Pearson Cloud Security Product Lead in Centennial, Colorado

Cloud Security Product Lead

Description

At Pearson, we have a once in a generation opportunity to transform teaching & learning to prepare people for a changing economy. The educational ecosystem is changing at a ferocious pace. Our company is changing rapidly. We no longer have the luxury of waiting to see how the market will change; we need to operate differently. Learners today are preparing to enter a world of work in which the skills required for employment are rapidly changing. Lifelong learning & ongoing re-skilling will become a reality for most.

In addition - Technology has changed our expectations of how we live, work, communicate. Learners expect education to be engaging and inspiring. They expect digital learning to be as responsive, secure, fast and effective as the other apps in their pocket - Facebook, iTunes. They expect to have access to learning anytime, anyplace, any device and get help when they need it - Consumer Grade without being a target of cyber attacks.

One of biggest investments is in a new digital platform - the Global Learning Platform - which will fundamentally change the way we design, develop and deliver learning experiences, enabling new business models. Pearson’s Global Learning Platform will provide engaging, responsive, and personalized learning experiences to students everywhere. The cloud security team at Pearson will drive all aspects of design, build, operate and assess across cloud based digital platforms and products.

Responsibilities

As a direct report to the Director, Product Information Security Officer (PISO), you will have the following responsibilities:

  • Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps

  • Be the change agent for cloud based global product teams to embrace DevSecOps through automation and security integration to CI/CD processes

  • Ensure all Pearson’s cloud digital platforms and products meet key security and compliance requirements

  • Strong leadership skill driven both from business and security perspectives to ensure delivery of product security solutions which are aligned to Pearson’s business needs;

  • Develop secure cloud platform & product requirements

  • Serve as a subject matter expert in application development, database and microservice design, container and/or virtual machine technologies, helping project teams comply with enterprise and CISO security policies, industry regulations, and best practices

  • Coordinate incident response, investigation, and resolution of security incidents across global products

Qualifications

Required Experience

  • 8 years in Information Security space; with a focus on digital platform and product security

  • Minimum of 5 years of relevant experience in secure SDLC (i.e., Agile, DevOps), threat modelling, risk management, vulnerability management, incident response and security monitoring.

  • In-depth knowledge of application security tool sets used for static and dynamic testing such as Checkmarx, AppSpider

  • Extensive experience in the designing and implementing product and application security controls for both cloud and on-prem

  • BA/BS degree, or equivalent experience, security qualifications and accreditation appropriate to the region.

  • In-depth understanding of application security frameworks such as OWASP

  • Strong experience in cloud provider ecosystems, including Amazon AWS, Microsoft Azure, and OpenStack.

  • Experience with a broad range of security technologies, including nextgen firewalls, DLP, NAC, IDS/IPS, IdAM, certificate management, SIEM, endpoint protection, anti-malware, vulnerability management and cloud security;

  • Strong oral, written, and presentation abilities - able to convey risk to all levels of the business, from C-level executives to operations and development teams;

  • Some proven ability in securing the CI/CD pipeline

  • Solid working experience of continuous integration practices & tools (Jenkins, Travis CI, etc…)

  • An established history of working in agile teams

Competences and Behaviors

  • Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.

  • Must be able to communicate effectively and build solid relationships with individuals at all levels, in multiple geographies and business functions.

  • Strong oral, written, and presentation abilities - able to convey risk to all levels of the business, from C-level executives to operations and development teams;

  • Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders

  • Excellent oral and written communication skills and exceptional interpersonal skills.

  • Demonstrated ability to work under pressure.

  • Ability to work within a dynamic and fast paced international environment

  • Ability to build rapport with other team members and relevant teams

  • Very good communications, presentation and negotiations skills

  • Technically innovative

  • Able to express technical and non-technical concepts in clear verbal and written English

  • Very good written skills to document complex concepts in a comprehensive, yet readable manner

  • Encourages people to be open and share their views

  • Considers a range of options that meet the needs of all stakeholders

  • Ability to use own initiative to solve technical problems

  • Delivery Focused

  • Takes responsibility for projects and strategic initiatives

  • Demonstrate clear and measurable results through the development of KPIs, goals and milestones

  • Ambitious and competitive

  • Drive innovation and best practice

  • Strive for standardization and simplification in all aspects of work

  • Able to balance the needs of the business against the desire for the best solution possible

#LI-LL

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-TX-San Antonio

Other Locations US-CA-San Francisco, US-CO-Centennial, US-TX-Austin

Work Locations: US-TX-San Antonio-19500 Bulverde 19500 Bulverde Road San Antonio 78259

Job: Technology

Organization: Technology & Operations

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Oct 3, 2017

Req ID: 1716223