Third Party Risk Analyst
About The Position
In this role, you will drive the management of Third-Party Risk across the Chubb organization. Your primary responsibilities include conducting in-depth third-party control assessments focused on Cyber Security, Artificial Intelligence (AI), Privacy, Business Continuity, Physical Security, and Compliance. Leveraging advanced AI-driven solutions, you will perform initial control assessment reviews, enabling you to proactively and efficiently identify emerging risks. You will be accountable for identifying and tracking control issues through to remediation, maintaining a current and accurate third-party inventory, and compiling regional monthly metrics for executive management. Excelling in these areas will position you to contribute to strategic initiatives that strengthen and advance Chubb’s third-party risk management program, directly impacting the organization’s cybersecurity posture. In this role, you will: Lead and complete Chubb’s inherent risk ranking for all suppliers, ensuring full compliance with the Global Third-Party Cyber Risk policy; collaborate closely with the Global Third-Party team and Business Relationship Owners Conduct risk assessments for Cloud and AI providers Identify, track, and resolve issues and control deficiencies related to third parties; coordinate with business owners to drive remediation activities Maintain and update the Information Security Third Party Inventory and Issues Register, aligning with the Enterprise Risk Management strategy Perform and deliver Third Party Cyber Risk assessments initiated by the business Execute, manage, and oversee Third Party assessments to ensure compliance with applicable SLAs Review and evaluate information security policies, standards, guidelines, and baselines, both existing and in development Support internal security reporting, including preparing materials for steering committees and senior management updates Manage Third-Party related information security projects Develop and enhance the program, advancing current and future improvements to increase effectiveness and efficiency Support the TPCR Regional Lead and actively engage with the broader Information Security team
Responsibilities
- Lead and complete Chubb’s inherent risk ranking for all suppliers, ensuring full compliance with the Global Third-Party Cyber Risk policy; collaborate closely with the Global Third-Party team and Business Relationship Owners
- Conduct risk assessments for Cloud and AI providers
- Identify, track, and resolve issues and control deficiencies related to third parties; coordinate with business owners to drive remediation activities
- Maintain and update the Information Security Third Party Inventory and Issues Register, aligning with the Enterprise Risk Management strategy
- Perform and deliver Third Party Cyber Risk assessments initiated by the business
- Execute, manage, and oversee Third Party assessments to ensure compliance with applicable SLAs
- Review and evaluate information security policies, standards, guidelines, and baselines, both existing and in development
- Support internal security reporting, including preparing materials for steering committees and senior management updates
- Manage Third-Party related information security projects
- Develop and enhance the program, advancing current and future improvements to increase effectiveness and efficiency
- Support the TPCR Regional Lead and actively engage with the broader Information Security team
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
