Global Head of DevOps Services
Chubb
- Location
- Hybrid (Jersey City, NJ)
- Compensation
- $240k - $280k/yr
- Employment
- Full-time
- Level
- Senior Level
About the Role
Chubb, a global leader in insurance, is seeking a Global Head of DevSecOps to build and scale their DevSecOps function. This role will own the intersection of security, reliability, and developer velocity, driving organizational transformation through automation and AI-enabled software engineering.
Skills
Benefits
- Comprehensive Benefits Package
- Discretionary Annual Incentive Program
Full job details
Global Head of DevSecOps
Position Overview
Chubb is seeking an exceptional leader to build and scale our DevSecOps function globally. You'll own the intersection of security, reliability, and developer velocity—architecting automation and enforcement mechanisms that make security invisible to developers while maintaining absolute control and visibility. This is a hands-on technical leadership role for someone who codes, influences, and drives organizational transformation.
You'll report directly to the Global Head of Engineering and own the strategic vision for security automation, deployment verification, compliance enforcement, and developer enablement across Chubb's engineering organization. You need to be well versed in AI-enabled software engineering and agentic AI DevSecOps design, deployment and operations.
Key Responsibilities
Automation & Enforcement
- Design and implement foundational DevSecOps platforms that automate security policy enforcement across CI/CD pipelines, infrastructure-as-code, container registries, and deployment systems
- Build verification systems that provide real-time evidence of compliance, vulnerability remediation, and security posture—eliminating manual audits
- Establish automation-first culture: every security control must be code-driven, testable, and self-service
- Lead technical architecture decisions for secrets management, supply chain security, and artifact signing
- AI native software engineering expert
Developer Experience
- Make security frictionless: design tools and workflows so developers want to follow security practices
- Own the "shift left" strategy—move security testing, scanning, and validation to local development and early CI stages
- Build dashboards, APIs, and CLIs that give developers transparency into their security posture without overwhelming them
- Champion zero-friction onboarding: new engineers should inherit secure defaults with minimal training
Hands-On Technical Leadership
- Code regularly in your areas of leverage
- Pair with teams on high-impact automation projects; stay in the trenches on the hardest technical problems
- Own critical-path infrastructure: build and maintain your team's CI/CD platforms, secrets systems, and policy engines
- Drive incident response for security and reliability issues; be the expert responder, not just the director
Organizational Influence & Change
- Partner with engineering leaders to shift security ownership: security is not a gate, it's engineering culture
- Communicate transparently about risk, tradeoffs, and implementation status—especially when timelines slip or priorities conflict
- Enforce standards without being perceived as a blocker; design policies that developers will adopt voluntarily
- Build a high-impact, lean team (likely 8–15 leads) that punches well above its weight
Compliance & Risk
- Own the evidence and documentation for SOC 2, ISO 27001, and regulatory audits—automate away manual compliance work
- Drive continuous verification of security controls; eliminate the painful spring audits
- Partner with Enterprise Risk and Legal on policy, but ensure the technical implementation is sound
What We're Looking For
Technical Chops
- 12+ years of software engineering and DevOps experience; 5+ years building or scaling security/compliance automation at significant scale (100+ engineers)
- Strong coding skills across multiple languages; comfortable shipping production code and debugging in production
- Deep hands-on knowledge of: Kubernetes/container orchestration, CI/CD systems (GitHub Actions, Jenkins, Ansible are a must), policy-as-code (OPA), infrastructure-as-code, secrets management
- Experience designing and owning high-availability, high-observability systems that must earn trust
Leadership & Influence
- Proven track record of building and scaling engineering teams through hiring, mentorship, and technical direction
- Ability to influence without authority: cross-functional alignment with product, infra, and risk teams
- Comfort in ambiguity; can prioritize ruthlessly and say "no" to protect team capacity
- Track record of driving organizational change in security/compliance without friction
Mindset
- Automation obsessive: if it's done manually more than twice, it's a problem
- Transparency and directness: you communicate bad news early, explain tradeoffs, and own mistakes
- Developer-first thinking: you remember what it's like to be blocked by security and you solve for that
- Learning hunger: security and DevOps evolve constantly; you stay sharp and drive continuous improvement