At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. For more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs.
Your role in the team
We have an opportunity for someone with experience in performing Security Risk Assessments to join the Information Security department as a Cyber Risk Security Assessor in the Allstate Technology & Strategic Ventures (ATSV). The Cyber Risk Assessor will be responsible for supporting the company’s efforts to identify, assess, and evaluate security risks through business-as-usual cyclical assessments and ad hoc consultations. This individual will be a key contributor managing operational activities to reduce risks to business goals in close consultation with other Information Security, ATSV, and business partners. The analyst needs to understand information security best practices, risk assessment methodologies, and work across multi-functional teams.
Key Responsibilities
Conduct risk assessments at the network, systems, platforms, and application level. Address and provide guidance on a wide range of security issues including architectures, platforms including Public Cloud, electronic data traffic, and network access. Drive the company’s efforts to proactively identify, assess, and communicate the company’s information security risks to leadership and the board. Ensure compliance with security policies and standards. Understand Cyber programs such as Threat Management, Secure SDLC, Security Architecture, Network, and Data Protection. Work in close partnership with internal information security and business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent management of risks by following a structured risk assessment methodology. Lead and complete high-quality threat-based risk assessments across a diverse set of technologies, business functions, and platforms. Proactively drive process improvements, overcome barriers to success, build professional relationships across the company, brief senior leaders, and mentor others. Essential Skills
Legal right to work in the UK; Allstate is not providing sponsorship for this vacancy. Minimum of 5 years of IT experience in either an infrastructure or development background with proficiency in Cyber Risk Assessments. Experience with information security risk management frameworks, assessments, audits, and controls based on industry standard frameworks (i.e., NIST CSF; ISO; HiTrust; FAIR). Experience with regulatory requirements (i.e., PCI; GDPR; HIPPA; CCPA; etc.). Experience using GRC tools and technologies in support of the assessment/audit process (RSA Archer, MiTRE, Bitsight, etc.). Experience gathering information from various sources to help identify weaknesses in security controls. Expertise in security control design, development, implementation, and monitoring. Posting End Date
Tuesday, 24th December 2024 Joining our team isn’t just a job — it’s an opportunity that takes your skills and pushes them to the next level. You’ll do all this in a flexible environment that embraces connection and belonging. Good Hands. Greater Together. What we offer As Digital DNA’s Workplace of the Year 2020 & 2022 winners, we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package, and discounts on gym memberships, public transport, and parking. Allstate invests heavily in your development, providing access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team. We pride ourselves on providing clear career paths and opportunities for internal mobility allowing you to further develop within the organization. We encourage a better work-life balance and you’ll have the opportunity to apply for various flexible working arrangements. Statement on Fair Employment and Equal Opportunities Allstate NI wishes to ensure equal opportunity is given to all job applicants. This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age, or disability. We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit. Applicants should note Allstate NI completes AccessNI background checks on all candidates offered a position. Posting End Date: 25 December 2024
#J-18808-Ljbffr
Conduct risk assessments at the network, systems, platforms, and application level. Address and provide guidance on a wide range of security issues including architectures, platforms including Public Cloud, electronic data traffic, and network access. Drive the company’s efforts to proactively identify, assess, and communicate the company’s information security risks to leadership and the board. Ensure compliance with security policies and standards. Understand Cyber programs such as Threat Management, Secure SDLC, Security Architecture, Network, and Data Protection. Work in close partnership with internal information security and business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent management of risks by following a structured risk assessment methodology. Lead and complete high-quality threat-based risk assessments across a diverse set of technologies, business functions, and platforms. Proactively drive process improvements, overcome barriers to success, build professional relationships across the company, brief senior leaders, and mentor others. Essential Skills
Legal right to work in the UK; Allstate is not providing sponsorship for this vacancy. Minimum of 5 years of IT experience in either an infrastructure or development background with proficiency in Cyber Risk Assessments. Experience with information security risk management frameworks, assessments, audits, and controls based on industry standard frameworks (i.e., NIST CSF; ISO; HiTrust; FAIR). Experience with regulatory requirements (i.e., PCI; GDPR; HIPPA; CCPA; etc.). Experience using GRC tools and technologies in support of the assessment/audit process (RSA Archer, MiTRE, Bitsight, etc.). Experience gathering information from various sources to help identify weaknesses in security controls. Expertise in security control design, development, implementation, and monitoring. Posting End Date
Tuesday, 24th December 2024 Joining our team isn’t just a job — it’s an opportunity that takes your skills and pushes them to the next level. You’ll do all this in a flexible environment that embraces connection and belonging. Good Hands. Greater Together. What we offer As Digital DNA’s Workplace of the Year 2020 & 2022 winners, we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package, and discounts on gym memberships, public transport, and parking. Allstate invests heavily in your development, providing access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team. We pride ourselves on providing clear career paths and opportunities for internal mobility allowing you to further develop within the organization. We encourage a better work-life balance and you’ll have the opportunity to apply for various flexible working arrangements. Statement on Fair Employment and Equal Opportunities Allstate NI wishes to ensure equal opportunity is given to all job applicants. This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age, or disability. We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit. Applicants should note Allstate NI completes AccessNI background checks on all candidates offered a position. Posting End Date: 25 December 2024
#J-18808-Ljbffr
