03/24/2022

Cyber Risk Technologist

  • Chubb
  • Chicago, IL, United States
Full Time

Job Description

Cyber Risk Technologist

Job Description

Chubb is the world’s largest publicly traded property and casualty insurer. With operations in 54 countries, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. The company is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, underwriting excellence, superior claims handling expertise and local operations globally. 

As a pioneer in providing cyber insurance 20+ years ago Chubb is a recognized global leader in Cyber Insurance.

Job responsibilities include:

  • Develop and deploy a scalable cybersecurity risk assessment based on objective and observable data (e.g., attack surface and internal configurations/controls) for organizations of all sizes, but with an emphasis on medium to large enterprises
  • Assist in identifying, evaluating, and deploying innovative third-party data sources to independently verify the existence of security controls and secure configurations in an automated, objective manner
  • Support and collaborate with Analytics to quantify the risk of ransomware, data breach or other cyber attacks to cyber insurance policyholders
  • Provide subject matter expertise to insurance professionals, underwriters, and other stakeholders on all matters of cybersecurity
  • Stay abreast of new tactics, techniques, and procedures of criminal threat actor groups, advanced persistent threats, and emerging threats and assist in developing mitigation strategies for underwriters and policyholders
  • Engage and collaborate with Chubb’s cyber fusion center, collaborating closely with Chubb’s internal Infosec group, sharing information, resources, and capabilities regarding constantly evolving cyber vulnerabilities, threats, and controls


Job Requirements:

Minimum Requirements

  • 3 to 5 years of experience within information security or cyber risk related roles.
  • 2 to 3 years of experience building operational frameworks around cyber risk topics.
  • Bachelor’s degree minimum; Master’s degree preferred, in the field of information security.

Desired Qualifications

  • Strong knowledge of cyber risk assessment, compliance, and data frameworks (NIST, CVE, CIS Top 18, PCI/DSS, Soc 2, ISO 27001, etc.)
  • CISM or CISSP designation(s)
  • Experience or familiarity with the challenge of cyber security as it pertains to midsized businesses and large enterprises
  • Strong knowledge of active and passive reconnaissance and other offensive security-related best practices
  • Strong knowledge of third-party information risk management processes
  • Strong knowledge of secure network architecture
  • Strong knowledge of the attack lifecycle (“Kill-chain” or MITRE’s ATT&CK methodologies)
  • Knowledge of SecOps (Security + Operations)
  • Knowledge of cyber insurance industry
  • Familiarity with underwriting concepts, practices, and procedures
  • Familiarity with key management metrics, and strategies to influence them, within commercial insurance
  • Microsoft Word, Excel, PowerPoint, and Outlook
  • Excellent oral and written communication skills
  • Project participation skills
  • Consultative experience with customers

*Note: Role is open to remote work, with occasional travel10-20%) to home office and client sites as needed.*


Apply Now