Chubb

Apply for this job

Technical Security Analyst (Finance)



JOB DESCRIPTION

Description

The Technical Security Analyst will work on Technical Security team as a member of the wider North America RISO team. The technical team provides security guidance and advisory services to other IT stakeholders, focusing on project security and security related improvements to IT and business. The role reports directly to the Head of Technical Security NA, responsible for leading the regional technical security team. Key responsibilities for the role include providing security advice to regional IT projects in Chubb's SDLC, security assessments for changes, reporting and metrics, and CIO support.

Required Skills:

Application Security

  • Well versed in application security principles, practices, and standards.
  • Familiar with OSWASP Top 10
  • Working knowledge of CI/CD pipelines, automation, and methods to secure.
  • Knowledge of integrating authentication and authorization processes with applications
  • Experience with interpreting results of vulnerability management tools, including SAST/DAST/SCA/IAST/Infra Vulnerability Scans, and advising with remediation.
Network Security
  • Understanding of Network security principles and best practices
  • Knowledge of secure protocols, network security tools
  • Ability to analyze network connectivity requests to see if they are secure
  • The importance of a DMZ, and 3 tier architecture
  • Understanding the importance and difference of different firewall technologies
Identity and Access Management
  • Explanation of different authentication methods
  • Understanding of Privileged Access Management
  • Can show the importance of segregation of duties and explain what it is
  • Verifying employees are following proper authentication standards
Data Security
  • Ability to explain the concept of data classification and what controls are needed depending on the classification
  • Understand how and when data needs to be encrypted/protected both in transit and at rest
  • Has experience with security best practices with different types of database technologies
  • Knows the difference between ALE, TDE, FLE and tokenization
  • Understands best practices around database authentication
Reporting and Automation
  • Gathering, understanding, and presenting security metrics.
  • Experience working with BI tools (Qlik preferred).
  • Experience with automating business processes (Power Automate preferred).
Communications
  • Strong verbal and written communication skills to articulate security concepts to technical and non-technical stakeholders.
  • Demonstrated ability to work collaboratively with cross-functional teams, including other security functions and business units.
  • Ability to provide awareness on application security concepts for developers and other staff.

Additional Skills

  • Proactive attitude towards learning and staying current with security trends and emerging threats.
  • Understanding of application security principles and various types of testing that typically
  • Understanding of program/application/system from all angles of security, providing assurance that these application/programs/systems are following all of Chubb's Security standards.
Key Responsibilities
  • Security assessments of IT and Business projects following a defined SDLC, such as Agile.
  • Participate in Agile projects as the security representative, driving good practice through consultancy.
  • Senior stakeholder management of cybersecurity related escalations and GIS priorities
  • Manage control exemptions/remediations identified through projects.
  • Provide technical security guidance where required.
  • Implement and monitor standards with regional\outsourced IT and Development.
  • Collaborate and guide IT and Business units, to correct non-compliant processes.
  • Identify gaps in technical security policy and process, help develop standards and processes.
  • Provide security oversight of IT delivery processes.
  • Assist strategic global and regional security project deployment within NA.
  • Provide metrics for relevant areas of responsibility when required.

QUALIFICATIONS

The

ABOUT US

Chubb is a world leader in insurance. With operations in 54 countries, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance, and life insurance to a diverse group of clients. The company is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, underwriting excellence, superior claims handling expertise and local operations globally.

At Chubb, we are committed to equal employment opportunity and compliance with all laws and regulations pertaining to it. Our policy is to provide employment, training, compensation, promotion, and other conditions or opportunities of employment, without regard to race, color, religious creed, sex, gender, gender identity, gender expression, sexual orientation, marital status, national origin, ancestry, mental and physical disability, medical condition, genetic information, military and veteran status, age, and pregnancy or any other characteristic protected by law. Performance and qualifications are the only basis upon which we hire, assign, promote, compensate, develop and retain employees. Chubb prohibits all unlawful discrimination, harassment and retaliation against any individual who reports discrimination or harassment.

Apply

Apply Here done