Description

At Allstate, great things happen when our people work together to protect families and their belongings from life's uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers' evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.

Your role in the team
The Cyber Risk Assessment Senior Consultant partners in designing and building security solutions that will balance the need for speed and flexibility of the infrastructure and IaaS/PaaS/SaaS applications, with the need to protect Allstate against ongoing and potential security threats. This role needs to have the aptitude to understand new security strategies.

This position has been opened at Senior Consultant II and Lead Consultant.

Key responsibilities:

Cyber Risk Assessment & Governance

• Lead and execute enterprise, business-unit, and technology-specific cyber risk assessments , including inherent risk identification, control adequacy evaluation, residual risk determination, and risk prioritization .

• Develop, enhance, and operationalize cyber risk assessment methodologies , frameworks, and assessment artifacts aligned to recognized standards (e.g., NIST CSF, NIST SP 800-53, ISO/IEC 27001, CIS, COBIT) .

• Translate business and technical risks into clear, actionable risk statements , supported by evidence-based control evaluation and impact analysis .

• Drive risk-based decision-making by clearly articulating risk exposure, control gaps, and mitigation options to stakeholders.

Regulatory, Compliance & Standards Alignment

• Research, interpret, and apply global and regional cybersecurity regulations and requirements (e.g., NYDFS 500, GLBA, PCI DSS, SOX ITGCs, data protection and privacy regulations, contractual security requirements) .

• Analyze regulatory guidance, enforcement actions, and industry advisories to inform governance programs and risk posture .

Program Development & Continuous Improvement

• Design, enhance, and execute cybersecurity governance programs , policies, standards, procedures, and control requirements aligned to business and regulatory needs .

• Identify process gaps, control deficiencies, and maturity weaknesses; recommend risk-based remediation strategies and pragmatic control improvements .

• Contribute to the evolution of enterprise cybersecurity risk assessment (ECRA) capabilities, including risk taxonomies, metrics, and reporting

• Support continuous monitoring and re-assessment of cyber risks as business, technology, and threat landscapes evolve .

Stakeholder Communication & Advisory

• Act as a trusted risk advisor to technology, engineering, and business leaders by explaining complex cybersecurity and regulatory topics in a practical, business-relevant manner .

• Develop and deliver risk assessment summaries, executive briefings, and governance reports tailored for senior leadership, risk committees, and audit stakeholders .

• Provide guidance and mentorship to less-experienced team members on cyber risk assessment techniques, regulatory interpretation, and governance best practices .

Essential Skills:

• All applicants must demonstrate they have a legal right to work in the UK for employment at Allstate. Allstate is not providing sponsorship for this vacancy

• A m inimum of 3 + years of experience working with Cybersecurity risk management concepts (threats, vulnerabilities, impact, likelihood, controls) Cloud, SaaS, and third-party risk considerations Identity & access management, data protection, network security, vulnerability management, and secure SDLC concepts .

• A minimum of 1 year working with one of either NIST CSF, NIST SP 800-53, ISO 27001/27002, CIS Controls, COBIT Regulatory frameworks relevant to financial services, insurance, or regulated industries .

Desirable Skills

• Certified in CRISC, CISM, CISSP, CISA.

• Experienced in large, complex, and regulated environments.

Supervisory Responsibilities:

• This job does not have supervisory duties .

Posting Closing date: Thursday 4th June 2026 {11.59pm}

Skills
Information Security Engineering, IT Security Operations, Risk Management, Security Tools, Stakeholder Engagement

Shape the Future of Insurance with Cutting-Edge Tech and a People-First Culture

Why join us?
Allstate NI is proud to be Allstate's European Digital Centre of Excellence, a hub for innovation and engineering excellence. We're recent winners of Best Place to Work in IT (100+ employees) and Best Use of Cloud Services at the Belfast Telegraph IT Awards, and we've been recognised for our community and sustainability impact with Platinum in the Northern Ireland Environmental Benchmarking Survey.

We're a product-driven, cloud-first organisation delivering real outcomes through modern technology, a digital product-centric talent model, and a culture rooted in engineering excellence. Our teams work in cross-functional structures, guided by an outcome-based delivery approach that accelerates speed, agility, and value.

We also invest in you. At Allstate NI, your career growth matters. You'll have access to our Continuous Learning Hub, designed to support skills development and professional advancement through tailored learning paths, certifications, and mentoring opportunities. Whether you're deepening technical expertise or exploring leadership roles, we provide the tools and support to help you thrive.

What do you get in return?

As well as receiving a competitive annual salary, our reward package includes:

• Corporate bonus scheme
• Pension scheme
• Annual performance-related pay reviews
• Life assurance and income protection
• Flexible working options
• Hybrid working
• Private medical and dental insurance
• Access to an employee assistance programme
• Discounted gym membership
• Two paid volunteering days each year
• Cycle to work scheme

Be part of a high-performing, socially responsible organisation where your work has purpose, and your growth is supported every step of the way.

Requisition #: 2054618912

dz1rbepqf