Key skills
TDDIAMAgileScrumSDLCCI/CDLeadershipCommunicationCloud Security
About this role
Allstate is a company dedicated to protecting families and their belongings from uncertainties. They are seeking a Security Engineering Senior Manager to lead the development and implementation of security controls across multiple product security engineering teams, ensuring alignment and support for security goals throughout the organization.
Responsibilities:
- Frequently advise others on complex security engineering matters
- Build foundation to translate security strategy into challenging and meaningful goals
- Manage teams responsible for strategic and critical security architecture or provide functions that are of key strategic value to the business
- Act as an authority in secure software best practices and propagate these throughout the broader organization, beyond their individual team
- Display expertise in viewing the organization as a whole, especially in terms of risk and security posture
- Leverage and influence key stakeholders to drive adoption of security controls and practices
- Designing, implementing, and productizing security controls to address complex business and technology challenges
- Working directly with business and technical teams to assess and provide security technology support
- Understanding multiple end-to-end business and technology processes, with a focus on security risks and mitigations
- Displaying deep knowledge of technical details, integration, and functions of security tools and platforms (e.g., IAM, SIEM, vulnerability management, cloud security)
- Evaluating potential system enhancements and upgrades, influencing the security product roadmap
- Identifying and implementing process improvements and product simplification opportunities, especially in security operations
- Providing technical or functional leadership for team members in security engineering
- Ensuring industry and technology best practices are followed for secure development and operations
Requirements:
- Deep understanding of secure software development, vulnerability management, cloud security, application security, and modern security engineering practices
- Experience with secure software configuration and development, including secure APIs, authentication/authorization, encryption, and threat modeling
- Experience working with modern security frameworks, tools, and methodologies (e.g., DevSecOps, CI/CD security, cloud-native security)
- Deep understanding of technology best practices in areas of secure development and compliance
- Experience in Test Driven Development (TDD), Agile SCRUM methodologies, and secure SDLC
- Excellent problem-solving skills and a passion for continuous learning in security
- Strong team player with well-developed verbal, written, and interpersonal communication skills
- Dedicated, self-directed, motivated, proactive, and inquisitive
- 10+ years of experience preferred in security engineering, with at least 3 years in a technical leadership or managerial role