Welcome to VERCIDA website.

Skip to main content
Enable Recite to make this website accessible

Profile completeness

Did you know that users who have filled in their profile details are 42 times more likely to get matched with the right employer?

security illustration Help us find the best workplace for you by sharing more about yourself. We will never disclose your information with others.

Job description

Overview Application Security Consultant Chubb is the world's largest publicly traded property and casualty insurer. With operations in 54 countries, employing approximately 30,000 people worldwide; Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients across multinational corporations and small to mid-size businesses.
The company is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, underwriting excellence, superior claims handling expertise and local operations globally.
The purpose of this role is enhance Chubb's SDLC framework to provide advanced application security guidance and direction across the EMEA region, focusing on application assessments, remediation, reporting and development cycles across both waterfall and agile projects. The role will be expected to understand where automation is appropriate, DevSecOps models, and be able to both assist, implement and manage an application security framework. Primarily based in London, there is expectation of weekly travel to Crawley. This role reports to the Head of Technical Security, EMEA, responsible for leading the regional technical security team.

Key Responsibilities:
  • Primarily responsible for application security assessments as part of the software development lifecycle (SDLC), promoting self-service assessments where appropriate, and tracking through to remediation
  • Develop, educate, promote, and monitor the use of secure software development practices
  • Obtain and review all required artifacts as part of application security framework
  • Continue to drive security evaluation early in the cycles through iterative security testing
  • Enhance existing secure coding standards that are based on internal policies, contractual obligations and industry-accepted best practices such as OWASP Guide, SANS CWE Top 25, or CERT Secure Coding, to address common coding vulnerabilities
  • Provide regular status reports on the security of the software within the EMEA organization
    Identify areas where automated secure coding tools and processes, to review code as it is written, can be promoted through the developm ent lifecycle and into production, applying oversight and governance where appropriate
  • Provide advisory services to application development teams during development cycles
  • Work with peers to implement and refine security checkpoints in the SDLC
  • Assist with periodic security risk assessments, IT security audits, and management reporting
  • Follow application security scanning process, including analysis, communication and remediation verification
  • Perform security activities, including but not limited to, security design reviews, threat modeling, code auditing on internally & externally developed software

Knowledge & Experience:
  • IT\Cyber Security degree or equivalent preferred
  • Excellent knowledge of application security within SDLC, with proven ability to apply knowledge to use case
  • Demonstrated ability to apply application security kno wledge to broad range of technologies and make sound recommendations to constituents
  • Good communication skills, ability to explain technical issues to mixed audience ranging from technical to business, project management to leadership
  • Knowledge of project lifecycles, with working experience of Agile project methodology
  • Good understanding of DevOps technologies and automation
  • Broad understanding of IT and security technologies
  • Experience interpreting and complying to security standards and guidelines (e.g., OWASP, SANS CWE Top 25, CERT Secure Coding etc.)
  • Experience within the insurance industry or financial services preferred
  • At least 5 years IT experience, working in a technical discipline
  • At least 5 years working experience of security technologies
  • At least 5 years experience working in a senior technical role, with exposure to senior management, and proven stakeholder management skills

Work Location: London - Leadenhall
Job Function: Information Technology
Employment Type: Permanent

Join Our Talent Network

We came a long way in a very short space of time.

Learn More
Job Sector
IT & Telecoms
Job Position
Software Developer
London, UK Show on map
Post date
Closing date

How would you fit?

Learn more about Chubb

Be unique. Be authentic. However you prefer to say it, we really mean it. Our culture embraces people’s diverse perspectives and creates a positive environment where everyone belongs. We’re determined to build a better, more connected world for everyone.

Other jobs in Insurance

You will receive an email with link to reset your password.

Enter your new password