Cybersecurity Automation Engineer (Illinois)

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.

Job Description

We are looking for a hands-on Cybersecurity Automation Engineer to design and build software that enables and scales cybersecurity operations across Allstate.

This role sits within the Automation Enablement team in Cyber Operations. The mission of this team is to turn security requirements and manual processes into reliable, secure, automated services that improve incident response, integrate security tooling, and strengthen cloud-first security operations.

This is an engineering-first role. You will write and maintain production code, build secure services and APIs, and partner closely with incident response, threat intelligence, IAM, and platform teams to deliver automation that is used every day.

The internal job title is a Security Engineer Senior Consultant II.

Key Responsibilities

What You Will Do

Build Secure Software & Automation

Design, develop, test, and maintain production-grade security services, APIs, and automation

Build internal tools and integrations that support incident response, detection, and cyber operations

Treat security tooling as software products: versioned, tested, monitored, and maintained

Apply Security Engineering Best Practices

Design secure APIs using authentication and authorization standards (OAuth 2.0, OIDC, SAML, JWT)

Apply secure software design principles including least privilege, secrets management, and defense-in-depth

Use cryptographic concepts appropriately (hashing, encryption, key management via managed services)

Automate & Integrate Across Platforms

Integrate security controls and validation into CI/CD pipelines

Build automation that connects cloud platforms, security tools, and internal services

Partner with cloud and platform teams to ensure solutions are scalable, resilient, and secure

Support Cyber Operations

Collaborate with incident response, threat intelligence, and SOC teams to identify automation opportunities

Improve consistency and speed of response through repeatable, reliable automation

Participate in incident follow-ups and help turn lessons learned into system improvements

Essential Qualifications

• 3+ years of professional software development experience

• Strong proficiency in at least one backend language (Python or Java preferred)

• Experience designing and building secure APIs or services

• Practical knowledge of secure coding practices and common application vulnerabilities

• Experience with IAM and authentication concepts (OAuth 2.0, OIDC, SAML, JWT)

• Experience contributing to or working with CI/CD pipelines

• Hands-on experience with cloud platforms (Azure, AWS, or equivalent

Desirable Qualifications

• Experience with infrastructure or automation tooling (Terraform, Jenkins, GitHub Actions, etc.)

• Experience working with containers (Docker; Kubernetes exposure a plus)

• Experience integrating or extending SIEM/SOAR platforms (Microsoft Sentinel, Defender, Splunk, etc.)

• Exposure to incident response or security operations workflows

• Experience in regulated or large enterprise environments

• Relevant certifications such as Security+, AZ-104, or AWS Associate

What Success Looks Like

You build automation that security teams rely on

Manual security tasks become repeatable services

Secure defaults are enforced through code, not documentation

Cloud-based security controls are easier to use and harder to misuse

Experience

• 3 or more years of experience (Preferred)

Supervisory Responsibilities

• This job does not have supervisory duties.

#LI-MF1

Skills

Application Programming Interface (API), Authentication, Automation, Encryption, Information Security Engineering, IT Security Operations, Risk Management, Secure Coding, Secure Coding Practices, Security Controls, Security Engineering, Security Software, Security Tools, Software Automation, Splunk, Stakeholder Engagement

Compensation

Compensation offered for this role is 75,100.00 - 126,325.00 annually and is based on experience and qualifications.

The candidate(s) offered this position will be required to submit to a background investigation.

Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. One where you can shape the future of protection while supporting causes that mean the most to you. Joining our team means being part of something bigger – a winning team making a meaningful impact.

Allstate generally does not sponsor individuals for employment-based visas for this position.

Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.

For jobs in San Francisco, please click “ here ” for information regarding the San Francisco Fair Chance Ordinance.

For jobs in Los Angeles, please click “ here ” for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.

To view the “EEO Know Your Rights” poster click “ here ”. This poster provides information concerning the laws and procedures for filing complaints of violations of the laws with the Office of Federal Contract Compliance Programs.

To view the FMLA poster, click “ here ”. This poster summarizing the major provisions of the Family and Medical Leave Act (FMLA) and telling employees how to file a complaint.

It is the Company’s policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee’s ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race (include traits historically associated with race, including, but not limited to, hair texture and protective hairstyles), religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.