Cybersecurity Analyst

Chubb insurance products and services in Germany

• Design and drive strategy and tactical plans toward holistic Vulnerability Management across multiple technology teams in a large complex organization.
• Analyze patch and vulnerability information for Vulnerability Management processes.
• Automate the Vulnerability Management process to improve operational efficiency.
• Provide status reports to Regional RISO and IT leaders related to Vulnerability Management metrics, key risk indicators, trending, and compliance reports.
• Collaborate with Information Security policies, standards, and baselines and contribute efforts to measure compliance.
• Collaborate with cross-functional teams, including IT, security operations, and development teams, to ensure timely vulnerability remediation across on-premises and cloud environments.
• Lead the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.
• Create and maintain SOPs for the Vulnerability Management program, providing technical knowledge to operations and production support teams.
• Work with the portfolio manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.
• University Degree in Computer Science, or a related field.
• Minimum 4-6 years of IT security experience such as penetration testing, vulnerability scanning, security audits, configuring, and managing security systems.
• Knowledge of security standards, frameworks, and best practices (e.g., OWASP, CVE, CVSS).
• Technical knowledge and experience working with enterprise vulnerability management platforms.
• Work experience with vulnerability assessment tools like Rapid7, Nessus, and similar.
• Extensive knowledge and experience with diverse IT architecture and enterprise IT data centers, external hosted service, and cloud computing environments.
• Solid grasp of computer networking concepts and protocols and network security methodologies.
• Detailed comprehension of information security technology and tools, integrations, API, and scripting.
• Able to exercise good judgment in a dynamic environment.
• Independent and self-directed, with excellent time management skills.
• Excellent communication skills with the ability to communicate risk in business-relevant language.
• Effective communication and collaboration skills for management presentation materials. Experience with reporting and analytics tools is required, such as Power BI, Advanced Excel/Power Query.
• Team player with a positive attitude. Highly driven, autonomous, and resilient. Enjoy working in a dynamic and multi-cultural environment.
• Relevant certifications such as CISSP, CISM, or equivalent are a plus.