Skip to main content

This job has expired

Cybersecurity Regulation and Compliance Consultant

Employer
Allstate Insurance Company
Location
Chicago, Illinois
Salary
Not Specified
Closing date
Oct 19, 2019

View more

Category
IT , Legal / Compliance
Job Type
Not Specified
Career Level
Not Specified

Job Details

Where good people build rewarding careers.

Think that working in the insurance field can’t be exciting, rewarding and challenging? Think again. You’ll help us reinvent protection and retirement to improve customers’ lives. We’ll help you make an impact with our training and mentoring offerings. Here, you’ll have the opportunity to expand and apply your skills in ways you never thought possible. And you’ll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.

Job Description

**For this opportunity, we are open to candidates who are local or willing to relocate to the following markets: Dallas/Fort Worth, TX; Charlotte, NC; Phoenix, AZ.**

As a Cybersecurity Regulation and Security Compliance Consultant you will contribute to our compliance program (PCI DSS, HIPAA, SOX, Security Standards) by providing direct consulting of the security requirements within new and existing regulations. You will be required to collaborate across security teams, legal and business partners to identify, translate and communicate security requirements to technical teams and security leadership. You will also define required security controls and evidence to meet stated regulatory requirements.

A broad range of professional skills along with strong interpersonal skills will be required for problem-solving, collaboration with virtual cross-functional work groups, as well as the tracking and reporting of compliance gaps to closure. The successful candidate will be a self-starter who demonstrates complete ownership over assigned objectives and is able to work independently in a "semi-structured" environment, but also recognizes when guidance is needed from program management and delivery leaders. This individual is expected serve as a trusted advisor that can clearly articulate regulatory requirements and Allstate security policies, standards, and guidelines to both technical and business audiences alike.

Key Responsibilities

• Provide regulatory compliance support, scope management and communication, defining evidence requirements and program management as required
• Review new regulations for security impact and document requirements for compliance
• Communicate requirements and compliance status to security leadership and impacted technical teams
• Coordinate project managers and participate in meetings to ensure accuracy of scoping, requirements documentation, gap identification, remediation and compliance requirements are met
• Partner with risk management to ensure transparent communication of risk reporting related to compliance revaluations and identified gaps
• Review evidence submissions to ensure regulatory requirements are met and validation of gap closure
• Track remediation of any gaps to compliance with the implementation area to ensure closure and tracking to deadlines
• Support delivery/implementation leads in promoting and consulting on positions that help strengthen and secure the organization in alignment with regulatory requirements, by either following standards or helping direct others on technology positions
• Help facilitate review of changes in company processes, standards and technology to ensure effectiveness of security controls to meet compliance requirements
• Help consult with stakeholders on requirements for new and existing business / technology solutions to assure compliance to regulations, compliance frameworks and internal standards and governing policies and procedures
• Provide Archer GRC tool administration for security controls assessment workflow and evidence gathering within compliance and issues management modules
• Build effective working relationships, making sound decisions, successfully making changes, initiating action and achieving results as a trusted advisor

Job Qualifications

• 6+ years of IT experience – security governance, regulatory governance and/or IT audit preferred
• 3+ years of project management, consulting, and/or security engineering or architecture experience
• Relevant postsecondary education and/or industry standard certifications preferred (i.e., CISA, CISM, CISSP, CompTIA, Cisco, CheckPoint, Microsoft, EC-Council, ISACA, ISC2, SANS Institute/GIAC, PCIP)
• Strong organizational skills, ability to effectively manage multiple, competing projects while achieving targeted results
• Strong audit and compliance assessment skills, ability to effectively define gaps, evidence and remediation requirements while achieving targeted delivery results
• Capable of working with technical and non-technical resources -- able to partner with multiple business groups, senior managers, and senior network architects/ engineers
• Proficient in MS Office Suite and possess ability to write "high quality" documentation and/or presentations
• Able to stay current with cybersecurity regulatory landscape to account for changing security compliance circumstances and maintain technical proficiency via self or formal training
• Strong understanding of IT security best practices by applying depth and breadth of expertise in multiple domains and security disciplines
• General knowledge of: PCI DSS 3.2, HIPAA applicable security / privacy controls, Sarbanes-Oxley (SOX) 404, SEC38a-1, ISO/IEC 27000 family of standards, NIST 800-53, NIST cybersecurity framework, and COBIT
• General knowledge of common application security architecture and vulnerabilities (e.g. OWASP Top 10), attack techniques and remediation tactics/strategies
• Basic knowledge of Security Analysis (manual and leveraging automated scanning tools).
• Preference toward candidates with experience working within large Financial/Insurance organizations on regulatory or contractual information security compliance projects


The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.


Good Work. Good Life. Good Hands®.

As a Fortune 100 company and industry leader, we provide a competitive salary – but that’s just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you’ll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.


Learn more about life at Allstate. >.


Allstate generally does not sponsor individuals for employment-based visas for this position.

Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.


It is the Company’s policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee’s ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race, religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.


Company

COMPANY INFORMATION The Allstate Corporation (NYSE: ALL) protects people from life's uncertainties with more than 113 million proprietary policies. Allstate offers a broad array of protection products through multiple brands and diverse distribution channels, including auto, home, life and other insurance offered through its Allstate, Esurance, Encompass, SquareTrade and Answer Financial brands. Allstate is widely known from the slogan "You're in Good Hands with Allstate." The Allstate Corporation is the largest publicly held personal lines property and casualty insurer in America. Allstate was founded in 1931 and became a publicly traded company in 1993. In 2023, Allstate was number 84 on the Fortune 500 list of largest companies in America. WHAT WE DO We’re more than insurance agents and claims representatives. We’re individuals with hopes, plans and passions. The biggest of which is helping people live smarter, safer lives. Doing so means continuing to re-imagine how we do what we do, the impact we can make on the world, ways we can each succeed in our own careers and actions we can take as a company that are good for all. To do that, we need all kinds of people – including lawyers, accountants, building engineers, project managers, marketing professionals, human resource specialists and so many more. WHO WE ARE – INCLUSIVE DIVERSITY    We hold each other accountable to encourage and embrace our collective differences. It’s our individual characteristics, values and beliefs, along with backgrounds and experiences that give us fresh perspective and purpose. We work harder, meet customer needs more effectively, share better, and identify more innovative ideas when we are accepted for who we are by the world around us. Our success comes from a chorus of many different voices. At Allstate, every voice counts.​ In our stand against racism, we’ve been making changes within Allstate. We’ve been listening, learning and engaging in change. We are focused on improving equity for all. Allstate is committed to long-term change not only in the way we conduct our business, but also for our employees. There’s a dynamic environment waiting for you here. You’ll find people with similar interests, as well as the many who’ll help expand your horizons. We believe in the power of connections. That’s why Allstate promotes diversity through a robust network of employee resource groups. It helps connect us all and supports our unique talents. Here are some of the available resource groups that actively support our employees: Abilities Beyond Limitations & Expectations African American Working Network Allstate Asian American Network Allstate Foster and Adoption Network Allstate PRIDE Allstate Veterans Engagement Team and Supporters Allstate Women’s Information Network Entrepreneurs at Allstate Families at Allstate Matter Native American Peoples at Allstate Professional Latino Allstate Network Young Professionals Organization WHY JOIN OUR COMPANY Allstate has been protecting people from life's uncertainties since 1931. We continuously develop and improve products and services so our customers can live well protected. For employees, we offer an environment that fosters innovative thinking and collaboration - where you'll be able to explore your ideas and feel proud of the work you do.  Our Benefits Allstate is dedicated to helping employees live happier and healthier lives. As a Fortune 100 company and industry leader, we provide a competitive salary and a benefits package that includes medical and dental insurance, tuition assistance, as well as a robust pension and 401(k). Plus, you'll have access to a wide variety of programs to help you balance your work and personal life - including a generous paid time off policy.  Growth and Development We support your desire to grow and provide opportunities to learn, explore new horizons, and follow your passion in a meaningful career. From access to hundreds of learning opportunities to in-house networking and rotational work experiences, Allstate is a place where you can forge your own path and expand your personal and professional potential. 
Company info
Website

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert