Allstate · 2 days ago
Product Security Engineer
Wonder how qualified you are to the job?
BankingFinance
Insider Connection @Allstate
Responsibilities
Work closely with application development and platform teams to help formulate and implement a strategy for software security that is tailored to the specific risks facing the organization, including threat modeling and applications security advisement services.
Develop and maintain a balanced application security program based on a well-defined application security framework.
Conduct application security assessments and implement tools for dynamic/automated code reviews.
Ensure application design and implementation best-practice with role-based and appropriate access standards, as well as integration with Identity and Access Management environments.
Ensure compliance with society, regulatory, and industry standards for application security.
Continuously evaluate the organization’s existing application security practices, define and measure security-related activities, and demonstrating concrete improvements to the application assurance program within the organization.
Provide secure application development training to developers and provide guidance on the development of web-based training for ongoing awareness.
Conduct code reviews.
Develop and maintain unit and integration tests designed to ensure security controls are tested on every build.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5+ years’ experience in a software or application development field such as Software Developer, Architect, Software Quality Assurance, or Application Security Engineer.
Be highly proficient in at least one of the following development languages: C#, C++, Java, .NET, Node.js, or Python.
Possess a strong understanding of application architectural patterns, such as MVC, Microservices, Event-driven etc.
Hold knowledge of the OWASP Top 10.
Possess solid understanding and experience with establishing software development policies across an organization.
Be creative, organized, responsive, and a thorough problem solver.
Possess a strong business acumen with an ability to work.
Possess a restlessness or desire to break into things.
Be a strong self-starter who can operate independently.
Have excellent oral/written presentation skills with the ability to communicate effectively with senior executive leadership.
Hold proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement, and performance.
Preferred
Understanding of Agile/XP/Scrum/Kanban.
Understanding of Test-Driven Development built on User Stories.
Understanding of Continuous Integration/Testing/Delivery/CI/CD.
Familiarity with cloud architecture and services, such as AWS.
Familiarity with Metasploit, Burp Suite, Fuzzing, and Jenkins is preferred.
Familiarity with code reviews and penetration testing preferred.
Bachelor’s degree or relevant post-secondary education.
OSCP, OSCE, OSWE, CEH, or GWAPT Certifications are a major plus.
Company
Allstate
Allstate is an insurance company that offers car, home, and life insurance services. It is a sub-organization of Allstate.
Funding
Current Stage
Public CompanyTotal Funding
unknown2014-01-13Post Ipo Equity· Undisclosed
1993-06-11IPO· nyse:ALL
Leadership Team
Recent News
2024-05-31
2024-05-24
Business Wire
2024-05-20
Company data provided by crunchbase