Information Security Risk Manager
Where good people build rewarding careers.
Think that working in the insurance field can’t be exciting, rewarding and challenging? Think again. You’ll help us reinvent protection and retirement to improve customers’ lives. We’ll help you make an impact with our training and mentoring offerings. Here, you’ll have the opportunity to expand and apply your skills in ways you never thought possible. And you’ll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
The Role of IT Management is to lead the IT organization by: fostering the development of a common vision; providing clear direction and priorities; clarifying roles and responsibilities; recognizing and removing barriers to progress; encouraging and empowering others to achieve; creating enthusiasm and a desire to excel; accurately assessing the strengths and development needs of team members; giving timely, specific feedback and coaching; providing challenging assignments and opportunities.
A Manager is responsible for providing leadership to the organization by growing him/herself, growing others and growing the business. This position is for a Manager in the Allstate Technology & Strategic Ventures information Security department. This Manager will oversee a team of risk assessors leading the delivery of a high value and strategically improvement Information security service across the organization.
People Management :
- Build long-term relationships within team and amongst peers by creating an environment of safety and security champions
- Creates an environment of accountability for direct reports and peers.
- Executes HR-related processes and develops staff through coaching and mentoring and providing specific, timely, open, honest, constructive performance feedback.
- Leads employees and influences peers through change by using one’s self as an example.
General Management & Decision Making:
- Creates and delivers a team strategy in alignment with overall Allstate Technology transition to product driven delivery leveraging agile methodology. This includes identifying and implementing the necessary roles, skills, behaviors, and processes to enable this transition.
- Communicates strategy to the team so they understand their role in achieving the established goals.
- Manages day to day work of employees ensuring best utilization of financial, technical and team resources.
- Works closely with and influences decision makers in other departments to identify, recommend, develop, implement, and support a risk informed decision and action framework.
- Makes decisions that have an impact on quality or effectiveness of business activities beyond their immediate team.
- Initiates and implements continuous improvements in all areas of IT responsibility.
- Anticipates issues and develops preventive measures. Analyzes long-term impact of new or anticipated strategies and contributes to Allstate business and functional strategy.
Business Partner Management
- Acts as a Change Catalyst for a risk based approach to delivery of services and systems.
- Influences direct reports, clients, service providers and peers to successfully deliver on business commitments.
- Partners with others in their organization to set and manage expectations; continually seeks opportunities to be a thought partner and increase internal business partner satisfaction and deepen relationships.
- Adapts communication approach for audiences at multiple internal and external levels.
- Ensure the strategic alignment of information security with business strategy to support organizational objectives.
- Identify and recommend appropriate measures to manage and mitigate risks and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
- Manage the review of changes in company processes, standards and technology to ensure the effectiveness of security controls to meet compliance requirements
- Integrate security risk assessment activities into Allstate day to day processes.
- Perform periodic assessments of information security risk.
- Consult with stakeholders on requirements for new and existing business / technology solutions.
- Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need.
- Partner with all areas of the business, including internal auditors, legal, IT and business partners
- Develop and improve KPIs, metrics, and trending for the risk management and consulting function.
- Respond to and assist with audits, assessments and compliance requests.
- Participate and lead new projects as needed.
- Serve as client liaison as needed on matters pertaining to Risk Management.
- Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.
- Act as a subject matter expert for the organization’s information asset protection policies and procedures, and information technology best practices.
- Provide mentoring and guidance to a team of risk professionals.
- Develop and refine procedures and techniques used by the team.
- Other duties as assigned.
- Minimum 7 years of IT security experience
- Strong people management skills and experience.
- Experience in the insurance and/or financial industries required.
- Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
- Effective written, verbal communication skills. Ability to tailor communication style to audience at hand
- Ability to effectively communicate with technical and non-technical resources
- Strong organizational skills
- Self-directed, works with minimal guidance, and recognizes when guidance needed
- Proficient in MS Office Suite (Word, Excel, Project, PowerPoint, Visio)
- Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing.
- Experience evaluating and securing payment processing technology.
- Knowledge of PCI DSS, HIPAA, ISO, NIST, and IT Controls
- Strong understanding of IT security best practices
- CISSP or CISM, or other industry certification or expected completion of certification within 1 year of hire.
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary – but that’s just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you’ll have access to a wide variety of programs to help you balance your work and personal life — including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please see the notice regarding the San Francisco Fair Chance Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.
Meet Some of Allstate's Employees
Data Analytics Engineer
Patrick supports the work of his fellow Data Scientists by coding predictive models. He works to create functional Allstate products by making sense of the company's vast amount of customer data.
Back to top