At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.
Job Description
Product Security Engineering designs, builds, and operates enterprise security controls as software products that integrate directly into the SDLC and core enterprise platforms. The organization applies modern engineering practices to create scalable, reliable, and developer friendly security capabilities that are embedded into the enterprise technology ecosystem and enable secure by default behaviors while minimizing friction for product and platform teams.
The Managing Security Engineer is a hands on engineering leader responsible for leading a team that delivers and operates these security controls in production. This role blends deep technical leadership, people leadership, and delivery ownership: setting technical direction, guiding architecture and design decisions, coaching and developing engineers, and ensuring the team consistently ships high quality software that achieves measurable security and engineering outcomes. The Managing Security Engineer is accountable for the end to end success of the team’s security products, including reliability, adoption, and operational health in production.
Key Responsibilities** **
- Lead and manage an engineering team delivering security controls as software products, including hiring, onboarding, coaching, performance management, and career development
- Set technical direction for the team and drive high‑quality execution across design, implementation, deployment, and production support of security controls
- Serve as a hands‑on technical leader by contributing to architecture and design reviews, guiding technical decisions, performing code reviews, and supporting critical‑path implementation as needed
- Own operational outcomes for the team’s products in production, including reliability, performance, and continuous improvement through feedback and learning loops
- Partner with Digital Product Managers, platform teams, and engineering stakeholders to effect alignment across roadmaps, priorities, and delivery plans spanning multiple product portfolios
- Build and sustain a strong engineering culture that emphasizes modern delivery practices (e.g., test‑driven development, paired programming, CI/CD), fast feedback, and continuous improvement
- Influence and innovate solutions to complex security challenges by translating security needs into scalable engineering approaches and reusable capabilities
- Facilitate effective agile execution (standups, planning, backlog refinement, retrospectives) while maintaining a strong focus on outcomes rather than ceremony
Essential Skills
- 5+ years of professional software engineering experience, including hands on production coding in modern languages (e.g., Java, JavaScript, Python) and ownership of production systems delivering measurable reliability, performance, or security outcomes
- 2+ years of experience leading engineers through hands on technical guidance, including architecture reviews, design decisions, and code reviews
- Proven background in building and operating scalable, distributed systems in cloud environments, including microservices‑based architectures
- Track record of designing, evolving, and integrating APIs and backend services, with attention to reliability, scalability, and security considerations
- Practical application of modern engineering practices such as test‑driven development, paired programming, CI/CD pipelines, and operational feedback loops including monitoring and observability
- Experience operating within agile delivery environments, partnering closely with Digital Product Managers and engineering stakeholders to deliver outcomes
Desirable Skills
- Demonstrated depth in security engineering domains such as application security, cloud security, DevSecOps, or secure software development practices
- Practical experience designing or operating security controls embedded into CI/CD pipelines, developer workflows, or shared platform services
- Proven ability to influence technical decisions beyond the immediate team, driving adoption of secure patterns, standards, or reusable capabilities across product areas
- Experience mentoring senior engineers and emerging technical leaders, with a focus on raising engineering quality and long‑term team capability
- Strong organizational awareness and the ability to navigate cross‑team dependencies while maintaining delivery momentum and technical integrity
- Exposure to cloud‑native and containerized environments (e.g., Kubernetes, Docker, AWS and/or Azure) and the security considerations that accompany them
- Familiarity with security metrics and operational signals (e.g., control adoption, reliability, incident reduction) used to evaluate engineering and security outcomes
- Strong mindset of balancing delivery velocity, security rigor, and developer experience, making thoughtful tradeoffs appropriate to context
- Demonstrated commitment to building solutions that balance robust security guarantees with an excellent developer experience, without compromising one for the other
Supervisory Responsibilities
- This role has supervisory responsibilities and serves as the first level manager for a team of engineers.
#LI-JJ1
Skills
API Development, Application Security, CI/CD, Cloud Security, Cross-Functional Collaboration, Distributed Systems, Java, JavaScript, Microservices Architecture, People Leadership, Python (Programming Language), Technical Leadership
Compensation
Compensation offered for this role is $120,000 – 195,000 annually and is based on experience and qualifications.
The candidate(s) offered this position will be required to submit to a background investigation.
Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. One where you can shape the future of protection while supporting causes that mean the most to you. Joining our team means being part of something bigger – a winning team making a meaningful impact.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please click “here” for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click “here” for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.
To view the “EEO Know Your Rights” poster click “here”. This poster provides information concerning the laws and procedures for filing complaints of violations of the laws with the Office of Federal Contract Compliance Programs.
To view the FMLA poster, click “here”. This poster summarizing the major provisions of the Family and Medical Leave Act (FMLA) and telling employees how to file a complaint.
It is the Company’s policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee’s ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race (include traits historically associated with race, including, but not limited to, hair texture and protective hairstyles), religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.