Senior Cyber Security Software Engineer & Project Coordinator

At Allstate, great things happen when our people work together to protect families and their belongings from life's uncertainties. And for more than 90 years our innovative drive has kept us a step ahead of our customers' evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.

Job Description

Job Summary:

Senior Cyber Security Software Engineer & Project Coordinator implements applications following 12-factor principles to build out the product and iterative enhancements. They own the full stack of software products, developing and implementing frontends (web or mobile), and backend services. They leverage test driven development and continuous integration to ensure agility and quality of products. They actively participate in the decision-making process of the team ensuring that the simplest appropriate technology and design is chosen to meet user needs.

This role requires a combination of technical expertise in cybersecurity and strong project management skills. The ideal candidate will be able to bridge the gap between security requirements and software development, while effectively coordinating complex projects.

Key Responsibilities:

• Security Engineering:
  • Develop and implement secure software solutions to address cybersecurity issues.
  • Design, test, and manage programs to safeguard against cyberattacks and unauthorized breaches.
  • Participate in the development of firewalls, encryption systems, and intrusion detection systems.
  • Collaborate with penetration testers to identify and address system vulnerabilities.
  • Assist application developers in designing and developing secure software applications.
  • Monitor application development to ensure compliance with company security policies and resilience against cyber threats.
• Project Coordination:
  • Serve as liaison between Product Development team and InfoSec-Compliance-CyberSecurity department.
  • Identify and manage project dependencies.
  • Coordinate with larger program team to ensure project compatibility and delivery schedules.
  • Assess and report on risk factors for security projects in the portfolio.
  • Plan and initiate projects, including scope negotiation with application development teams.
  • Delegate tasks and set up work programs when there is an overflow in workload.
• Communication and Stakeholder Management:
  • Ensure clear communication across all levels, from detailed engineering to executive management.
  • Provide regular project status updates, including issues and risk reporting.
  • Foster collaborative partnerships among executive leaders and stakeholders.
  • Facilitate resource demand planning, change management, and project pipeline planning decisions.
• Requirements and Analysis:
  • Conduct requirements elicitation and definition to determine project scope.
  • Participate as a systems/process analyst resource for project managers.
  • Participates in iteration planning meetings ensuring that the team has a common understanding of each story and chores in a team's backlog.
  • Leads and participates in daily site, cross-site, and product team standups.
  • Participates in retrospectives to gather feedback and derive actionable items to improve the team and the product.
  • Participates in executing the strategy, keeping the customer needs and wants in mind.
  • Serves as an expert on a secure software engineering domain and demonstrates leadership and accountability on at least one technology stack.
  • Provides input into the architecture and design of the product, collaborating with the team in solving problems the right way.
  • Practices daily paired programming and test-driven development in writing software and building product.
  • Provides technical feedback and performs code reviews for other team members.
  • Establishes continuous integration, continuous delivery, and continuous deployment pipelines and practices.
  • Provides support to users for software products in non-production environments.
  • Coaches more junior team members around the process, different technologies and practices.

Supervisory Responsibilities:

This job does not have supervisory duties.

Education and Experience:

* 4 year Bachelors Degree (Preferred in Computer Science, Cybersecurity, or related field)

* 5 or more years of experience

* In lieu of the above education requirements, an equivalent combination of education and experience may be considered.

* Back-End Technologies: c#, WebForms, Ajax, NUnit/Moq for testing, micro services and related patterns, Entity Framework 3.1, WinServices, WCF, .Net Core 8, .Net 4.7/4.8, Nuget packages and SDK

* Frontend Technologies: html, css, javascript, JQuery, AngularJS, NG Zoro, Angular, Type Script, Jasmine/Karma for Angular front-end testing, Razor/Blazor Components

* Familiarity with relevant security frameworks (e.g., NIST, ISO 27001)

* Excellent project management and communication skills

Certificates, Licenses, Registrations:

* No Certification, License or Registration is required for the job, yet preferred.

* Certifications such as CISSP or CEH are a plus

Functional Skills:

* Strong understanding of computer science concepts, object-oriented design principles

* Basic understanding of distributed systems, operating systems, networking, databases, security, and analytics

* Experience developing software in different programming languages, and demonstrated ability to quickly learn new languages and technologies

* Actual experience developing continuous integration, continuous delivery, and continuous deployment pipelines for distributed apps

* Strong knowledge of secure coding practices and common vulnerabilities

* Experience and knowledge in web and API security including authentication, authorization, OAuth, OWASP Top 10, OpenID, and SAML

* Knowledge and experience using distributed version control systems (GIT).

* Understanding and experience on Agile - Scrum process and methodology.

* Understanding and experience on Microsoft Azure DevOps, Application Insights

* Ability to write technical details for user stories assigned to self or other developers on the team.

* Ability to write technical notes and hints for quality assurance engineers on user stories that helps them write their test cases.

* Efficiency in writing, troubleshooting and performance tuning of Microsoft SQL and LINQ queries and complex database operations.

* Good knowledge and experience on writing unit tests and integration tests

* Good experience with Json and Xml data types and serializers.

* API Testing via Postman, SoapUI, PowerShell scripts.

Notes:

The preceding description is not designed to be a complete list of all duties and responsibilities. May be required to perform other related duties as assigned. Regular, predictable attendance is an essential function of this job.

Compensation offered for this role is$120,000.00-$130,000.00 per yearand is based on experience and qualifications.

Skills

Compensation

The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.

Joining our team isn't just a job - it's an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. And one where you can impact the future for the greater good.

You'll do all this in a flexible environment that embraces connection and belonging. And with the recognition of several inclusivity and diversity awards, we've proven that Allstate empowers everyone to lead, drive change and give back where they work and live.

Good Hands. Greater Together.

Allstate generally does not sponsor individuals for employment-based visas for this position.

Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.

For jobs in San Francisco, please click "here" for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click "here" for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.

To view the "EEO is the Law" poster click "here". This poster provides information concerning the laws and procedures for filing complaints of violations of the laws with the Office of Federal Contract Compliance Programs

To view the FMLA poster, click "here". This poster summarizing the major provisions of the Family and Medical Leave Act (FMLA) and telling employees how to file a complaint.

It is the Company's policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee's ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race (include traits historically associated with race, including, but not limited to, hair texture and protective hairstyles), religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.