We are currently reshaping and evolving our Regional Information Security Office (RIS) to address emerging threats in cybersecurity and to ensure the health, stability, and security of Chubb’s global footprint. By joining our team as a Cybersecurity Risk Engineer, you’ll partner directly with subject matter experts and stakeholders across business, engineering, infrastructure, and development teams to identify initiatives requiring RISO engagement across the business. Leveraging your deep information security knowledge, you’ll identify security gaps, and ensure the feasibility and alignment of remediation plans to Chubb’s Cyber Risk and Assurance Framework, Corporate Standards, Policies, and Procedures. While this will be your primary focus, you won’t be bound to one silo. We’ll look to you to actively participate in a number of different high profile workstreams including Third Party Risk Management, Incident Management, Information Security assessments and other technical projects/ initiatives.

On our team, you can be based in either Philadelphia or Jersey City and may need to travel between locations occasionally.

In this role, you will:

• Coordinate the policy exception governance process ensuring all requests are addressed in a timely manner with the input of the Technical Tower where required


• Ensure control remediation plans are documented and tracked to completion, escalating where required


• Develop and execute regular and ad hoc cyber risk reporting to provide updates on Chubb’s risk posture to senior management


• Complete and update the Issue Register for Policy Exceptions and other security issues


• Analyze and deliver regulatory and customer questionnaire responses and other external inquiries within the security team for action


• Identify security issues in assessed projects, develop and / or collaborate on solution remediation


• Contribute to security inquiries received by the region from internal and external Audit, regulators, and customers

• Bachelor’s or Master’s degree in a technical or STEM discipline with coursework that includes Information Security, Information Technology, Computer Forensics, and/or Ethical Hacking


• Minimum of 5+ years’ experience in a cybersecurity, technology risk management, or related role; financial services and/or insurance industry experience is a plus


• Ability to analyze complex business processes and technologies to make sound recommendations to constituents


• Knowledge of information security standards and frameworks (e.g., ISO/IEC 27001/27002, PCI-DSS, NIST Cybersecurity Framework, etc.) or attestation reports (e.g., SOC 1/2)

About Us:

Chubb is a global leader in the insurance industry and provides an extensive suite of products to a wide range of clients. Delivering superior coverage, craftsmanship, and customer experience has always been at our core, and will continue to be as we modernize what insurance does and how we deliver it, all while protecting what our customers value most. Major initiatives are underway at Chubb to build on our strengths and expand Chubb’s reach in the digital insurance space. This means data-enriched processes and real-time insights embedded across our value chain, design thinking and an “engineers of everything” mentality, and a world-class customer experience that sets us apart. We are also reimagining our ways of working to be more adaptable and flexible through agile principles and investing in skillset development and tools for a digital age.

What we Bring

• Dynamic Hybrid – flexible work arrangements


• Competitive offer packages which include a competitive base salary bonus and equity (for applicable roles)


• Employee stock purchase plan (15% discount)


• Comprehensive benefits that start day 1


• Retirement savings plan (Chubb contributes 9% on your behalf)


• Investment in education program- Tuition reimbursement program


• Charitable gift matching programs


• Mentorship programs to help you grow your career