Skip to main content

This job has expired

Security Risk Senior Manager

Employer
Allstate Insurance Company
Location
Nationwide
Salary
Not Specified
Closing date
Aug 8, 2019

View more

Job Details

Where good people build rewarding careers.

Think that working in the insurance field cant be exciting, rewarding and challenging? Think again. Youll help us reinvent protection and retirement to improve customers lives. Well help you make an impact with our training and mentoring offerings. Here, youll have the opportunity to expand and apply your skills in ways you never thought possible. And youll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.

Job Description

Through its breadth of knowledge and understanding of information technology industry trends and emerging technologies, Security Governance, Risk and Compliance protects Allstate assets and information. This Security family manages the data protection strategies for the company. This is accomplished through the development, implementation, and administration of programs that help address compliance requirements to state, federal and industry standards, while protecting their stakeholders and related information.

Sr. Manager of Security Risk serves as a leader within the Allstate Information Security organization. This role will manage the establishment of an enterprise-wide cyber security risk framework; inform and execute enterprise-wide cyber security risk and control definition and assessment & process oversight; and ensure cyber security operational effectiveness through cyber security KPI selection and performance assessment, and oversight of risk lifecycle management. This role will encompass both internal and external cyber risk lifecycle management. Responsibilities for this role will be both operational and strategic and will require collaboration with leaders across the enterprise. Responsibilities for this role will be both operational and strategic and will require collaboration with leaders across the enterprise.

Responsibilities

Risk Management

  • Ensure the strategic alignment of information security with business strategy to support organizational objectives.
  • Identify and recommend appropriate measures to manage and mitigate risks and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
  • Manage the review of changes in company processes, standards and technology to ensure the effectiveness of security controls to meet compliance requirements
  • Integrate security risk reporting and management activities into Allstate day to day processes.
  • Define, monitor, and report on a set of Key Risk Indicators
  • Support, manage and streamline the security variance process.
  • Identify and report on new and emerging security risk and risk trends, including participating in risk remediation solution discussions and updates to compliance policy and standards.
  • Fully understand business requirements and work with the business to define appropriate solutions security objectives while meeting the business need.
  • Partner with all areas of the business, including internal auditors, legal, IT and business partners
  • Develop and improve KPIs, metrics, and trending for the risk management and remediation function.
  • Respond to and assist with audits, assessments and compliance requests.
  • Participate and lead new projects as needed.
  • Serve as client liaison as needed on matters pertaining to Risk Management.
  • Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.
  • Act as a subject matter expert for the organization's information asset protection policies and procedures, and information technology best practices.
  • Provide mentoring and guidance to a team of risk professionals.
  • Develop and refine enterprise policy, standards and procedures.
  • Develop and refine procedures and techniques used by the team.
  • Other duties as assigned.

Responsibilities (Cont'd)

Partnership

  • Provide input into the Allstate Corporation Strategy
  • Ensure clear lines of communication with the Allstate Family of Companies, Small and Emerging Businesses and Allstate Canada to support an enterprise view, including but not limited to the following:
    • Information Security Program
    • Metrics and Reporting
    • Information Security Policy and Standards
    • Compliance lifecycle management
  • Ensure clear lines of communication between ATSV, AIS and the business
  • Develop strong partnership with AIS team members. ATSV and key business partners to ensure
    • Establishment and monitoring of KRIs and KPIs
    • Compliance to Allstate regulatory and contractual obligations
    • Integration of changes to Information Security Standards and supporting documentation
    • Effective delivery/remediation of audit observations
    • Update the Security standards and supporting documentation
  • Ensure clear lines of communication between AIS, Operational Risk and ATSV Risk and Compliance
  • Provide reporting on the state and efficacy of security controls for Allstate Corporation
  • Secure ongoing security funding for special/complex projects, and evangelizing security awareness across Business Unit

Supplier Security

  • Responsible for being the leader in supplier management risk reviews.
  • Be well versed in supplier enterprise security due diligence and assessment.
  • Facilitate regular onsite security assessments of suppliers to assess information security risk.
  • Identify and recommend appropriate measures to manage and mitigate supplier risks and reduce potential impacts on information resources to an acceptable level.
  • Work with suppliers to remediate the risks identified during the information security assessments.
  • Understand how to risk-rank suppliers, perform risk assessments, and communicate results to the business.
  • Document and communicate risk assessments and results in a manner that allows all readers across the enterprise to understand the risk.
  • Partner with all areas of the business, including Privacy, Legal, Procurement, IT, and business partners.
  • Serve as client liaison as needed on matters pertaining to Risk Management.
  • Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.

Partnership

  • Provide input into the Allstate Corporation Strategy
  • Ensure clear lines of communication with the Allstate Family of Companies, Small and Emerging Businesses and Allstate Canada to support an enterprise view, including but not limited to the following:
    • Information Security Program
    • Metrics and Reporting
    • Information Security Policy and Standards
    • Compliance lifecycle management
  • Ensure clear lines of communication between ATSV, AIS and the business
  • Develop strong partnership with AIS team members. ATSV and key business partners to ensure
    • Establishment and monitoring of KRIs and KPIs
    • Compliance to Allstate regulatory and contractual obligations
    • Integration of changes to Information Security Standards and supporting documentation
    • Effective delivery/remediation of audit observations
    • Update the Security standards and supporting documentation
  • Ensure clear lines of communication between AIS, Operational Risk and ATSV Risk and Compliance
  • Provide reporting on the state and efficacy of security controls for Allstate Corporation
  • Secure ongoing security funding for special/complex projects, and evangelizing security awareness across Business Unit

Job Qualifications

  • Bachelor's Degree or equivalent experience
  • 5-7 years of experience in audit or information security related role.
  • Strong understanding of audit methodologies and regulatory requirements pertaining to information security, privacy and/or data security
  • Project management experience highly desired
  • Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams
  • Ability to interpret and apply policies and regulations across a large, complex business
  • Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
  • High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
  • Advanced skills with MS-Windows and other related PC applications
  • Experience with Cloud security control requirements
  • One or more of the following certifications:
    • Certified Information Systems Security Professional (CISSP) from ISC2
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Auditor (CISA) from ISACA
    • Advanced degree or masters in computer systems or equivalent
Behavioral Characteristics:
  • Strong analytical and critical thinking skills
  • Strong executive presence with proven ability to influence peers and senior leadership
  • Excellent written and oral communication, and presentation skills
  • Proven ability to develop diverse talent and assemble a highly effective team, inspiring those in the organization to do the best work possible and move the organization forward

The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.

Good Work. Good Life. Good Hands.

As a Fortune 100 company and industry leader, we provide a competitive salary but thats just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, youll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.

Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.

Allstate generally does not sponsor individuals for employment-based visas for this position.

Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.

For jobs in San Francisco, please click "here" for information regarding the San Francisco Fair Chance Ordinance.

For jobs in Los Angeles, please click "here" for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.

It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.


Company

COMPANY INFORMATION The Allstate Corporation (NYSE: ALL) protects people from life's uncertainties with more than 113 million proprietary policies. Allstate offers a broad array of protection products through multiple brands and diverse distribution channels, including auto, home, life and other insurance offered through its Allstate, Esurance, Encompass, SquareTrade and Answer Financial brands. Allstate is widely known from the slogan "You're in Good Hands with Allstate." The Allstate Corporation is the largest publicly held personal lines property and casualty insurer in America. Allstate was founded in 1931 and became a publicly traded company in 1993. In 2023, Allstate was number 84 on the Fortune 500 list of largest companies in America. WHAT WE DO We’re more than insurance agents and claims representatives. We’re individuals with hopes, plans and passions. The biggest of which is helping people live smarter, safer lives. Doing so means continuing to re-imagine how we do what we do, the impact we can make on the world, ways we can each succeed in our own careers and actions we can take as a company that are good for all. To do that, we need all kinds of people – including lawyers, accountants, building engineers, project managers, marketing professionals, human resource specialists and so many more. WHO WE ARE – INCLUSIVE DIVERSITY    We hold each other accountable to encourage and embrace our collective differences. It’s our individual characteristics, values and beliefs, along with backgrounds and experiences that give us fresh perspective and purpose. We work harder, meet customer needs more effectively, share better, and identify more innovative ideas when we are accepted for who we are by the world around us. Our success comes from a chorus of many different voices. At Allstate, every voice counts.​ In our stand against racism, we’ve been making changes within Allstate. We’ve been listening, learning and engaging in change. We are focused on improving equity for all. Allstate is committed to long-term change not only in the way we conduct our business, but also for our employees. There’s a dynamic environment waiting for you here. You’ll find people with similar interests, as well as the many who’ll help expand your horizons. We believe in the power of connections. That’s why Allstate promotes diversity through a robust network of employee resource groups. It helps connect us all and supports our unique talents. Here are some of the available resource groups that actively support our employees: Abilities Beyond Limitations & Expectations African American Working Network Allstate Asian American Network Allstate Foster and Adoption Network Allstate PRIDE Allstate Veterans Engagement Team and Supporters Allstate Women’s Information Network Entrepreneurs at Allstate Families at Allstate Matter Native American Peoples at Allstate Professional Latino Allstate Network Young Professionals Organization WHY JOIN OUR COMPANY Allstate has been protecting people from life's uncertainties since 1931. We continuously develop and improve products and services so our customers can live well protected. For employees, we offer an environment that fosters innovative thinking and collaboration - where you'll be able to explore your ideas and feel proud of the work you do.  Our Benefits Allstate is dedicated to helping employees live happier and healthier lives. As a Fortune 100 company and industry leader, we provide a competitive salary and a benefits package that includes medical and dental insurance, tuition assistance, as well as a robust pension and 401(k). Plus, you'll have access to a wide variety of programs to help you balance your work and personal life - including a generous paid time off policy.  Growth and Development We support your desire to grow and provide opportunities to learn, explore new horizons, and follow your passion in a meaningful career. From access to hundreds of learning opportunities to in-house networking and rotational work experiences, Allstate is a place where you can forge your own path and expand your personal and professional potential. 
Company info
Website

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert