Third Party Risk Analyst
Share
Job Location:
Philadelphia, PA - USA
Monthly Salary:
Not Disclosed
Posted on:
Yesterday
Vacancies:
1 Vacancy
Job Summary
In this role you will drive the management of Third-Party Risk across the Chubb organization. Your primary responsibilities include conducting in-depth third-party control assessments focused on Cyber Security Artificial Intelligence (AI) Privacy Business Continuity Physical Security and Compliance. Leveraging advanced AI-driven solutions you will perform initial control assessment reviews enabling you to proactively and efficiently identify emerging risks. You will be accountable for identifying and tracking control issues through to remediation maintaining a current and accurate third-party inventory and compiling regional monthly metrics for executive management. Excelling in these areas will position you to contribute to strategic initiatives that strengthen and advance Chubbs third-party risk management program directly impacting the organizations cybersecurity posture.
In this role you will:
- Lead and complete Chubbs inherent risk ranking for all suppliers ensuring full compliance with the Global Third-Party Cyber Risk policy; collaborate closely with the Global Third-Party team and Business Relationship Owners
- Conduct risk assessments for Cloud and AI providers
- Identify track and resolve issues and control deficiencies related to third parties; coordinate with business owners to drive remediation activities
- Maintain and update the Information Security Third Party Inventory and Issues Register aligning with the Enterprise Risk Management strategy
- Perform and deliver Third Party Cyber Risk assessments initiated by the business
- Execute manage and oversee Third Party assessments to ensure compliance with applicable SLAs
- Review and evaluate information security policies standards guidelines and baselines both existing and in development
- Support internal security reporting including preparing materials for steering committees and senior management updates
- Manage Third-Party related information security projects
- Develop and enhance the program advancing current and future improvements to increase effectiveness and efficiency
- Support the TPCR Regional Lead and actively engage with the broader Information Security team
Qualifications
- Demonstrates advanced business acumen ideally within regulated or financial sectors
- Possesses over five years of specialized experience in information security focusing on risk assessments controls governance risk management program development compliance and auditing; proven track record in supporting or managing third-party risk assessment programs is required
- Holds expert-level proficiency in both business and technical domains of information security including third-party security risk and European data protection regulations
- Skilled in analyzing complex business processes and technologies with the ability to provide clear actionable recommendations to non-technical stakeholders
- Brings a robust technical foundation across distributed systems mainframe environments databases and web-based application development
- Excels in risk-based analysis and decision-making
- Experienced in interpreting and applying information security standards and frameworks (such as ISO/IEC 27001/27002 PCI-DSS NIST Cybersecurity Framework) and attestation reports (such as SOC 1/2)
- Experience with eGRC systems or similar system administration is highly advantageous
Required Experience:
IC
Key Skills
- ISO 27001
- Microsoft Access
- Risk Management
- Financial Services
- PCI
- Risk Analysis
- Analysis Skills
- COBIT
- NIST Standards
- SOX
- Information Security
- Data Analysis Skills
About Company
Chubb Life has been in Egypt since 2003. Chubb Life is the international life insurance division of Chubb - the world's largest publicly traded property and casualty insurance company by market capitalization.
