Key skills
JavaScriptPythonJavaAWSAzureKubernetesDockerAgileCI/CDMentoringCloud Security
About this role
Allstate is a company focused on protecting families and their belongings from uncertainties. They are seeking a Managing Security Engineer to lead a team responsible for delivering and operating security controls as software products integrated into enterprise platforms, ensuring high quality and measurable outcomes.
Responsibilities:
- Lead and manage an engineering team delivering security controls as software products, including hiring, onboarding, coaching, performance management, and career development
- Set technical direction for the team and drive high‑quality execution across design, implementation, deployment, and production support of security controls
- Serve as a hands‑on technical leader by contributing to architecture and design reviews, guiding technical decisions, performing code reviews, and supporting critical‑path implementation as needed
- Own operational outcomes for the team’s products in production, including reliability, performance, and continuous improvement through feedback and learning loops
- Partner with Digital Product Managers, platform teams, and engineering stakeholders to effect alignment across roadmaps, priorities, and delivery plans spanning multiple product portfolios
- Build and sustain a strong engineering culture that emphasizes modern delivery practices (e.g., test‑driven development, paired programming, CI/CD), fast feedback, and continuous improvement
- Influence and innovate solutions to complex security challenges by translating security needs into scalable engineering approaches and reusable capabilities
- Facilitate effective agile execution (standups, planning, backlog refinement, retrospectives) while maintaining a strong focus on outcomes rather than ceremony
Requirements:
- 5+ years of professional software engineering experience, including hands on production coding in modern languages (e.g., Java, JavaScript, Python) and ownership of production systems delivering measurable reliability, performance, or security outcomes
- 2+ years of experience leading engineers through hands on technical guidance, including architecture reviews, design decisions, and code reviews
- Proven background in building and operating scalable, distributed systems in cloud environments, including microservices‑based architectures
- Track record of designing, evolving, and integrating APIs and backend services, with attention to reliability, scalability, and security considerations
- Practical application of modern engineering practices such as test‑driven development, paired programming, CI/CD pipelines, and operational feedback loops including monitoring and observability
- Experience operating within agile delivery environments, partnering closely with Digital Product Managers and engineering stakeholders to deliver outcomes
- Demonstrated depth in security engineering domains such as application security, cloud security, DevSecOps, or secure software development practices
- Practical experience designing or operating security controls embedded into CI/CD pipelines, developer workflows, or shared platform services
- Proven ability to influence technical decisions beyond the immediate team, driving adoption of secure patterns, standards, or reusable capabilities across product areas
- Experience mentoring senior engineers and emerging technical leaders, with a focus on raising engineering quality and long‑term team capability
- Strong organizational awareness and the ability to navigate cross‑team dependencies while maintaining delivery momentum and technical integrity
- Exposure to cloud‑native and containerized environments (e.g., Kubernetes, Docker, AWS and/or Azure) and the security considerations that accompany them
- Familiarity with security metrics and operational signals (e.g., control adoption, reliability, incident reduction) used to evaluate engineering and security outcomes
- Strong mindset of balancing delivery velocity, security rigor, and developer experience, making thoughtful tradeoffs appropriate to context
- Demonstrated commitment to building solutions that balance robust security guarantees with an excellent developer experience, without compromising one for the other