Key skills
PythonJavaAWSAzureTerraformKubernetesDockerJenkinsGitHub ActionsIAMOAuthJWTSAMLSplunkGitHubCI/CD
About this role
Allstate is a company dedicated to protecting families and their belongings from uncertainties. They are seeking a Cybersecurity Automation Engineer to design and build software that scales cybersecurity operations, focusing on automating security processes and improving incident response.
Responsibilities:
- Design, develop, test, and maintain production-grade security services, APIs, and automation
- Build internal tools and integrations that support incident response, detection, and cyber operations
- Treat security tooling as software products: versioned, tested, monitored, and maintained
- Design secure APIs using authentication and authorization standards (OAuth 2.0, OIDC, SAML, JWT)
- Apply secure software design principles including least privilege, secrets management, and defense-in-depth
- Use cryptographic concepts appropriately (hashing, encryption, key management via managed services)
- Integrate security controls and validation into CI/CD pipelines
- Build automation that connects cloud platforms, security tools, and internal services
- Partner with cloud and platform teams to ensure solutions are scalable, resilient, and secure
- Collaborate with incident response, threat intelligence, and SOC teams to identify automation opportunities
- Improve consistency and speed of response through repeatable, reliable automation
- Participate in incident follow-ups and help turn lessons learned into system improvements
Requirements:
- 3+ years of professional software development experience
- Strong proficiency in at least one backend language (Python or Java preferred)
- Experience designing and building secure APIs or services
- Practical knowledge of secure coding practices and common application vulnerabilities
- Experience with IAM and authentication concepts (OAuth 2.0, OIDC, SAML, JWT)
- Experience contributing to or working with CI/CD pipelines
- Hands-on experience with cloud platforms (Azure, AWS, or equivalent)
- Experience with infrastructure or automation tooling (Terraform, Jenkins, GitHub Actions, etc.)
- Experience working with containers (Docker; Kubernetes exposure a plus)
- Experience integrating or extending SIEM/SOAR platforms (Microsoft Sentinel, Defender, Splunk, etc.)
- Exposure to incident response or security operations workflows
- Experience in regulated or large enterprise environments
- Relevant certifications such as Security+, AZ-104, or AWS Associate