ESIS IT Risk Manager

About the job

Responsibilities

JOB DESCRIPTION

  • Lead Policies and Standards Development:
    • Direct, coordinate and facilitate annual refresh activities and manage escalations, as necessary
    • Work with Policy and Standard owners to define, document and build the appropriate documentation in accordance to ESIS Policy Framework
    • Document the Technology Policies and Standards hierarchy and content updates, collect key inputs and manage downstream impacts based on Policies and Standards revisions
    • Ownership of Chubb/ESIS issue and risk acceptance process, inclusive of managing exceptions and collecting data for routine Technology Policies and Standards adherence reports
  • Ownership of Process, Risk and Control (PRC) Taxonomy:
    • Coordinate overall PRC maintenance activities and manage escalations as necessary
    • Facilitate PRC management including ensuring alignment of technology risk categories to Chubb/ESIS Policy Framework, updating regulatory mappings, and the coordination of SME’s
    • Provide ongoing input and oversight on implemented controls to meet control description and affirm Policy and Standard’s expectations
  • Facilitate Risk Identification, Profiling and Assessments
    • Coordinate overall risk identification, profiling, and assessment activities across ESIS/Chubb’s technology teams
    • Participate in formal and ad-hoc collaborative Risk Identification workshops to provide executive level guidance and insights
    • Confirm identified issues are properly documented and processed through Compliance and Issues Management
  • Lead IT Soc1 effort over the effectiveness of internal controls including testing of IT General Controls (ITGCs), IT application controls (ITACs), key interfaces, key reports/spreadsheets, and Soc 1’s. Participate and document key IT walkthroughs in conjunction with our external auditors. Identify control deficiencies, recommend improvements, and provide guidance to key members of Management.
  • Lead reviews following System Development Life Cycle controls (SDLC) and Separation of Duties (SoD). Partner with cross functional teams to help lead successful implementations or key system changes.
  • Work closely with our Cyber and Privacy teams helping our teams manage ever changing risks. Stretch opportunities available to learn new areas.
  • Drafts audit reports and communicates audit findings to process owners and management. Ability to work effectively with external audit.
  • Communicates with Internal Audit management regarding testing status, audit issues and deadlines.
  • Builds and maintains effective relationships with the various IT areas/departments.
  • Ensure asset owners provide risk assessment responses and required evidence

Qualifications

  • 4 – 6 years relevant work experience within Audit, Enterprise Risk Management, Information Security or Risk and compliance
  • Bachelor’s degree in Computer Science, Management Information Systems, Information Technology, Information Management, Information Security, or a related field of study.
  • Public Auditing/ IT Consulting/ Experience in Insurance Industry is a plus
  • History of partnering with senior technology leadership
  • Excellent communication skills, both verbal and written
  • Ability to multi-task, problem-solve, and prioritize, in order to successfully meet deadlines Strong time management and organizational skills
  • Flexible and adaptable
  • Passion for learning
  • Insightful Perspective on various issues
  • Self-directed and self-motivated
  • Highly organized, possessing strong analytical abilities
  • Excellent written/verbal skills. English language skills required.
  • Working knowledge of Excel, PowerPoint and Word required.
  • Demonstrated ability to work both independently and in a team environment, with good attention to detail.

The pay range for the role is $92,500 to $158,000. The specific offer will depend on an applicant’s skills and other factors. This role may also be eligible to participate in a discretionary annual incentive program. Chubb offers a comprehensive benefits package, more details on which can be found on our careers website . The disclosed pay range estimate may be adjusted for the applicable geographic differential for the location in which the position is filled.

About Us

Chubb is a world leader in insurance. With operations in 54 countries, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance, and life insurance to a diverse group of clients. The company is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, underwriting excellence, superior claims handling expertise and local operations globally.

At Chubb, we are committed to equal employment opportunity and compliance with all laws and regulations pertaining to it. Our policy is to provide employment, training, compensation, promotion, and other conditions or opportunities of employment, without regard to race, color, religious creed, sex, gender, gender identity, gender expression, sexual orientation, marital status, national origin, ancestry, mental and physical disability, medical condition, genetic information, military and veteran status, age, and pregnancy or any other characteristic protected by law. Performance and qualifications are the only basis upon which we hire, assign, promote, compensate, develop and retain employees. Chubb prohibits all unlawful discrimination, harassment and retaliation against any individual who reports discrimination or harassment.

More Information

Apply for this job
Share this job

13th Anniversary Global InfoSec Awards for 2025 now open for early bird packages! Winners Announced during RSAC 2025...

X