Allstate Jobs

Cyber and Technology Risk Analyst (hybrid/remote)

Allstate

Cyber and Technology Risk Analyst (hybrid/remote)

Posted Yesterday

Be an Early Applicant

3 Locations

Remote or Hybrid

Mid level

Insurance

The Role

Lead and execute cyber and technology risk assessments, analyze attack paths and control effectiveness using frameworks like MITRE ATT&CK, produce actionable risk reports for stakeholders, influence technology controls and policies, monitor emerging threats and regulatory changes, and collaborate with cross-functional teams to design and improve risk management frameworks and remediation plans.

Summary Generated by Built In

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.

Your role in the team

The Cyber and Technology Risk Analyst leads comprehensive cyber and technology risk assessments, providing independent oversight, challenge, and advisory across the organization’s technology landscape.
This role is part of the Cyber and Technology Risk Management team, partnering with Technology, Security, and Business leaders to strengthen risk posture and support informed decision-making.
The role requires strong analytical capability to evaluate complex risk scenarios, develop attack paths, assess control effectiveness, and deliver actionable insights while proactively monitoring emerging threats and driving effective risk mitigation strategies.

Key responsibilities

Lead and execute complex technology and cyber risk assessments across business and IT functions, evaluating potential impacts and recommending practical mitigation strategies.

Analyze risk scenarios and control effectiveness to identify gaps, emerging risks, and key risk drivers using both structured and unstructured data sources.

Develop clear, concise, and actionable risk reports and presentations for stakeholders at all levels, including senior leadership and the Board.

Challenge existing practices and influence enhancements to technology standards, policies, and controls to strengthen the organization’s risk posture.

Identify, assess, and communicate potential threats to the technology environment, tailoring messaging for both technical and non-technical audiences.

Monitor industry trends, regulatory developments, and emerging cyber threats to proactively identify future risk exposures and inform strategy.

Support the design, implementation, and continuous improvement of risk management frameworks, methodologies, and controls.

Collaborate cross-functionally with technology, security, compliance, and business teams to ensure alignment and effective risk management practices.

Translate findings into actionable remediation recommendations, driving improvements across technology and operations.

Serve as a trusted advisor to Technology, Security, and Risk partners, providing expert guidance on cyber and technology risk management best practices.

Essential Skills

All applicants must demonstrate they have a legal right to work in the UK for employment at Allstate. Allstate is not providing sponsorship for this vacancy.

Minimum  4  years’ hands on  experience in cyber or technology risk management.

Strong expertise in cyber threat modeling, including hands-on experience using the MITRE ATT&CK framework to develop attack path simulations, assess adversary tactics, and evaluate control effectiveness.

Solid working knowledge of core technology infrastructure, including networks, cloud platforms, storage, operating systems, identity and access management, and security architecture.

Advanced analytical skills with the ability to synthesize complex risk scenarios and data into actionable insights and clear recommendations for technical and business stakeholders.

Proven ability to influence and communicate effectively across all levels of the organization, translating technical risk concepts into business impact for senior leadership and non-technical audiences.

Desirable Skills

Exposure to second-line risk management, internal audit, or established technology risk frameworks

Knowledge of cloud risk and modern architecture (e.g., multi-cloud, containerization, zero trust concepts)

Relevant security certifications (e.g., CISSP, CISM, CRISC, CEH, OSCP)

Exposure to red teaming or adversary simulation training/certifications is a plus

Supervisory Responsibilities

This job does not have supervisory duties.

Job Posting End Date: Thursday 2nd July 2026 [11:59pm]

#LI-SP1

#LI-Remote

Skills

Cloud Security Risk Management, Cybersecurity Risk Management, GRC Platform, MITRE ATT&CK Framework, Risk Framework, Risk Strategies
Shape the Future of Insurance with Cutting-Edge Tech and a People-First Culture

Why join us?
Allstate NI is proud to be Allstate’s European Digital Centre of Excellence, a hub for innovation and engineering excellence. We’re recent winners of Best Place to Work in IT (100+ employees) and Best Use of Cloud Services at the Belfast Telegraph IT Awards, and we’ve been recognised for our community and sustainability impact with Platinum in the Northern Ireland Environmental Benchmarking Survey.

We’re a product-driven, cloud-first organisation delivering real outcomes through modern technology, a digital product-centric talent model, and a culture rooted in engineering excellence. Our teams work in cross-functional structures, guided by an outcome-based delivery approach that accelerates speed, agility, and value.

We also invest in you. At Allstate NI, your career growth matters. You’ll have access to our Continuous Learning Hub, designed to support skills development and professional advancement through tailored learning paths, certifications, and mentoring opportunities. Whether you’re deepening technical expertise or exploring leadership roles, we provide the tools and support to help you thrive.

What do you get in return?

As well as receiving a competitive annual salary, our reward package includes:

Corporate bonus scheme
Pension scheme
Annual performance-related pay reviews
Life assurance and income protection
Flexible working options
Hybrid working
Private medical and dental insurance
Access to an employee assistance programme
Discounted gym membership
Two paid volunteering days each year
Cycle to work scheme

Be part of a high-performing, socially responsible organisation where your work has purpose, and your growth is supported every step of the way.

Skills Required

Legal right to work in the UK (no sponsorship provided)
Minimum 4 years hands-on experience in cyber or technology risk management
Strong expertise in cyber threat modeling using the MITRE ATT&CK framework
Working knowledge of core technology infrastructure: networks, cloud platforms, storage, operating systems, IAM, and security architecture
Advanced analytical skills to synthesize complex risk scenarios into actionable insights
Proven ability to influence and communicate technical risk concepts to senior and non-technical stakeholders
Exposure to second-line risk management, internal audit, or established technology risk frameworks
Knowledge of cloud risk and modern architecture (multi-cloud, containerization, zero trust)
Relevant security certifications (e.g., CISSP, CISM, CRISC, CEH, OSCP)
Exposure to red teaming or adversary simulation training/certifications

Allstate Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Allstate and has not been reviewed or approved by Allstate.

Retirement Support — Retirement offerings include a 401(k) with company match and a company-funded pension, providing notable long-term value. These features are described as standout components of the package.
Leave & Time Off Breadth — Paid time off is described as generous, with vacation and parental leave available. This breadth of leave supports work-life needs for a range of situations.
Flexible Benefits — Flexible work arrangements include options for in-office, remote, or hybrid work. This flexibility is positioned as a meaningful part of the total rewards experience.

Learn more about Allstate's Compensation & Benefits →

Allstate Insights

What's It Like to Work at Allstate? Allstate Culture & Values Allstate Career Growth & Development What's the Work-Life Balance Like at Allstate? Allstate Leadership & Management Allstate Company Growth, Stability & Outlook

View all jobs at Allstate

View Allstate Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Northbrook, IL

57,671 Employees

Year Founded: 1931

What We Do

At Allstate, we're advocates for peace of mind and a good life. And that comes through in everything we do. From building diverse and innovative teams that truly understand our customers' needs, to challenging each other to develop our careers in a meaningful way, and finally to the incredible results we're able to achieve together. See how we’re creating a better future through innovation, advocacy, and empowering people and communities