Security Awareness Specialist

Who is Allstate:

Allstate Insurance Company of Canada is a leading home and auto insurer focused on providing its customers prevention and protection products and services for every stage of life. The company is proud to have been named a Best Employer in Canada for nine consecutive years and prioritizes supporting employees and fostering an inclusive, welcoming corporate culture. Allstate is committed to making a positive difference in the communities in which it operates through partnerships with charitable organizations, employee giving and volunteerism. Serving Canadians since 1953, Allstate strives to provide reassurance with its "You’re in Good Hands®" promise.

Through our Employee Value Proposition, Opportunity, Flexibility, Community, Diversity and Family, we have worked hard to develop and nurture a culture where employees feel valued, experience personal growth, have career options and truly enjoy the work they do.

Role Designation: Hybrid

Benefits to joining Allstate

• Flexible Work Arrangements
• Employee discounts (15% on auto and property insurance, plus many other products and services)
• Good Office program (receive up to 400$ back after purchasing office equipment)
• Student Loan Payment Matching Program for Government Student loans
• Comprehensive Retirement Savings Program with employer matched contributions
• Annual Wellness allowance to support employees with improving health and wellbeing
• Personal reflection day
• Tuition Reimbursement
• Working within the community and giving back!

Job description:

The Security Awareness Specialist will be responsible for the development and ongoing operation of an enterprise-wide cybersecurity awareness and education program. The overall goal of the cybersecurity awareness and education program is to promote a risk-aware workplace culture, educate employees on security threats and how to defend against them, and empower employees to adopt cybersecurity best practices. This role is responsible for working directly with security, technology and business groups across the organization to design and enable Allstate Canada Group (ACG)’s pragmatic approach to risk-based security.

Accountabilities:

• Maintain and grow a positive and progressive cybersecurity awareness and education program that engages employees, reduces human risk factors, and influences behavioral and cultural changes long term.
• Develop internal cybersecurity awareness and education initiatives, such as campaigns, communications, training, events, etc., that inform and educate employees and contractors on cybersecurity risks.
• Maintain the Secure Development Lifecycle (SDL) training program by evaluating requirements, sourcing learning materials, and delivering relevant organizational wide and role-based training.
• Create/write highly effective educational and informative content using a wide variety of formats and distribution channels.
• Manage and maintain information to ensure content is updated and reflects changing requirements within the organization, cybersecurity, and IT risk.
• Define program metrics and statistics, and evaluate the effectiveness of existing training, education, and awareness program initiatives.
• Collaborate with security teams and management to consider key cybersecurity risks, and how to help address them via program initiatives.

Qualifications:

• Post-secondary degree Marketing, Communications, Technology, or a related discipline.
• 5+ years of experience in strategic internal cybersecurity awareness and education, and organizational change management programs related to IT risk/cybersecurity.
• Foundational understanding of security-related threats and risks, as well as practices and capabilities to address them.
• Excellent written & verbal communication skills required to communicate to a variety of individuals with varying degrees of technical understanding.
• Experience in with various training delivery methods such as LMS systems, SCORM package creation and other interactive tools.
• Prior project management experience and the ability to manage multiple priorities.
• Strong analytical skills, problem solving, and conceptual thinking.

Bonus qualification:

• Preferred certifications: Certified Security Awareness Practitioner (CSAP), Certified Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or related certifications.
• Certification in training is desirable.
• Strong design/data visualization skills.

Allstate Canada Group has policies and practices that provide workplace accommodations. If you require accommodation, please let us know and we will work with you to meet your needs.