Pearson Cloud Security Engineer, Identity & Access in Austin, Texas
Cloud Security Engineer, Identity & Access
At Pearson, we have a once in a generation opportunity to transform teaching & learning to prepare people for a changing economy. The educational ecosystem is changing at a ferocious pace. Our company is changing rapidly. We no longer have the luxury of waiting to see how the market will change; we need to operate differently. Learners today are preparing to enter a world of work in which the skills required for employment are rapidly changing. Lifelong learning & ongoing re-skilling will become a reality for most.
In addition - Technology has changed our expectations of how we live, work, communicate. Learners expect education to be engaging and inspiring. They expect digital learning to be as responsive, secure, fast and effective as the other apps in their pocket - Facebook, iTunes. They expect to have access to learning anytime, anyplace, any device and get help when they need it - Consumer Grade without being a target of cyber attacks.
One of biggest investments is in a new digital platform - the Global Learning Platform - which will fundamentally change the way we design, develop and deliver learning experiences, enabling new business models. Pearson’s Global Learning Platform will provide engaging, responsive, and personalized learning experiences to students everywhere. The cloud security team at Pearson will drive all aspects of design, build, operate and assess across cloud based digital platforms and products.
As a direct report to the Director, Product Information Security Officer (PISO), you will have the following responsibilities:
Work closely with product and platform teams to engineer and implement cloud security controls with a focus on identity and access management
Cloud Security IAM engineer will fundamentally change the way Pearson access management is established for AWS environments
Implement AWS based cloud security capabilities leveraging KMS, IAM policies and groups
Assist with Key Management and security strategy, roadmap and vision definition, lead AWS Cloud KMS application architecture and technical design.
Lead AWS Cloud IAM and KMS engineering integrations with digital platforms and products
Build working relationships with corporate IAM product development and engineering teams.
Extensive experience in MFA technologies using platforms such as Forgerock and Authy
Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner
Develop cloud security solutions to enable production security operations (SOC)
Deploy large-scale cloud environments using container and microservice technologies
Develop security capabilities in support of DevOps processes
Secure cloud development and delivery processes
Craft and evangelize secure cloud platform & product requirements
Communicate security risks and solutions to business partners, platform & product teams
Embrace a culture of continuous service improvement and service excellence
Stay current on security industry trends
Overall 6 years experience in Technology with extensive experience in cloud solutions (AWS, OpenStack)
At least 3 years architecting and developing AWS- based applications solution design and development, security of access endpoints, data and infrastructure in cloud with strong EC2, IAM, KMS, HSM, S3, Cloudwatch and Cloud Trail knowledge.
Minimum 2 years of experience with planning and implementing IAM capabilities, including: Identity Governance & Administration, Access Management & Federation, Directory Services, Key Management as a Service (KMaaS), experience implementing packaged or custom KMS solutions, including but not limited to products such as ForgeRock and Authy
Bachelor's Degree in Computer Science or related field or equivalent experience.
Experience with custom development or IAM solutions using AWS integration technologies, Python, Java/EE, JSON, SAML, XACML, SCIM.
Hand on-Experience in virtualization, Cloud Formation, Python in building hybrid cloud models with with layered security
Real time scalability and highly available solutions leveraging functions like Lambda, AWS Auto Scaling and Cloud Formations.
Source code management tools such as BitBucket
Skilled in HTML/CSS, JSON, REST, HTTP, Python, Java/EE, SAML, XACML, SCIM
AWS certification along with other security certifications such as CISSP, SSCP is a plus
Actively Participate in data design sessions
Strong hands-on experience in development in the AWS cloud environment, SAML based SSO and industry standard integrations for Identity and Access Management.
Knowledge in development languages such as Java, .Net, Node.js, Python, Ruby etc.
The candidate will apply their experience building reliable, scalable, secure data driven process automation for managing user access life cycle for AWS console.
Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, confluence, various monitoring/alerting tools;
Experience on Agile delivery;
Familiar with a broad range of cloud security technologies such as Container, encryption and key management, DDoS protection, configuration compliance
Some proven ability in securing the CI/CD pipeline
Competences and Behaviors
Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.
Must be able to communicate effectively and build solid relationships with individuals at all levels, in multiple geographies and business functions.
Strong oral, written, and presentation abilities - able to convey risk to all levels of the business, from C-level executives to operations and development teams;
Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders
Excellent oral and written communication skills and exceptional interpersonal skills.
Demonstrated ability to work under pressure.
Ability to work within a dynamic and fast paced international environment
Ability to build rapport with other team members and relevant teams
Very good communications, presentation and negotiations skills
Able to express technical and non-technical concepts in clear verbal and written English
Very good written skills to document complex concepts in a comprehensive, yet readable manner
Encourages people to be open and share their views
Considers a range of options that meet the needs of all stakeholders
Ability to use own initiative to solve technical problems
Takes responsibility for projects and strategic initiatives
Demonstrate clear and measurable results through the development of KPIs, goals and milestones
Ambitious and competitive
Drive innovation and best practice
Strive for standardization and simplification in all aspects of work
Able to balance the needs of the business against the desire for the best solution possible
Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.
Primary Location: US-TX-San Antonio
Other Locations US-CA-San Francisco, US-CO-Centennial, US-TX-Austin
Work Locations: US-TX-San Antonio-19500 Bulverde 19500 Bulverde Road San Antonio 78259
Organization: Technology & Operations
Employee Status: Regular Employee
Job Type: Standard
Shift: Day Job
Job Posting: Oct 3, 2017
Req ID: 1716226