Pearson Cloud Security Engineer, Identity & Access in San Antonio, Texas

Cloud Security Engineer, Identity & Access


At Pearson, we have a once in a generation opportunity to transform teaching & learning to prepare people for a changing economy. The educational ecosystem is changing at a ferocious pace. Our company is changing rapidly. We no longer have the luxury of waiting to see how the market will change; we need to operate differently. Learners today are preparing to enter a world of work in which the skills required for employment are rapidly changing. Lifelong learning & ongoing re-skilling will become a reality for most.

In addition - Technology has changed our expectations of how we live, work, communicate. Learners expect education to be engaging and inspiring. They expect digital learning to be as responsive, secure, fast and effective as the other apps in their pocket - Facebook, iTunes. They expect to have access to learning anytime, anyplace, any device and get help when they need it - Consumer Grade without being a target of cyber attacks.

One of biggest investments is in a new digital platform - the Global Learning Platform - which will fundamentally change the way we design, develop and deliver learning experiences, enabling new business models. Pearson’s Global Learning Platform will provide engaging, responsive, and personalized learning experiences to students everywhere. The cloud security team at Pearson will drive all aspects of design, build, operate and assess across cloud based digital platforms and products.


As a direct report to the Director, Product Information Security Officer (PISO), you will have the following responsibilities:

  • Work closely with product and platform teams to engineer and implement cloud security controls with a focus on identity and access management

  • Cloud Security IAM engineer will fundamentally change the way Pearson access management is established for AWS environments

  • Implement AWS based cloud security capabilities leveraging KMS, IAM policies and groups

  • Assist with Key Management and security strategy, roadmap and vision definition, lead AWS Cloud KMS application architecture and technical design.

  • Lead AWS Cloud IAM and KMS engineering integrations with digital platforms and products

  • Build working relationships with corporate IAM product development and engineering teams.

  • Extensive experience in MFA technologies using platforms such as Forgerock and Authy

  • Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner

  • Develop cloud security solutions to enable production security operations (SOC)

  • Deploy large-scale cloud environments using container and microservice technologies

  • Develop security capabilities in support of DevOps processes

  • Secure cloud development and delivery processes

  • Craft and evangelize secure cloud platform & product requirements

  • Communicate security risks and solutions to business partners, platform & product teams

  • Embrace a culture of continuous service improvement and service excellence

  • Stay current on security industry trends


Required Experience

  • Overall 6 years experience in Technology with extensive experience in cloud solutions (AWS, OpenStack)

  • At least 3 years architecting and developing AWS- based applications solution design and development, security of access endpoints, data and infrastructure in cloud with strong EC2, IAM, KMS, HSM, S3, Cloudwatch and Cloud Trail knowledge.

  • Minimum 2 years of experience with planning and implementing IAM capabilities, including: Identity Governance & Administration, Access Management & Federation, Directory Services, Key Management as a Service (KMaaS), experience implementing packaged or custom KMS solutions, including but not limited to products such as ForgeRock and Authy

  • Bachelor's Degree in Computer Science or related field or equivalent experience.

  • Experience with custom development or IAM solutions using AWS integration technologies, Python, Java/EE, JSON, SAML, XACML, SCIM.

  • Hand on-Experience in virtualization, Cloud Formation, Python in building hybrid cloud models with with layered security

  • Real time scalability and highly available solutions leveraging functions like Lambda, AWS Auto Scaling and Cloud Formations.

  • Source code management tools such as BitBucket

  • Skilled in HTML/CSS, JSON, REST, HTTP, Python, Java/EE, SAML, XACML, SCIM

  • AWS certification along with other security certifications such as CISSP, SSCP is a plus

  • Actively Participate in data design sessions

  • Strong hands-on experience in development in the AWS cloud environment, SAML based SSO and industry standard integrations for Identity and Access Management.

  • Knowledge in development languages such as Java, .Net, Node.js, Python, Ruby etc.

  • The candidate will apply their experience building reliable, scalable, secure data driven process automation for managing user access life cycle for AWS console.

  • Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, confluence, various monitoring/alerting tools;

  • Experience on Agile delivery;

  • Familiar with a broad range of cloud security technologies such as Container, encryption and key management, DDoS protection, configuration compliance

  • Some proven ability in securing the CI/CD pipeline

Competences and Behaviors

  • Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.

  • Must be able to communicate effectively and build solid relationships with individuals at all levels, in multiple geographies and business functions.

  • Strong oral, written, and presentation abilities - able to convey risk to all levels of the business, from C-level executives to operations and development teams;

  • Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders

  • Excellent oral and written communication skills and exceptional interpersonal skills.

  • Demonstrated ability to work under pressure.

  • Ability to work within a dynamic and fast paced international environment

  • Ability to build rapport with other team members and relevant teams

  • Very good communications, presentation and negotiations skills

  • Technically innovative

  • Able to express technical and non-technical concepts in clear verbal and written English

  • Very good written skills to document complex concepts in a comprehensive, yet readable manner

  • Encourages people to be open and share their views

  • Considers a range of options that meet the needs of all stakeholders

  • Ability to use own initiative to solve technical problems

  • Delivery Focused

  • Takes responsibility for projects and strategic initiatives

  • Demonstrate clear and measurable results through the development of KPIs, goals and milestones

  • Ambitious and competitive

  • Drive innovation and best practice

  • Strive for standardization and simplification in all aspects of work

  • Able to balance the needs of the business against the desire for the best solution possible


Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-TX-San Antonio

Other Locations US-CA-San Francisco, US-CO-Centennial, US-TX-Austin

Work Locations: US-TX-San Antonio-19500 Bulverde 19500 Bulverde Road San Antonio 78259

Job: Technology

Organization: Technology & Operations

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Oct 3, 2017

Req ID: 1716226