.The Chubb Information Security team is responsible for protecting information and information systems against unauthorized access, detecting and responding to attempts to gain access and enabling access through our identity processes. Chubb operates a global information security team supporting local business units across five regions (Asia Pacific, North America, Latin America, Japan, and Europe including the Middle East and Africa). Our global information security strategy is developed with input from each of these regions and translated into programs that are then executed by the regions using resources from each region (especially, our infrastructure partners).The Sr. Application Security Analyst Role is a global role that requires an understanding of application security and the dev-ops process. This role will support the growth of the Application Vulnerability program. Candidates are required to have broad knowledge of application vulnerability identification, remediation, and management practices. They will engage directly with the application development community to drive adherence to and expansion of the Application Vulnerability program.Roles and Responsibilities: The position roles and responsibilities include but are not limited to:Engage with lead developers and architects, providing insight and support for Application Vulnerability program policies and practicesSupport application development teams with issues pertaining to vulnerability management: Understanding vulnerability reports resulting from automated and manual security testsProvide guidance for remediation work required for identified vulnerabilitiesHelp teams apply secure development practices as instructed through training modulesProvide oversight and guidance on application security toolset, including all facets of security scanning (DAST, SAST, SCA, Mobile)Help with strategic direction for security testing tools by maintaining familiarity with industry trends and solutions, in collaboration with Application Security ArchitectsHelp define, and drive the adoption of, a global approach to application vulnerability management through collaboration with teams Minimum Qualifications: Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience. and experience with application security conceptsMinimum 3-5 years of experience working in Application SecurityKnowledge of application vulnerability remediation best practicesExperience with the HCL AppScan toolset, including configuration and operationsExperience with using tools to perform SAST/SCA scanning and remediation (e.G., Checkmarx, HCL ASoC, GitHub Advanced Security, etc
