AVP of Cyber Risk Information, Enterprise Risk Management

5 - 7 years experience  •  Insurance

Salary depends on experience
Posted on 09/21/17
Philadelphia, PA
5 - 7 years experience
Salary depends on experience
Posted on 09/21/17

Never settle for less.

  Chubb Group provides insurance and reinsurance for a diverse group of clients around the world and a broad array of sophisticated property, casualty, accident and health, and financial products, and risk management services to corporate and consumer clients across the U.S.  Chubb Group is dedicated to recruiting and developing talented individuals with the knowledge, ability and desire for success.  With our strong capital base, financial stability, diversified earnings stream and multinational operating platform, we offer an excellent opportunity for your future growth and development.     The position will be based in Philadelphia, PA and will be a part of the Risk Information team which is a part of the Enterprise Risk Unit (ERU) that provides support to Chubb.  The ERU is part of the Corporate Analytics and Risk Management group under the overall direction of the Chubb Chief Risk Officer and Chief Digital Officer.   The candidate will provide subject matter expertise to the Enterprise Risk team regarding information/cyber security risks. The candidate will be responsible for identifying new and emerging risks/trends in the field of information/cyber security, refining Chubb’s cyber exposure models, developing and evaluating the impact of cyber stress tests and developing projects to support Chubb’s Cyber Underwriting and Operational IT teams.  Additionally, the candidate will communicate with external organizations regarding current industry cyber practices .   At any one time multiple projects may be ongoing, so the ability to shift focus quickly from one project to the other is necessary.   


  • Ability to quantitatively assess the impact of a cyber stress test on a complex financial organization, from both a financial and operational perspective
  • Bachelor’s degree in computer science or related field
  • Minimum 5 years experience and advanced knowledge in information/cybersecurityrisk management
  • Identify and develop relationships with key stakeholders both internal and external to the organization
  • Strong analytical, written and oral communication including strong presentation skills in dealing with all levels of management
  • Strong time management skills and ability to prioritize multiple work streams
  • Experience with security and technical controls using industry standard frameworks such as FFIEC, NIST, SANS, and/or ISO
  • Experience implementing integrated cyber defense programs (ie., at both the technical and policy level)


  • Experience performing cybersecurity or risk management assessments
  • Maintains ongoing awareness of current and emerging landscape of  securitythreats and techniques
  • Experience utilizing cyberthreat intelligence to reduce cyberrisk
  • Maintains in-depth understanding of threat actors, their intentions and TTPs (tactics, techniques & procedures)
  • Deep understanding of vulnerability assessment and mitigation process
  • Maintains in-depth understanding of current vulnerability landscape (ie, those most prevalent in common exploits)
  • Maintains current understanding of  malware and malware detection mechanisms
  • Familiar with internal cyber hunting techniques
  • Security certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) desired
  • Master’s degree in Cyber Security, Computer Science or Information Technology
  • Experience in the P&C insurance industry with a strong understanding of underwriting and/or claims disciplines
  • Knowledge of techniques to predict cyberevents (e.g., machine  learning)
  • Experience developing and utilizing automated cyberthreat and risk models
  • Familiarity with GRC solutions


Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.