Managing Director, Cybersecurity Incident Response

If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.  

Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!

The Managing Director of Incident Response leads the bank’s cybersecurity incident management program. This role is responsible for coordinating responses to cyber threats, managing crisis situations, and ensuring regulatory compliance during incidents. The MD will also oversee initiatives in preparing not only the Security team, but critical lines of business on their response to an incident. Additionally, the role will lead the creation and maturity of the threat hunting, digital forensics, and continuous improvement of incident response capabilities.

Key Responsibilities:

• Lead and manage the cyber incident response team, providing strategic direction and operational oversight.
• Oversee Cybersecurity Incident Management and coordinate with the Major Incident Management (MIM) team during crises.
• Develop and maintain Incident Response Playbooks.
• Plan, coordinate, and execute Tabletop Exercises & Simulations.
• Direct Threat Hunting Operations to proactively detect and mitigate threats.
• Oversee Digital Forensics and Malware Analysis efforts.
• Ensure Regulatory & Legal Compliance during incident handling.
• Manage Third-party/Vendor Incident Response coordination.
• Create, track and report Incident Metrics; drive continuous improvement initiatives.
• Collaborate with SOC and other security pillars to optimize detection and response capabilities.
• Stay current with emerging threats, vulnerabilities, and best practices.
• Respond to and coordinate efforts for incident management in relation to critical third-party partners and supply chain.
• Partner with the Resiliency team in efforts to test catastrophic cybersecurity scenario response capability from detection to recovery.
• Partner with infrastructure partners to threat model catastrophic technology events to create, test, and maintain response playbooks.
• Ensure the Incident Response program is well documented to heightened standards and meets all the criteria identified in regulatory and industry standard frameworks.
• Manage Incident Response platforms.
• Collaborate with the Security Operations Center (SOC) to perform quality assurance of level 1 and 2 analyses and to ensure all incident tickets are well-documented and complete.
• Track and remediate any findings or lessons learned from incidents, assessments, and cybersecurity exercises.
• Serve as an escalation point for level 1 and 2 analyst triages.
• Manage the relationship with IR managed security service providers and partners.

Qualifications:

• Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field preferred.
• Certifications such as: CISSP, CISM, GIAC (GCFA, GCIH), or equivalent.
• 10+ years in cybersecurity with 5+ years in incident response leadership.
• Expertise in digital forensics, malware analysis, and threat hunting.
• Experience with regulatory frameworks (e.g., FFIEC, GDPR, NYDFS).
• Experience with industry frameworks (e.g., CRI, NIST CSF, MITRE).
• Strong leadership, crisis management, and communication skills.
• Familiarity with SIEM, SOAR, EDR, and forensic tools.
• Candidate must show experience managing true cybersecurity incidents
• IR consulting preferred but not required.
• Experience in the banking industry desired.
• Previous management experience desired. 

The estimated salary range for this position is $170,000.00 to $180,000.00. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.

#LI-Hybrid

#LI-FO1

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.