Lead Platform Consultant (Hybrid)

Key Responsibilities

• Serve as a trusted consultant to engineering teams and organizations, guiding secure platform design and implementation across diverse product domains 

• Communicate clearly and effectively ensuring business and engineering needs are met 

• Foster effective collaborative sessions with teams from different disciplines and leadership levels 

• Embed secure-by-design principles and deep threat modeling practices into the development lifecycle, ensuring security is foundational—not bolted on 

• Define and communicate Allstate’s security posture clearly to technical and business leadership, enabling informed decision-making 

• Lead the ideation and implementation of innovative security controls that challenge the status quo and elevate Allstate’s embedded security maturity 

• Drive forward engineering practices that adapt to evolving technologies, enabling scalable, resilient, and efficient platforms 

• Mentor engineers and platform consultants in systems thinking, reusable design, and outcome-based delivery 

• Influence cross-functional teams through Discovery & Framing sessions, architectural reviews, and strategic planning 

• Promote and enforce architectural standards, simplification, and reuse across the enterprise 

• Actively participate in agile ceremonies and foster a culture of continuous learning and iterative delivery 

Essential Skills:

• A minimum of 5 years software engineering experience in at least 3 programming paradigms to include:-

• Object-oriented (Java & Javascript required and at least one other language)
• Procedural / systems (e.g. Go, Rust, C)
• Functional (e.g. F#, Elixir, Clojure, Haskell)

• and experience using modern development tools (e.g., IntelliJ or VS Code, Git/GitHub, Spring Boot) and designing robust RESTful APIs

• A minimum of 3 years hands on expertise in architecting and delivering large scale distributed systems, such as cloud native microservices on Docker/Kubernetes, deployed on modern cloud platforms (AWS, Azure, or equivalent), ensuring scalability, high availability, and performance 
• Demonstrated success as a high impact technical advisor to multiple engineering teams, with proven ability to influence architecture direction and mentor engineers in best practices with proven leadership responsibilities.

• Expert level knowledge of Agile/XP and DevOps methodologies, including paired programming, test driven development (TDD), and CI/CD automation, with a track record of using these practices to accelerate delivery and improve quality 

Desirable Skills:

• In-depth knowledge of industry security frameworks and web/API security standards e.g., OWASP Top 10, MITRE ATT&CK, OAuth 2.0, OpenID Connect, SAML – to guide secure design and development practices 

• Deep expertise in security architecture and secure-by-design practices, including advanced threat modeling, robust identity and access management (IAM) strategies, and Zero Trust architectures with a proven ability to embed these controls at all stages of the development lifecycle 

• Technical proficiency with AI tools such as running local models, developing MCP servers, using AI powered development tools like cursor/copilot/claude code/codex/etc to help drive your work more efficiently and test for effective model deployment strategies 

• Demonstrated expertise in API-first design and specification-driven development (e.g., OpenAPI, Swagger), enabling scalable, discoverable, and reusable services. Proven ability to shape developer experience and accelerate delivery through contract-first approaches, while laying the foundation for AI-assisted development and automated API governance 

• Deep understanding of modern cryptographic principles and protocols (e.g., AES, TLS, Argon2, elliptic curve cryptography), with the ability to evaluate, implement, and advise on secure data protection strategies. Skilled in applying cryptographic techniques to strengthen trust boundaries, safeguard sensitive data, and ensure compliance with enterprise and regulatory security standards 

• Experience with advanced development and testing practices, such as behavior-driven development (BDD) and integrating automated security checks into CI/CD pipelines 

• Familiarity with emerging technologies (e.g., AI/ML, knowledge graph solutions, advanced analytics) and their application to improve developer velocity, platform reliability, and security capabilities 

• Exposure to specialized security domains like AI Security, SaaS Security, and API Security, with an understanding of the unique challenges and tools in these areas 

Supervisory Responsibilities:

• This job does not have supervisory duties.

Posting Closing date: Monday 25th May 2026 {11.59pm}

#LI-MM4

#LI-Hybrid