Head of Technical Security, North America (338685)
Chubb is the world’s largest and most profitable publicly traded insurer with operations in 54 countries with a premier brand reputation. Chubb is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, risk expertise, underwriting discipline, service excellence, superior claims handling expertise, and local operations globally.
The Head of Technical Security will report directly to the Vice President, Regional Information Security Officer, North America.
The Head of Technical Security will be responsible for providing technical security guidance and leadership across the North American Region. Key responsibilities include security assessments of applications, IT and business projects, infrastructure and application vulnerabilities, understanding the regional implementations of existing and new global security technologies, and supporting regional cyber security incidents in coordination with the Data Protection Officer and global teams. The successful candidate would be responsible for executing on strategies, policies and standards developed by NA and Global leadership.
- Build, manage and develop a technical security team aligned to the Group and Regional Information Security model.
- Manage the security assessment process of applications and infrastructure being driven by IT and Business projects.
- Confirm design and security meets leading practices, as well as Chubb’s policies and standards ensuring issues are identified, remediated or managed through the exception process
- Provide oversight, approval and guidance to regional development teams, and provide security input for development process, where possible
- Drive regional IT process improvements with Infrastructure and Application Development teams to improve the remediation of infrastructure and application level vulnerabilities.
- Implement standards and processes to manage the security configuration of all devices and support security-related change management activities in support of policies and standards
- Understand the North American rollout of global security enablement projects, including interaction with Architecture, Infrastructure, and Development teams.
- Support NA cyber security incidents in accordance with global processes, coordinating with Global Security Operations and running regional incidents with the Data Protection Office, as appropriate.
- Provide technical expertise and input, into new and existing, policies and standards based on regional regulatory requirements.
- Provide technical expertise and input to regional priorities, in line with global strategy. Keep up to date with global strategic direction.
- Support integration of regional IT infrastructure with global security solutions, ensuring global requirements are met. Keep up to date with global security technologies.
- Manage new security assessments, and recertifications, of applications, ensuring issues are identified, remediated or managed through the exception process