Analyst, Cybersecurity Operations

If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer. Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work! The Cybersecurity Analyst, Data Loss Prevention & Insider Threat, is responsible for monitoring, investigating, and remediating risks related to sensitive data movement and insider activities. The analyst is expected to understand data protection concepts, insider threat indicators, and security controls to support enterprise strategies. Analysts must also perform policy maintenance in the form of DLP rule tuning, CASB configuration updates, and automation support. Reporting of metrics and summaries of investigations/ticket tracking is required on a monthly basis. This role will assist the head of the DLP/ITM pillar in daily operations and strategic initiatives. The Cybersecurity Analyst will be responsible for evaluating the effectiveness and improving the following technology domains in place at Webster: Data Loss Prevention (DLP): email, endpoint, and cloud DLP policies; data classification and labeling; USB and removable media controls. Insider Threat Monitoring (ITM): user and entity behavior indicators, anomalous data movement/use, privileged user monitoring, risk scoring and workflows. Cloud Access Security Broker (CASB): app discovery, inline/API policies, session controls. Web & Email Data Controls: URL content filtering policies, web upload/download restrictions, email DLP transport rules and secure messaging. Detection Engineering: use case development, alert fidelity improvement, false positive reduction, and playbook/automation updates. Reporting & Governance: monthly metrics, control health checks, exception tracking, and support for audits and regulatory requests. Splunk Enterprise Security (or equivalent) experience desired for correlating DLP/ITM events. Perform other duties as assigned.