Cyber Risk Management -Senior Analyst (hybrid or remote)

• About Us

   

  The world isn’t standing still, and neither is Allstate. We’re moving quickly, looking across our businesses and brands and taking bold steps to better serve customers’ evolving needs. That’s why now is an exciting time to join our team. You’ll have opportunities to take risks, challenge the status quo and shape the future for the greater good.

   

  You’ll do all this in an environment of excellence and the highest ethical standards – a place where values such as integrity, inclusive diversity and accountability are paramount. We empower every employee to lead, drive change and give back where they work and live. Our people are our greatest strength, and we work as one team in service of our customers and communities.

   

  Allstate operate a very flexible hybrid working policy that will allow you to design your working week in collaboration with your manager with a blend of remote and office working for NI based employees as well as condensed working patterns (4 day week/9 day fortnight). Employees based in GB will be employed on a permanent remote working contract.

   

  Join our team and you’ll find challenge and reward in a culture of innovation, support and balance. 

   

   

  Location

   

   

  Belfast/ Derry-Londonderry/ Strabane/ Remote, GB

   

   

  Job Family Summary

   

  Through its breadth of knowledge and understanding of information technology industry trends and emerging technologies, Security Governance protects Allstate assets and information. 

   

  Security Governance manages the data protection strategies for the company.  This is accomplished through the development, implementation and administration of programs that help address compliance requirements to state, federal and industry standards, while protecting their stakeholders and related information.

   

   

  Your role in the team

   

   

  This position is for a GRC Consultant in the Cyber Risk Management team in the Information Security department.  The Senior Consultant will be responsible for supporting the company’s efforts to identify, track, govern, report on and reduce cyber risks. 

   

  This individual will be a key contributor managing operational activities to reduce risk to the company in close consultation with other Information Security groups and business partners.  This person will lead tracks of work for cyber risk remediation issues related to specific risk remediation projects and provide assistance/guidance to cyber risk analysts in the daily management of Allstate’s cyber risk. 

   

  The GRC Consultant will understand information security best practices, risk assessment methodologies and working across multi-functional teams. 

   

  Responsibilities include (but are not limited to)

   

  • Ensure the strategic alignment of information security with business strategy to support organizational objectives.
  • Identify and support measures to manage and mitigate risks and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
  • Partner with all areas of the business, IT and business partners on risk remediation related projects.
  • Understand business and client requirements and work with the business areas to define appropriate security actions and activities while meeting the business need.
  • Acts as a Change Catalyst for a risk based approach to delivery of services and systems.
  • Drive discussions and provide guidance & support in managing and reducing risk remediation efforts across business functional areas.
  • Improve KPIs, metrics, and trending for the risk management and remediation function.
  • Monitor, track, document and report on risk remediation activities.
  • Respond to and assist with audits, assessments and compliance requests.
  • Act as a subject matter expert for the organization's risk remediation processes and efforts.
  • Provide influence and support to peers across risk remediation team to successfully deliver on business commitments.
  • Assessing risk using a standard methodology and consulting with subject matter experts to build risk remediation and risk reduction plans.
  • Meet SLAs for processing cyber risk submissions according to quality control baselines and clearly reports risks and risk trends.

   

  So, what are the essential criteria to apply?

   

  • All candidates must evidence an existing right to work in the UK'
  • Minimum of 3-4 years of IT security experience.  
  • Strong understanding of IT security best practices in a Security, infrastructure, or development background.
  • Knowledge of cybersecurity compliance and control requirements such as: PCI DSS, ISO and NIST.
  • Demonstrated ability to lead discussions/projects and participate in cross functional teams.

   

   

  We also have some desirable criteria

   

  • Direct experience Archer a plus.
  • Strong organizational skills
  • Self-directed, works with minimal guidance, and recognizes when guidance needed.
  • Understanding of Treat Modeling Frameworks
  • Ability to effectively communicate with technical and non-technical resources.
  • Experience in PowerBI / Reporting tools

   

  What we offer

   

  As Digital DNA’s Workplace of the Year 2020 & 2022 winners, we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package and discounts on gym memberships, public transport and parking.

   

  Allstate invests heavily in your development, as an employee you will have access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team.

   

  We pride ourselves in providing clear career paths and opportunities for internal mobility allowing you to further develop within the organisation.

   

  We encourage a better work life balance and you’ll have the opportunity to apply for various flexible working arrangements.

   

   

  Statement on Fair Employment and Equal Opportunities

   

  Allstate NI wishes to ensure equal opportunity is given to all job applicants.  This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age or disability.

   

  We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit.

   

  Applicants should note Allstate NI complete AccessNI background checks on all candidates offered a position.

   

   

  The closing date for receipt of applications is Friday 30th September 2022