Apply Now    
Job ID :
Location :
Charlotte, NC US
Level :
Job Category :
Information Technology
Description :

Where good people build rewarding careers.

Think that working in the insurance field can’t be exciting, rewarding and challenging? Think again. You’ll help us reinvent protection and retirement to improve customers’ lives. We’ll help you make an impact with our training and mentoring offerings. Here, you’ll have the opportunity to expand and apply your skills in ways you never thought possible. And you’ll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.

Job Description

Information Technology Risk Management Sr. Lead Consultant
An exciting opportunity exists for a Technology Risk Expert to join our team.  This position will play a key role in the development and ongoing support of the Allstate Enterprise Technology Risk Management Program. 


This position can be located out of our offices in Irving, TX or Charlotte, NC.


Job Summary:
The Technology Risk Expert works with other risk management professionals and leaders, as well as technology and business teams to ensure technology risk management process and practice is appropriately delivered and imbedded throughout the organization.  



This individual acts as an expert advisor to management concerning risks involving or affecting technology, both internal and external to the IT organization, and will have the ability to influence business leaders to ensure risk transparency, accountability, and proactive technology risk mitigation where appropriate. 

This individual contributor role will be responsible for the following:

Partnering with both enterprise and technology first and second line of defense risk functions, including ATSV Risk Champions, Business Operational Risk Experts (ORE’s), and Business Information Security Officers (BISO’s) to ensure that technology risk practice is appropriately embedded and followed through the Allstate organization. 


• Supports the reporting and escalation of risk to both technology and enterprise governance bodies.
• Provides assurance key enterprise risks are appropriately monitored and reported in the technology organization.
• Updates technology risk practices to ensure that they reflect ATSV and enterprise policy and standards.
• Aggregates and analyzes technology risk events into Allstate and Information Technology categories.
• Performs root cause analyses on technology risk events to recommend improvements to prevent these risk events from re-occurring in future.
• Assists the first and second line of defense with the identification, development, and implementation of technology key risk indicators, including making recommendations on where to set target and tolerance levels.
• Monitors the implementation of action plans to address high priority risk areas.
• Assists the first line of defense with the identification of key risks and mitigating controls as well as action plans to address any gaps in the mitigating measures identified.
• Coordinates and supports the first and second line of defense in the execution of risk and control self-assessments for both enterprise and technology related risks.
• Monitors changes in both internal and external operating environments to identify emerging risk and raises awareness to appropriate technology and enterprise risk governance committees.
• Utilizes mathematical and statistical knowledge to assist with the building of risk models in support of Technology Risk Management.
• Consolidates the collection of technology risk information across multiple Allstate entities.
• Supports the 1st lines use of technology risk profiling and assessment tools.
• Facilitates the review and challenge of technology risks across both 1st and 2nd lines of defense.
• Aggregates technology risk at an enterprise level and provides reporting for ERRM and ORC dashboards.
• Assists the technology organization in the governance and reporting of high priority enterprise operational risks.

Job Qualifications


• At least 10 years of experience in Information Risk Management for an IT Department in a medium to large sized enterprise.
• A Bachelor's or advanced degree in Risk Management, Information Security, Information Technology, Mathematics, or a related subject.
• Related Security (CISSP, CISM, CCSP), Risk (CRISC), Compliance (CISA), and Governance (CGEIT) designations preferred.
• An advanced level of proficiency in MS office products: Word, PowerPoint, Excel (Pivot tables, use of formulas and functions, macros and reporting), and Visio (process documentation).
• Demonstrable experience in enabling risk management capability in a complex environment.
• Strong writing, presentation, and communications skills to build rapport and trust and influence stakeholders at all levels.
• Strong analytical skills and the ability to evaluate information from a variety of sources, including exposure to Tableau or similar analytical visual representation tools.
• Experience with stochastic and predictive modeling tools and techniques.
• Experience communicating with leaders at multiple levels and facilitating team interactions.
• Experience working in a matrix environment and influencing both upward and cross-functionally.
• Strong planning and organizing skills to manage short, medium and long term activities and deliverables.
• Experience of managing challenging behaviors and resistance to change using initiative to work through issues and barriers to success.
• Experience carrying out business and technology risk assessments.
• A working understanding of risk frameworks and practices.
• The ability to drive organizational change.
• Experience working pro-actively and autonomously.
• The ability to look at situations objectively and challenge assumptions.
• Experience applying audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data governance.
• Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams.
• Ability to interpret and apply policies and practices across a large, complex business.

Good Work. Good Life. Good Hands®.

As a Fortune 100 company and industry leader, we provide a competitive salary – but that’s just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you’ll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.

Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.

Allstate generally does not sponsor individuals for employment-based visas for this position.

Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.

For jobs in San Francisco, please see the notice regarding the San Francisco Fair Chance Ordinance.

For jobs in Los Angeles, please seethe notice regarding the Los Angeles Ordinance.

It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.


Apply Now