cloud IaaS, PaaS, and SaaS environments
- Ensure that existing network security systems within environment comply with company security policies, standards, and procedures
- Ensure that all bank technology initiatives and projects are implemented in a secure manner.
- Implement technical solutions for requirements supporting GLBA, SOX, FISMA, ISO, PCI, and HIPAA
- Recommend and coordinate the application of fixes, patches, and disaster recovery procedures in the event of a security breach
- Conduct risk assessments, diagnose internet/extranet security issues, intrusion attempts, cyber-crime response, assist in responses to external audits, penetration tests, and vulnerability assessments
- Research emerging technologies in support of security enhancement and development efforts
- Continuously identify gaps in security program coverage, employ secure configuration management processes
- Identify and prioritize critical business functions in collaboration with organizational stakeholders
- Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities -- knowledge may be gained through coursework and on-the-job training
- Follows all bank policies and procedures, compliance regulations, and completes all required annual required or job-specific training
- Actively learns, demonstrates, and fosters the Webster corporate culture in all actions and words
- Ensure secure implementation and usage of GenAI and LLM technologies within the organization, including data privacy and model integrity.
- Integrate security considerations into the development and deployment of generative AI (GenAI) systems and large language models (LLMs).
- Bachelor's degree in a related field required (Advanced Degree a plus)
- 10+ years of professional IT experience
- 7+ years of professional Information/Cyber Security Experience
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- One Information/Cyber Security professional certification (CISSP, GIAC, CCNA Security or comparable)
- Secure coding practices, ethical hacking, and threat modeling
- Experience in public Cloud IaaS such as AWS and Azure
- API security best practices
- Knowledge of secure CI/CD pipeline or DevSecOps
- Proficiency in Python, C++, Java, Ruby, Node, Go and/or Power Shell
- IDS/IPS, penetration and vulnerability testing
- Firewall and intrusion detection/prevention protocols
- Windows, UNIX, and Linux operating systems
- Virtualization technologies
- MySQL/MSSQL database platforms
- Identity and access management principles
- Application security and encryption technologies
- Hands-on experience with implementing security measures for AI/ML systems, including model training, deployment, and monitoring.
- Understanding of generative AI (GenAI) technologies and large language models (LLMs), including their architecture and security implications.
- Experience with quantum computing principles and their impact on cryptographic systems.
- Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
- Experience with advanced persistent threats, phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication