Director of Security Architecture (hybrid)

• About Us

   

  The world isn’t standing still, and neither is Allstate. We’re moving quickly, looking across our businesses and brands and taking bold steps to better serve customers’ evolving needs. That’s why now is an exciting time to join our team. You’ll have opportunities to take risks, challenge the status quo and shape the future for the greater good.

   

  You’ll do all this in an environment of excellence and the highest ethical standards – a place where values such as integrity, inclusive diversity and accountability are paramount. We empower every employee to lead, drive change and give back where they work and live. Our people are our greatest strength, and we work as one team in service of our customers and communities.

   

  Allstate operate a very flexible hybrid working policy that will allow you to design your working week in collaboration with your manager with a blend of remote and office working for NI based employees as well as condensed working patterns (4 day week/9 day fortnight). Employees based in GB will be employed on a permanent remote working contract.

   

  Join our team and you’ll find challenge and reward in a culture of innovation, support and balance. 

   

   

  Location

   

  Belfast/Derry-Londonderry/Strabane (hybrid)

   

   

  Your role in the team

   

  The Director of Security Architecture serves as a senior leader within the Allstate Enterprise Architecture Organization and has the responsibility to lead a high performing team that will define Allstate’s transformational security direction, ensure alignment and close any gaps, foster relationships with key business and technology stakeholders, and create and uphold architectural standards to ensure consistency across the organization. This person is the primary integration point between all aspects of Enterprise Architecture, Information Security, and is expected to interact with multiple C-level executives.

   

  This is a people leadership position; both direct and matrixed. You will be accountable for creating a work environment that enables employees to be their best, deliver on their accountabilities, and deliver security architecture in alignment with enterprise objectives.

   

  Technical responsibilities for this role will be both strategic & tactical. Strategic in developing the enterprise security target state and associated roadmaps, and tactically ensuring new capabilities are built out and adopted within all solutions. Specifically, but not limited to:

   

  • Develop, implement, and drive a strategic, comprehensive enterprise information security capabilities integrating business priorities and risks into the strategy
  • Primary point of contact to the Enterprise Chief Architect, representing Security within Enterprise level architecture forums and executing on responsibilities supporting enterprise governance activities
  • Set overall security architecture direction and partner with product delivery teams, Information Security, Enterprise Architecture, Engineering, and Infrastructure & Operations teams to align solution delivery activities to architecture standards, business goals and objectives
  • Drive adoption of a DevSecOps mindset and influence across technology teams including architecture, security, and development to design and implement frictionless experiences
  • Influence the security organization toward architectural excellence and maturation of key services for enterprise level delivery
  • Drive security assessments to evaluate the processes, procedures and tools used to review and test information system controls and security across enterprise systems and third-party supplier IT systems
  • Evaluate the adequacy of IT security controls to verify compliance with corporate standards and regulatory compliance (e.g. NIST 800-171 & 53, PCI, HIPAA, GDPR, SOX 404 and COPPA)
  • Ability to drive security in an on-prem, hybrid & multi-cloud environment
  • Establish an enterprise-wide process to evaluate security tools & vendors, maintain a catalog of approved and preferred tools, and assist business divisions with tool rationalization where feasible
  • Develop and champion reusable patterns, practices, and enterprise reference architectures that fit within the overall Allstate architectural direction
  • Understanding and current on emerging technologies, industry innovations, and competitor technology positioning to define new or refresh existing strategic architectures
  • Work with strategic vendors and partners to review and direct product roadmaps, strategies, and plans to ensure alignment with industry and Allstate needs, both current and future
  • Develop and coordinate the Secure Data Strategy - Embedding security into the overall approach and vision for data protection, drive and maintain data at rest or in motion strategy to secure the contents from unauthorized access, collect and analyze business and event data to drive security value and enable the utilization of data as a business asset

   

  So, what are the essential criteria to apply?

   

  • All candidates must evidence an existing right to work in the UK
  • 5+ years of business experience in planning, organizing, and developing information security capabilities
  • 5+ years of Enterprise Architecture and hands-on technology experience
  • 5+ years of security experience including recent leadership in an IT organization that has adopted DevSecOps including people leadership experience
  • 2+ years of experience designing and deploying solutions in cloud
  • Experience serving as cyber and information security leader in complex organizations
  • Strong knowledge of security architectures, including experience working with leading enterprise cyber security tools and vendors
  • One or more of the following certifications:

  o   Certified Information Systems Security Professional (CISSP) from ISC2

  o   Certified Information Security Manager (CISM)

  o   Certified Information Systems Auditor (CISA) from ISACA

  o   Advanced degree, or masters in IT, or equivalent

   

   

  We also have some desirable criteria

   

  • Cyber and information security strategy experience in Insurance or Financial Services industry
  • Demonstrate executive level business and technical acumen
  • Ability to develop and clearly articulate a compelling security strategy to stakeholders
  • Excellent presentation skills

   

  Behavioral Characteristics:

   

  • Passionate about leading people
  • Strong analytical and critical thinking skills
  • Strong executive presence with proven ability to influence peers and senior leadership
  • Excellent written and oral communication, and presentation skills
  • Proven ability to develop diverse talent and assemble a highly effective team, inspiring those in the organization to do the best work possible and move the organization forward
  • Well-developed relationship management capabilities. Ability to build strong internal and external networks
  • Strategic mindset with understanding of how complex systems work together and the risks involved which are easily understood by business, risk, and executive team
  • Demonstrated energy and passion for the role

   

  What we offer

   

  As Digital DNA’s Workplace of the Year 2020 winners, we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package and discounts on gym memberships, public transport and parking.

   

  Allstate invests heavily in your development, as an employee you will have access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team.

   

  We pride ourselves in providing clear career paths and opportunities for internal mobility allowing you to further develop within the organisation.

   

  We encourage a better work life balance and you’ll have the opportunity to apply for various flexible working arrangements.

   

  Apply Here: https://bit.ly/35eKonx 

   

  Statement on Fair Employment and Equal Opportunities

   

  Allstate NI wishes to ensure equal opportunity is given to all job applicants.  This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age or disability.

   

  We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit.

   

  Applicants should note Allstate NI complete AccessNI background checks on all candidates offered a position.

   

   

  The closing date for receipt of applications is Friday 25^th February 2022