Lead Consultant - Threat & Incident Response Infrastructure & Systems - Allstate Insurance

Key Responsibilities

• Design and operate monitoring and detection pipelines for server, container, and Kubernetes workloads.
• Lead incident response activities, including triage, containment, root‑cause analysis, and post‑mortem reporting.
• Develop and maintain automated threat‑hunting scripts and playbooks using Python and Bash.
• Integrate and tune SIEM solutions to ingest logs from Linux, Windows Server, and container platforms.
• Collaborate with engineering and security teams to remediate vulnerabilities and improve security posture.

Requirements

• 5+ years of experience in infrastructure security, with deep knowledge of Linux, Windows Server, Docker, and Kubernetes.
• Proficiency in scripting languages such as Python and Bash for automation and analysis.
• Hands‑on experience with SIEM platforms, log aggregation, and threat‑intelligence feeds.
• Demonstrated expertise in incident response, threat hunting, and vulnerability management.
• Strong analytical and communication skills to convey findings to technical and non‑technical stakeholders.