Technical Security Analyst

Chubb External-posted 5 months ago
Philadelphia, PA
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Technical Security Analyst will work on the Technical Security team as a member of the wider North America RISO team. The technical team provides security guidance and advisory services to other IT stakeholders, focusing on project security and security related improvements to IT and business. The role reports directly to the Head of Technical Security NA, responsible for leading the regional technical security team. Key responsibilities for the role include providing security advice to regional IT projects in Chubb’s SDLC, security assessments for changes, reporting and metrics, and CIO support.

  • Security assessments of IT and Business projects following a defined SDLC, such as Agile.
  • Participate in Agile projects as the security representative, driving good practice through consultancy.
  • Senior stakeholder management of cybersecurity related escalations and GIS priorities.
  • Manage control exemptions/remediations identified through projects.
  • Provide technical security guidance where required.
  • Implement and monitor standards with regional/outsourced IT and Development.
  • Collaborate and guide IT and Business units, to correct non-compliant processes.
  • Identify gaps in technical security policy and process, help develop standards and processes.
  • Provide security oversight of IT delivery processes.
  • Assist strategic global and regional security project deployment within NA.
  • Provide metrics for relevant areas of responsibility when required.
  • Application Security: Well versed in application security principles, practices, and standards.
  • Familiar with OSWASP Top 10.
  • Working knowledge of CI/CD pipelines, automation, and methods to secure.
  • Knowledge of integrating authentication and authorization processes with applications.
  • Experience with interpreting results of vulnerability management tools, including SAST/DAST/SCA/IAST/Infra Vulnerability Scans, and advising with remediation.
  • Network Security: Understanding of Network security principles and best practices.
  • Knowledge of secure protocols, network security tools.
  • Ability to analyze network connectivity requests to see if they are secure.
  • Understanding the importance of a DMZ, and 3 tier architecture.
  • Understanding the importance and difference of different firewall technologies.
  • Identity and Access Management: Explanation of different authentication methods.
  • Understanding of Privileged Access Management.
  • Can show the importance of segregation of duties and explain what it is.
  • Verifying employees are following proper authentication standards.
  • Data Security: Ability to explain the concept of data classification and what controls are needed depending on the classification.
  • Understand how and when data needs to be encrypted/protected both in transit and at rest.
  • Has experience with security best practices with different types of database technologies.
  • Knows the difference between ALE, TDE, FLE and tokenization.
  • Understands best practices around database authentication.
  • Reporting and Automation: Gathering, understanding, and presenting security metrics.
  • Experience working with BI tools (Qlik preferred).
  • Experience with automating business processes (Power Automate preferred).
  • Strong verbal and written communication skills to articulate security concepts to technical and non-technical stakeholders.
  • Demonstrated ability to work collaboratively with cross-functional teams, including other security functions and business units.
  • Ability to provide awareness on application security concepts for developers and other staff.
  • Proactive attitude towards learning and staying current with security trends and emerging threats.
  • Understanding of application security principles and various types of testing that typically apply.
  • Understanding of program/application/system from all angles of security, providing assurance that these application/programs/systems are following all of Chubb’s Security standards.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
IT Security Analyst Resume Examples
IT Security Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service