Chubb is the world’s largest publicly traded property and casualty insurer. With operations in 54 countries, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. The company is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, underwriting excellence, superior claims handling expertise and local operations globally.
As a pioneer in providing cyber insurance 20+ years ago Chubb is a recognized global leader in Cyber Insurance.
Develop and deploy a scalable cybersecurity risk assessment based on objective and observable data (e.g., attack surface and internal configurations/controls) for organizations of all sizes, but with an emphasis on medium to large enterprises
Assist in identifying, evaluating, and deploying innovative third-party data sources to independently verify the existence of security controls and secure configurations in an automated, objective manner
Support and collaborate with Analytics to quantify the risk of ransomware, data breach or other cyber attacks to cyber insurance policyholders
Provide subject matter expertise to insurance professionals, underwriters, and other stakeholders on all matters of cybersecurity
Stay abreast of new tactics, techniques, and procedures of criminal threat actor groups, advanced persistent threats, and emerging threats and assist in developing mitigation strategies for underwriters and policyholders
Engage and collaborate with Chubb’s cyber fusion center, collaborating closely with Chubb’s internal Infosec group, sharing information, resources, and capabilities regarding constantly-evolving cyber vulnerabilities, threats, and controls
5+ years of experience within information security or cyber risk related roles.
3+ years of experience building operational frameworks around cyber risk topics.
Bachelor’s degree minimum; Master’s degree preferred, in the field of information security.
Strong knowledge of cyber risk assessment, compliance, and data frameworks (NIST, CVE, CIS Top 18, PCI/DSS, Soc 2, ISO 27001, etc.)
CISM or CISSP designation(s)
Experience or familiarity with the challenge of cyber security as it pertains to midsized businesses and large enterprises
Strong knowledge of active and passive reconnaissance and other offensive security-related best practices
Strong knowledge of third-party information risk management processes
Strong knowledge of secure network architecture
Strong knowledge of the attack lifecycle (“Kill-chain” or MITRE’s ATT&CK methodologies)
Knowledge of SecOps (Security + Operations)
Knowledge of cyber insurance industry
Knowledge of underwriting concepts, practices, and procedures
Familiarity with key management metrics, and strategies to influence them, within commercial insurance
Microsoft Word, Excel, PowerPoint, and Outlook
Excellent oral and written communication skills
Project management and project participation skills
Consultative experience with customers
*Note: Role is open to remote work, with occasional travel (10-20%) to home office and client sites as needed.*
Chubb strives to offer a diverse and inclusive and rewarding work environment. Teamwork and mutual respect are central to how Chubb operates and we believe the best solutions draw upon diverse perspectives, experiences and skills. We operate in such a way where everyone, regardless of their singular background has the opportunity to contribute to our collective success.