Cyber Risk Assessment Consultant (hybrid)
Remote, Remote, GB
Allstate
Get auto insurance quotes at Allstate.com. You're In Good Hands With Allstate. Allstate also offers insurance for your home, motorcycle, RV, as well as financial products such as permanent and term life insurance.About Us
The world isn’t standing still, and neither is Allstate. We’re moving quickly, looking across our businesses and brands and taking bold steps to better serve customers’ evolving needs. That’s why now is an exciting time to join our team. You’ll have opportunities to take risks, challenge the status quo and shape the future for the greater good.
You’ll do all this in an environment of excellence and the highest ethical standards – a place where values such as integrity, inclusive diversity and accountability are paramount. We empower every employee to lead, drive change and give back where they work and live. Our people are our greatest strength, and we work as one team in service of our customers and communities.
Allstate operate a very flexible hybrid working policy that will allow you to design your working week in collaboration with your manager with a blend of remote and office working for NI based employees as well as condensed working patterns (4 day week/9 day fortnight).
Join our team and you’ll find challenge and reward in a culture of innovation, support and balance.
Location
Northern Ireland
Your role in the team
We have an opportunity for someone having experience in performing Security Risk Assessments to join the Information Security department as a Cyber Risk Security Assessor in the Allstate. The Cyber Risk Assessor will be responsible for supporting the company’s efforts to identify, assess and evaluate security risks through business-as-usual cyclical assessments and ad hoc consultations. This individual will be a key contributor managing operational activities to reduce risks to business goals in close consultation with other Information Security, ATS and business partners. The analyst needs to understand information security best practices, risk assessment methodologies, and working across multi-functional teams.
Responsibilities include (but are not limited to):
- Conducts risk assessment at the network, systems, platforms and application level.
- Involved in addressing and providing guidance on wide range of security issues including architectures, platforms including Public Cloud, electronic data traffic, and network access.
- Driving the company’s efforts to proactively identify, assess, and communicate the company’s information security risks to leadership and board.
- Ensure compliance with security policies and standards.
- Deep understanding of Cyber programs such as Threat Management, Secure SDLC, Security Architecture, Network and Data Protection.
- Work in close partnership with internal information security and business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent management of risks by following a structured risk assessment methodology
- Works independently to lead and complete high quality threat-based risk assessments across a diverse set of technologies, business functions, and platforms.
- This position will also proactively drive process improvements, overcome barriers to success, build professional relationships across the company, brief senior leaders, and mentor others.
An Ideal Candidate must:
- Have strong understanding of IT security best practices.
- Demonstrate ability to lead discussions/projects and participate in cross functional teams.
So, what are the essential criteria to apply?
- All applicants must demonstrate they have a legal right to work in the UK for employment at Allstate. Allstate is not providing sponsorship for this vacancy.
- At minimum 4 years of IT experience with proficiency in Cyber Risk Assessments.
- Knowledge of cybersecurity compliance and control requirements such as: PCI DSS, ISO and NIST.
We also have some desirable criteria
- Experience with information security risk management framework, assessment, audit and controls based on industry standard frameworks (i.e. NIST CSF; ISO; HiTrust, FAIR)
- Experience with regulatory requirements (i.e. PCI; GDPR; HIPPA; CCPA; etc.)
- Experience using GRC tools and technologies in support of the assessment/audit process (RSA Archer, Security Scorecard, Bitsight, etc.)
- Experience gathering information from a range of different sources to help identify weaknesses in security controls
- Expert with security control design, development, implementation, and monitoring
- Certifications: CISSP/ CISA/ CEH
What we offer
As Digital DNA’s Workplace of the Year 2020 & 2022 winners, we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package and discounts on gym memberships, public transport and parking.
Allstate invests heavily in your development, as an employee you will have access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team.
We pride ourselves in providing clear career paths and opportunities for internal mobility allowing you to further develop within the organisation.
We encourage a better work life balance and you’ll have the opportunity to apply for various flexible working arrangements.
Statement on Fair Employment and Equal Opportunities
Allstate NI wishes to ensure equal opportunity is given to all job applicants. This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age or disability.
We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit.
Applicants should note Allstate NI complete AccessNI background checks on all candidates offered a position.
The closing date for receipt of applications is Friday April 19th 2024
#LI-Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CCPA CEH CISA CISSP Cloud Compliance GDPR HITRUST Monitoring NIST PCI DSS Risk assessment Risk management RMF RSA SDLC
Perks/benefits: Career development Flex hours Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs