Platform Consultant - Technology Risk & Compliance

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection. Job DescriptionThe Technology Risk & Compliance business serves as the first line of defense in managing technology risk across Allstate Technology Solutions (ATS). As innovation accelerates and the technology landscape evolves, so do the risks we face — from regulatory changes and increasing costs to system disruptions and emerging threats. We are the central point of contact for risk and compliance within ATS. Our purpose is to provide a consistent, proactive approach to identifying, assessing and addressing risk. We help ensure that risk is managed effectively and transparently, so our partners can move forward with confidence.We are seeking a visionary Platform Consultant with deep engineering expertise and strong security architecture experience. In this senior-level role, you will act as a strategic advisor to our engineering teams and organizations, guiding them through complex technical challenges and shaping platform strategies in line with Allstate’s outcome-based delivery culture. You will embed secure-by-design principles, including rigorous threat modeling from the outset of development, to fortify our platforms from the ground up. You will make clear, well-informed architectural decisions and articulate our security posture and recommendations to senior leadership, ensuring clarity and confidence in the integrity of our solutions.As a security-focused engineering leader, you will collaborate with teams from Security Operations to implement proactive defenses and risk mitigations, to consulting with data scientists to leverage analytics and AI for enhanced platform capabilities. This cross-functional engagement provides continuous opportunities to influence Allstate’s engineering community. You will mentor teams in modern engineering practices, champion system-wide best practices (such as Zero Trust architecture and reusable design), and drive the adoption of emerging technologies to improve reliability, performance, and efficiency.Key ResponsibilitiesServe as a trusted consultant to engineering teams and organizations, guiding secure platform design and implementation across diverse product domainsCommunicate clearly and effectively ensuring business and engineering needs are metFoster effective collaborative sessions with teams from different disciplines and leadership levelsEmbed secure-by-design principles and deep threat modeling practices into the development lifecycle, ensuring security is foundational—not bolted onDefine and communicate Allstate’s security posture clearly to technical and business leadership, enabling informed decision-makingLead the ideation and implementation of innovative security controls that challenge the status quo and elevate Allstate’s embedded security maturityDrive forward engineering practices that adapt to evolving technologies, enabling scalable, resilient, and efficient platformsMentor engineers and platform consultants in systems thinking, reusable design, and outcome-based deliveryInfluence cross-functional teams through Discovery & Framing sessions, architectural reviews, and strategic planningPromote and enforce architectural standards, simplification, and reuse across the enterpriseActively participate in agile ceremonies and foster a culture of continuous learning and iterative deliveryJob QualificationsEssential Skills:Extensive experience (8+ years) in software engineering, platform development, or architecture roles, with increasing technical leadership responsibilities in complex enterprise environmentsDemonstrated success as a high-impact technical advisor to multiple engineering teams, with proven ability to influence architecture direction and mentor engineers in best practicesExpert-level knowledge of Agile/XP and DevOps methodologies, including paired programming, test-driven development (TDD), and CI/CD automation, with a track record of using these practices to accelerate delivery and improve qualityHands-on expertise in architecting and delivering large-scale distributed systems, such as cloud-native microservices on Docker/Kubernetes, deployed on modern cloud platforms (AWS, Azure, or equivalent), ensuring scalability, high availability, and performanceBroad technical proficiency across multiple programming languages and frameworks (especially Java and JavaScript ecosystems), and comfort with modern development tools (e.g., IntelliJ or VS Code, Git/GitHub, Spring Boot) and designing robust RESTful APIsExceptional analytical and problem-solving skills, combined with excellent communication abilities to clearly convey complex technical and security concepts to both engineering teams and senior business leadersDesirable Skills:In-depth knowledge of industry security frameworks and web/API security standards – e.g., OWASP Top 10, MITRE ATT&CK, OAuth 2.0, OpenID Connect, SAML – to guide secure design and development practicesDeep expertise in security architecture and secure-by-design practices, including advanced threat modeling, robust identity and access management (IAM) strategies, and Zero Trust architectures – with a proven ability to embed these controls at all stages of the development lifecycleBroad technical proficiency across multiple programming paradigms – in addition to Java and JavaScript experience, deep experience with procedural (e.g., Go, Rust) and functional (e.g., F#, Elixir, Haskell, Clojure) programming languages is a strong signal of architectural proficiencyTechnical proficiency with AI tools such as running local models, developing MCP servers, using AI powered development tool