Cybersecurity Automation Engineer

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection. Job Description We are looking for a hands-on Cybersecurity Automation Engineer to design and build software that enables and scales cybersecurity operations across Allstate. This role sits within the Automation Enablement team in Cyber Operations. The mission of this team is to turn security requirements and manual processes into reliable, secure, automated services that improve incident response, integrate security tooling, and strengthen cloud-first security operations. This is an engineering-first role. You will write and maintain production code, build secure services and APIs, and partner closely with incident response, threat intelligence, IAM, and platform teams to deliver automation that is used every day. The internal job title is a Security Engineer Senior Consultant II. Key Responsibilities What You Will Do Build Secure Software & Automation Design, develop, test, and maintain production-grade security services, APIs, and automation Build internal tools and integrations that support incident response, detection, and cyber operations Treat security tooling as software products: versioned, tested, monitored, and maintained Apply Security Engineering Best Practices Design secure APIs using authentication and authorization standards (OAuth 2.0, OIDC, SAML, JWT) Apply secure software design principles including least privilege, secrets management, and defense-in-depth Use cryptographic concepts appropriately (hashing, encryption, key management via managed services) Automate & Integrate Across Platforms Integrate security controls and validation into CI/CD pipelines Build automation that connects cloud platforms, security tools, and internal services Partner with cloud and platform teams to ensure solutions are scalable, resilient, and secure Support Cyber Operations Collaborate with incident response, threat intelligence, and SOC teams to identify automation opportunities Improve consistency and speed of response through repeatable, reliable automation Participate in incident follow-ups and help turn lessons learned into system improvements Essential Qualifications 3+ years of professional software development experience Strong proficiency in at least one backend language (Python or Java preferred) Experience designing and building secure APIs or services Practical knowledge of secure coding practices and common application vulnerabilities Experience with IAM and authentication concepts (OAuth 2.0, OIDC, SAML, JWT) Experience contributing to or working with CI/CD pipelines Hands-on experience with cloud platforms (Azure, AWS, or equivalent Desirable Qualifications Experience with infrastructure or automation tooling (Terraform, Jenkins, GitHub Actions, etc.) Experience working with containers (Docker; Kubernetes exposure a plus) Experience integrating or extending SIEM/SOAR platforms (Microsoft Sentinel, Defender, Splunk, etc.) Exposure to incident response or security operations workflows Experience in regulated or large enterprise environments Relevant certifications such as Security+, AZ-104, or AWS Associate What Success Looks Like You build automation that security teams rely on Manual security tasks become repeatable services Secure defaults are enforced through code, not documentation Cloud-based security controls are easier to use and harder to misuse Experience • 3 or more years of experience (Preferred) Supervisory Responsibilities • This job does not have supervisory duties. #LI-MF1 Skills Application Programming Interface (API), Authentication, Automation, Encryption, Information Security Engineering, IT Security Operations, Risk Management, Secure Coding, Secure Coding Practices, Security Controls, Security Engineering, Security Software, Security Tools, Software Automation, Splunk, Stakeholder Engagement Compensation Compensation offered for this role is 75,100.00 - 126,325.00 annually and is based on experience and qualifications. The candidate(s) offered this position will be required to submit to a background investigation. Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. One where you can shape the future of protection while supporting causes that mean the most to you. Joining our team means being part of something bigger – a winning team making a meaningful impact. Allstate generally does not sponsor individuals for employment-based visas for this position. Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against pu