Principal Security Engineer & Sr Architect Manager
The world isn’t standing still, and neither is Allstate. We’re moving quickly, looking across our businesses and brands and taking bold steps to better serve customers’ evolving needs. That’s why now is an exciting time to join our team. As a leader in a corporation with 83,000 employees and agency force members, you’ll have a hand in transforming not only Allstate but a dynamic industry. You’ll have opportunities to take risks, challenge the status quo and shape the future for the greater good.
You’ll do all this in an environment of excellence and the highest ethical standards – a place where values such as integrity, inclusive diversity and accountability are paramount. We empower every employee to lead, drive change and give back where they work and live. Our people are our greatest strength, and we work as one team in service of our customers and communities.
Everything we do at Allstate is driven by a shared purpose: to protect people from life’s uncertainties so they can realize their hopes and dreams. For 89 years we’ve thrived by staying a step ahead of whatever’s coming next – to give customers peace of mind no matter what changes they face. We acted with conviction to advocate for seat belts, air bags and graduated driving laws. We help give survivors of domestic violence a voice through financial empowerment. We’ve been an industry leader in pricing sophistication, telematics, digital photo claims and, more recently, device and identity protection. We are the Good Hands. We don’t follow the trends. We set them.
The Architect contributes to the design and conceptual models on which applications are based and designs the logical structures on which applications or infrastructures are being built, tested and implemented.
As an Architect-Sr Manager one contributes strategic vision to the organization and integrates a broad range of ideas regarding IT architecture. The Architect-Sr Manager is recognized across the organization for IT architectural expertise, influencing and motivating other team members, and is sought as a resource for resolving the most complex IT architectural problems. The Architect-Sr Manager provides leadership on the most complex architecture projects involving multiple disciplines and other business areas, interacting, influencing and presenting to Vice Presidents and Senior Vice Presidents.
As an Architect-Sr Manager one is expected to lead an organization within the IT Department that likely consists of several individual teams. At this level, the Architect-Sr Manager sets the strategic direction for their organization in support of the business objectives of the company, ensuring the structures and processes needed to effectively deliver the mission of their organization are in place. They create a work environment that enables their employees to be their best and deliver on their accountabilities. They are personally accountable for leading organizational change, delivering business results by working across the organization and development of employees. They demonstrate a high level of influence within their own organization, with their business partners, peer leaders and senior leaders.
- Provide detailed security technical subject matter expertise on one or more technologies contributing to complex design decisions and detailed problem analysis.
- Provide technical leadership over large or complex security engineering initiatives where multiple technological disciplines are involved.
- Influence Vice President and Senior Vice President level leadership from business and technology disciplines, presenting and delivering highly complex solutions as needed.
- Act as a leader during high profile problem analysis situations and contribute to ATSV-wide analysis and resolution of major problem issues – provide updates to leadership and governing process management.
- Lead technical assignments for new security product development or integration, process development, product/process improvement.
- Drive implementation of recommendations.
- Work with strategic vendors and partners to review and influence product roadmaps, strategies, and plans to ensure alignment with Allstate needs, both current and future.
- Identify opportunities to enhance process and technology solutions. Create and articulate the case for change by highlighting the potential business/customer benefits.
- Collaborate with clients and partners to define technology strategies and approaches.
Architect Management Responsibilities
- Builds and maintains relationships with all levels of employees by creating an environment of safety and innovation within their organization and across peer groups
- Identifies and proactively removes barriers to cooperative effort between teams and departments
- Models and creates an environment of accountability for their organization, peer groups and leaders by setting clear performance objectives in support of business outcomes
- Leads the process of establishing vision, direction and specific objectives for organization
- Collects multiple levels of staff performance data against desired outcomes and service level agreements
- Serves as a role model for personal development, incorporating 360-degree performance feedback. Maintains organizational focus on talent development.
- Identifies and leads change in their organization in alignment with broader organizational change initiatives. Uses personal influence to enlist employees and peers in implementing change.
General Management & Decision Making
- Develops ideas and team strategy that have long-term, strategic impact on area of responsibility and that align with Enterprise direction. Responsible for initiating work and allocating resources necessary to implement strategy and achieve organizational goals.
- Communicates strategy to the organization so they understand their roles, are motivated to achieve established goals and have line of the sight between their work and Allstate strategies. Converts thinking of others or gains acceptance of complex ideas where difficult but necessary to achieve goals and objectives.
- Manages multiple teams with significant, complex assignments. Creates structures and processes that provide oversight of budgets and delivery yet allow employees freedom of action.
- Applies knowledge and efforts to diverse and complex situations, where alternatives are numerous, to drive business solutions on behalf of the organization. Makes decisions that have an impact on quality or effectiveness of business activities beyond their area of responsibility.
- Fosters innovation. Creates structures and processes that promote an environment of innovation and experimentation for direct reports, peer groups, leaders and the organization.
- Highly proficient in the business of information technology
Business Partner Management
- Influences individual contributors, managers, partners, service providers and peers to successfully deliver on business commitments spanning across multiple organizations.
- Partners with others in their organization to set and manage expectations; continually seeks opportunities to be a thought partner and increase internal business partner satisfaction and deepen relationships.
- Negotiates solutions for issues that may be complex or controversial across multiple teams/functional groups.
- Adapts complex communication approaches for audiences at multiple internal and external levels
College Degree with technical study; or equivalent experience
- Over 12 years’ of direct experience in Information Security Technology across multiple disciplines and domains including but not limited to Security Architecture, Managing Cyber Risk and People Management
- 5+ years of recent Enterprise Information Security Architecture and Cloud/Kubernetes experience
- 5+ years of management experience; should include accountability for all aspects of leading an organization including people processes, client/partner relationships, work processes and delivery of work products.
- Serves as a security expert in application development, database design, network and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
- In depth knowledge of cybersecurity defense-in-depth best practices including infrastructure architecture, engineering, operations, DevOps, cloud networking architecture, cloud operations, security, automation and orchestration.
- Experience with common application security architecture and vulnerabilities (e.g. OWASP Top 10), attack techniques and remediation tactics/strategies.
- Experience with common enterprise infrastructure (OS platforms, directory services, networking infrastructure, appliances, middleware, common security infrastructure)
- Executive communication skills, both written and verbal - Ability to tailor communication of complex and technical issues to cross functional audiences for executive decision making
- Strong decision-making capabilities, with a call-to-action focus
- Self-starter with an ability to work independently in a "semi-structured" environment
- Experience with enterprise level program/project management
- Full stack security architecture or experience working as an enterprise level senior security consultant with large scale/complex environments
- Relevant post-secondary education and/or industry standard certifications (i.e. ISACA- CISA, CISM, CRISC, CGEIT; ISC2- CCSP, CSSLP, CISSP, CISSP-ISSAP; SANS Institute/GIAC; AWS Certified Solutions Architect; PCI SSC ISA/QSA/PCIP; SABSA; EC-Council CNDA)
- Proficiency with PCI DSS 3.2, HIPAA applicable security / privacy controls, Sarbanes-Oxley (SOX) 404, ISO/IEC 27000 family of standards, NIST 800-53, NIST cybersecurity framework, and COBIT
The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary – but that’s just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you’ll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please click “here” for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click “here” for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.
To view the “EEO is the Law” poster click “here”. This poster provides information concerning the laws and procedures for filing complaints of violations of the laws with the Office of Federal Contract Compliance Programs
To view the FMLA poster, click “here”. This poster summarizing the major provisions of the Family and Medical Leave Act (FMLA) and telling employees how to file a complaint.
It is the Company’s policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee’s ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race (include traits historically associated with race, including, but not limited to, hair texture and protective hairstyles), religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.