Exposure Intelligence - CTEM Consultant

Allstate Insurance Company

$100K — $170K *
US-AnywhereRemote in United States
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years in security engineering or platform engineering
  • Experience with integrating security tools and APIs/data pipelines
  • Strong understanding of security data transformation into risk prioritization
  • Preferred experience with CTEM platforms, e.g., Zafran or Nagomi
  • Familiarity with vulnerability management and asset inventory

Responsibilities

  • Own and manage CTEM platforms and related tools
  • Maintain platform health and access controls
  • Design and maintain integrations across security and cloud platforms
  • Ensure accurate data ingestion, normalization, and correlation
  • Develop actionable dashboards for different audience levels
  • Partner with leadership to align reporting with KPIs
  • Automate processes to enhance workflow and reduce manual effort

Benefits

  • Comprehensive technology setup including laptop and peripherals
  • Monthly connectivity reimbursement for remote work
  • Opportunity to work in a modern Cybersecurity environment focusing on business risk management
  • Role offers significant autonomy in shaping exposure management strategies
  • Access to a variety of security tools and platforms
Full Job Description
Job Description

Exposure Intelligence - CTEM Service Consultant

Business Title: Lead Consultant- Threat & Incident Response

Overall Scope:

Team and overall work scope
  • The team operates within a newly established Exposure Management function in the broader cybersecurity organization, focused on modernizing how the enterprise identifies, prioritizes, and mitigates security vulnerabilities shifting from traditional patch approaches to a more strategic focus on true business risk and exploitability
  • Individual Contributor/ Lead Consultant roles are designed to bring in deep domain expertise (network, endpoint, cloud, identity, infrastructure, etc.) to bridge the gap between security insights and practical remediation strategies
  • The CTEM Consultant of Platform & Exposure Operations is responsible for operating and scaling the Continuous Threat Exposure Management (CTEM) capability across the enterprise.
  • This role owns the integrations, data pipelines, user experience, and reporting layer that enable exposure visibility and prioritization.
  • The service consultant ensures exposure data is accurate, correlated, and actionable, enabling teams to reduce real-world risk through effective dashboards, workflows, and system integrations.


What's exciting about this role: Own and scale the CTEM platform that powers Exposure Management, managing configurations, data ingestion and integrations, and ensuring dashboards, RBAC, and workflows are accurate and actionable, while leveraging AI-enabled correlation to deliver high-confidence exposure intelligence at enterprise scale.

Ideal Candidate:
  • Experienced platform or security tooling engineer with a background in managing security platforms, integrations, and data pipelines.
  • Has hands-on experience with ingestion, normalization, dashboards, RBAC, and automation and can translate raw data into accurate, actionable exposure intelligence at scale.
  • Experience with Zafran or Nagomi or another CTEM Tool is a big plus.


Success Measures
  • High-quality data coverage and accuracy across CTEM inputs.
  • Increased adoption and usability of CTEM dashboards across teams.
  • Improved signal-to-noise ratio in exposure prioritization.
  • Reduction in manual effort through automation and integration.
  • Measurable improvement in risk visibility and reporting consistency.


Key Responsibilities- CTEM Platform Ownership
  • Own and manage CTEM platforms and supporting tooling (e.g., exposure management, vulnerability correlation, attack path tools).
  • Maintain platform health, configuration, and access controls.
  • Manage user onboarding, permissions, and adoption across security and engineering teams.
  • Design, build, and maintain integrations across
    • Vulnerability management tools
    • EDR/XDR platforms
    • Cloud/security platforms (AWS, Azure, Entra, etc.)
    • Application and asset inventories
  • Ensure data ingestion, normalization, and correlation across sources.
  • Identify and resolve data quality gaps, duplication, and enrichment issues.
  • Aggregate and correlate security findings into meaningful exposure insights.
  • Maintain logic that supports exploitability-based prioritization.
  • Continuously improve signal quality and reduce noise.
  • Design and maintain CTEM dashboards and reporting views for different audiences:
    • Executive (risk + trends)
    • Engineering (actionable fixes)
    • Security (coverage + effectiveness)
  • Ensure reporting reflects:
    • Real exposure (attack paths)
    • Risk reduction progress
    • SLA/MTTR performance
  • Partner with leadership (CISO, service managers) to align reporting with KPIs.
  • Build and optimize workflows that connect CTEM insights to remediation execution.
  • Automate prioritization, ticket creation, and tracking where possible.
  • Reduce manual effort in exposure triage and reporting.
  • Serve as the bridge between CTEM data and execution teams (VM, AppSec, DFIR, Cloud Security).
  • Enable teams to consume CTEM intelligence effectively through dashboards and integrations.
  • Drive adoption and proper usage of CTEM capabilities.


Required Qualifications
  • 3+ years in security engineering, exposure management, vulnerability management, or platform engineering.
  • Experience integrating security tools and working with APIs/data pipelines.
  • Strong understanding of how security data translates into risk and prioritization.


Preferred Qualifications
  • Experience with CTEM platforms (e.g., Zafran, Nagomi, Pantera, etc.).
  • Background in data engineering, automation, or scripting (Python, APIs).
  • Familiarity with vulnerability management, asset inventory, and identity data.
  • Experience building dashboards (Power BI, Tableau, or platform-native).


Skills
Cyber Incident Response, Exposure Management, IT Security Operations, Python Automation, Root Cause Analysis (RCA), Threat Assessment, Threat Monitoring

Compensation
Compensation offered for this role is 100,000.00 - 170,500.00 annually and is based on experience and qualifications.

Allstate provides a comprehensive technology setup, including a laptop, monitors, headset, keyboard, and mouse. Employees eligible to work from home also receive a monthly connectivity reimbursement to help offset internet costs.

When working from home, you must have a dedicated, private workspace free from distractions, along with appropriate desk and seating. Reliable internet is required, with minimum speeds of 50 MB download and 5 MB upload.

Similar Jobs

More Jobs at Allstate Insurance Company

More Information Technology Jobs

Find similar Exposure Intelligence - CTEM Consultant jobs: