Vice President, Security Engineering
Where good people build rewarding careers.
Think that working in the insurance field can't be exciting, rewarding and challenging? Think again. You'll help us reinvent protection and retirement to improve customers' lives. We'll help you make an impact with our training and mentoring offerings. Here, you'll have the opportunity to expand and apply your skills in ways you never thought possible. And you'll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
The Vice President of Security Engineering serves as a senior leader within the Allstate Information Security organization. This position has the responsibility to lead a high performing team that will execute an operational security strategy to include detection and response, identity and access management, network security, and system security for the Allstate Enterprise. This position will also collaborate with internal stakeholders such as Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure the organization maintains a strong security posture. The position also requires hands on technical experience, and deep knowledge and understanding of secure infrastructure architectures, application architectures, encryption, and broader security technologies.
Responsibilities for this role will be both operational and strategic and will require collaboration with leaders across the enterprise.
- Develop and execute a compelling operational security strategy including Detection and Response, Identity and Access Management, Network Security, and System Security
- Oversee the analysis of business requirements and the subsequent interpretation into security requirements internally and externally
- Partner with security executives across the organization to help envision and deliver company-wide security initiatives
- Evaluate, prioritize, and resource security projects and programs based on input from appropriate stakeholders
- Evaluate, implement, and support security-focused tools and services
- Collaborate with other corporate functions including Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure that the organization maintains a strong security posture
- Liaise with Business Information Security Officers (BISOs) for cyber security and IT Risk & Compliance Management program needs within the business units
- Develop and manage a security budget and develop strategic plans to invest resources to efficiently reduce cyber security risk
Identity and Access Management
- Develop and maintain a comprehensive vision and strategy of how Identity and Access Management (IAM) services can and will be used to protect our systems and data, while facilitating new and existing business models highly dependent on technology
- Oversee the development of a cohesive portfolio of IAM capabilities across the full lifecycle of provisioning, maintenance, and retirement, and the pipeline of projects/tasks to create, evolve, and change them as needed. Components include solutions for authentication, authorization, identity provisioning, role-based access control, physical security, and audit and monitoring solutions.
The Allstate Information Security organization is undergoing large-scale transformation. With a complex, matrixed organization structure, the leader must be adept at collaborating with and influencing other executives and senior leadership teams throughout the enterprise.
- Demonstrated executive level business and technical acumen
- 15-20+ years of business experience in planning, organizing, and developing cyber and information security capabilities in large global organizations
- Experience serving as cyber and information security leader in complex organizations, preferably the Insurance or Financial Services industry
- Demonstrated success and influence in the cloud services technology security space (SaaS, PaaS), ideally operational security
- Experience defining security policy, technology requirements, and control objectives
- Experience in implementing Security Platforms, Processes, and Tools.
- Expert knowledge of secure infrastructure architectures, application architectures, encryption and broader security technologies
- Maintain up-to-date knowledge of IT security including awareness of new or revised security threats and/or the development of new attacks and threat vectors
- Ability to develop and clearly articulate a compelling cyber and information security strategy to key business stakeholders
- Experience with security operational metrics and dashboards, and managing performance effectiveness and improvement
- Knowledge of federal, state, and local cyber and information security regulation and legislation
- One or more of the following certifications, preferred:
- Certified Information Systems Security Professional (CISSP) from ISC2
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA) from ISACA
- Advanced degree or masters in computer systems or equivalent
- Strong analytical and critical thinking skills
- Strong executive presence with proven ability to influence peers and senior leadership
- Excellent written and oral communication, and presentation skills
- Proven ability to develop diverse talent and assemble a highly effective team, inspiring those in the organization to do the best work possible and move the organization forward
- Well-developed relationship management capabilities. Ability to build strong internal and external networks
- Strategic mindset with understanding of how complex systems work together and the risks involved which are easily understood by business, risk, and executive team
The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary – but that's just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you'll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please see the notice regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please seethe notice regarding the Los Angeles Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.
Meet Some of Allstate's Employees
Data Analytics Engineer
Patrick supports the work of his fellow Data Scientists by coding predictive models. He works to create functional Allstate products by making sense of the company's vast amount of customer data.
Back to top