Network Security Architect - Lead
Where good people build rewarding careers.
Think that working in the insurance field can’t be exciting, rewarding and challenging? Think again. You’ll help us reinvent protection and retirement to improve customers’ lives. We’ll help you make an impact with our training and mentoring offerings. Here, you’ll have the opportunity to expand and apply your skills in ways you never thought possible. And you’ll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
The Security Architect serves as the expert in information security, including risk management mindset, knowledge across multiple security domains, technical solution designs and architecture, and leadership for implementing security capabilities and security controls. The Security Architect helps shape security innovation and plays key role in the evolution of enterprise architecture and security capabilities. The Security Architect makes decisions on complex or ambiguous IT architecture issues, coordinating with users to determine requirements, and ensuring system improvements are successfully implemented and monitored, finding ways to increase efficiency. The Network Security Architect has the main focus on network security among all security domains.
- Create, maintain and drive information security technology strategies and roadmaps related to Network Security, addressing from legacy Data Center network to Cloud network.
- Partner with the security group to plan and drive the implementation of the technology and its capabilities. Responsible for the architecture of the technology in Network Security, such as NG Firewall, Proxy/Reverse Proxy, IDS/IPS, Network Segmentation, SDN, SDP, etc.
- Set up best practices and provide directions and guidance of how to utilize the technology and its capabilities. Drive the development of security specifications, standards, and processes to ensure adequate protection of corporate network
- Work with other architects to design the security solutions for applications or systems, and/or provide expertise and consulting to the project teams on security controls needed
- Help governing security standards and architecture directions when supporting business needs and establishing business capabilities.
- Serve as an information security advisor to key technology and business stakeholders, establishing trust relationships through active engagement and collaboration
- 3+ years’ experience in understanding security risks, identifying gaps and creating strategies, roadmaps, and architecture directions and patterns. Demonstrated experience in driving strategies, architecture directions, universal architectures, and working across boundary to improve security posture for the organization
- 3+ years’ experience in designing, architecting, and implementing complex enterprise applications, infrastructures, platforms and systems, addressing security, performance, scalability, and reliability. Demonstrated ability to perform a risk-based approach to securing applications, databases or infrastructure based upon technology and business needs
- Extensive knowledge and 5+ years’ experience on one or more of the following
- Demonstrated strong knowledge and experiences on network theory, services, devices, technologies, and standards especially related to security, including
- Stateful inspection and next generation firewalls
- Web application firewalls
- Web proxies and caching appliances with content filtering
- Web Services Gateway
- Email gateways (Anti-virus, Anti-Spam, DLP)
- Server load balancers
- SSL VPN appliances
- Routers and switches
- Wireless networks
- Extensive knowledge of network security architectures and designs, including
- Data Center (Your own or Co-Lo) Network Design
- B2B connectivity
- DMZ/Application hosting
- Remote access, including VPN, VDI, RDP, etc
- LAN/WAN networks
- 802.1x and NAC
- Preferred experiences and knowledge on
- Cloud Network Design (AWS, Azure, etc) and Connectivity Architecture
- Migration from on-Prem to Cloud from both Network and Security
- Packet/protocol analysis and diagnostic skills
- Log analysis and correlation (ArcSight, Splunk, etc)
- Technologies from Cisco, F5, Palo Alto, Citrix, InfoBlox, Bluecoat, VMWare etc
- General knowledge of information security, including infrastructure security, application security, identity and access management, data security, threat intelligence, compliance frameworks, and other regulatory requirements such as PCI and SOX.
- Network certifications (e.g. CCNP, CCIE) or Security certifications (CISSP) is a plus
- Strong ability to think strategically and be innovative
- Strong ability to look at big pictures, connect the dots and architect the solution
- Strong ability to drive and lead conversations, and collaborate well with all parties
- Strong ability to give direction, identify the path, and troubleshoot infrastructure and application problems
- Excellent communication skills, including listening, communicating with Sr. Leadership, business and all levels of IT groups.
- Self-motivated and passionate about network and security
- Be willing to take risks and be able to step up to take initiative
- Be a quick learner and adapter, and be willing to challenge oneself
- Be good at writing concise, high-quality technical documents
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary – but that’s just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you’ll have access to a wide variety of programs to help you balance your work and personal life — including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please see the notice regarding the San Francisco Fair Chance Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.
Meet Some of Allstate's Employees
Data Analytics Engineer
Patrick supports the work of his fellow Data Scientists by coding predictive models. He works to create functional Allstate products by making sense of the company's vast amount of customer data.
Back to top