Pearson Senior Cloud Security Engineer, DevSecOps in San Antonio, Texas
Senior Cloud Security Engineer, DevSecOps
At Pearson, we have a once in a generation opportunity to transform teaching & learning to prepare people for a changing economy. The educational ecosystem is changing at a ferocious pace. Our company is changing rapidly. We no longer have the luxury of waiting to see how the market will change; we need to operate differently. Learners today are preparing to enter a world of work in which the skills required for employment are rapidly changing. Lifelong learning & ongoing re-skilling will become a reality for most.
In addition - Technology has changed our expectations of how we live, work, communicate. Learners expect education to be engaging and inspiring. They expect digital learning to be as responsive, secure, fast and effective as the other apps in their pocket - Facebook, iTunes. They expect to have access to learning anytime, anyplace, any device and get help when they need it - Consumer Grade without being a target of cyber attacks.
One of biggest investments is in a new digital platform - the Global Learning Platform - which will fundamentally change the way we design, develop and deliver learning experiences, enabling new business models. Pearson’s Global Learning Platform will provide engaging, responsive, and personalized learning experiences to students everywhere. The cloud security team at Pearson will drive all aspects of design, build, operate and assess across cloud based digital platforms and products.
As a direct report to the Director, Product Information Security Officer (PISO), you will have the following responsibilities:
Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps
Snr Cloud Security DevSecOps Engineer will fundamentally change the way Pearson security processes and tools are integrated within DevOps
Implement a tools driven and highly automated approach to deliver our key security management processes by exploiting investment in existing tooling (e.g. ServiceNow, Chef, Splunk) and / or identify new tooling.
Design and implement AWS/Cloud based DevSecOps processes and tools
Develop procedures to automate security tasks during code builds and deployments
Respond to and, when appropriate, resolve or escalate security incidents
Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
Assist and train team members in the use of cloud security tools and the resolution of security issues
Develop and maintain documentation for security systems and procedures
Collaborate with the Ops team to build infrastructure and servers on AWS
Lead AWS Cloud DevSecOps engineering integrations with platforms such as SPLUNK ES, Threat Analytics and UEBA
Evaluate and recommend use of ML, AI, and data analytic services to enable action based events and triggers
Actively involved in cloud environment threat hunting using manual and automated tools
Build working relationships with corporate technology and business teams
Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner
Deploy automated security solutions for cloud delivery processes
Develop cloud security solutions to enable production security operations (SOC)
Deploy compliance solutions for large-scale cloud environments using container and microservice technologies
Develop security and compliance capabilities in support of DevOps processes
Develop & deploy automated solutions to secure cloud development processes
Craft and evangelize secure cloud platform & product requirements
Communicate security risks and solutions to business partners, platform & product teams
Embrace a culture of continuous service improvement and service excellence
Stay current on security industry trends
Overall 6 years experience in Technology with extensive experience in cloud solutions (AWS, OpenStack)
Minimum 4 years of experience with implementing and automating Cloud DevSecOps including technologies such as SPLUNK ES, Twistlocker, CloudPassage and threat intel platforms
Extensive experience in cloud based DDoS protection services such as AWS Advanced Shield and Akamai
Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others
Knowledge of network based, system level, and application layer attacks and mitigation methods
Extensive Experience working with container technology including Docker and Kubernetes
Experience in DevOps environments and maintaining security in CI/CD processes
Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management
Knowledge of AWS automation strategies and tools
Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
Ability to clearly and effectively communicate concerns, issues to other teams
Experience in developing, documenting, and maintaining security procedures
Proficient in AWS CLI, Bash, and Python
Threat and risk modelling experience using platforms such as Continuum Security
Bachelor's Degree in Computer Science or related field or equivalent experience.
Experience with custom development using AWS integration technologies, Python, Java/EE, JSON, SAML, XACML, SCIM.
Experience in virtualization, Cloud Formation, Python in building hybrid cloud models with security layered in for groups, policies is critical for individual's hands-on expertise.
Real time scalability and highly available solutions leveraging functions like Lambda, AWS Auto Scaling and Cloud Formations.
Source code management tools such as BitBucket
Skilled in HTML/CSS, JSON, REST, HTTP, Python, Java/EE, SAML, XACML, SCIM
AWS certification along with other security certifications such as CISSP, SSCP is a plus
Actively Participate in data design sessions
The candidate will apply their experience building reliable, scalable, secure data driven process automation for managing compliance
Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, confluence, various monitoring/alerting tools;
Competences and Behaviors
Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.
Must be able to communicate effectively and build solid relationships with individuals at all levels, in multiple geographies and business functions.
Strong oral, written, and presentation abilities - able to convey risk to all levels of the business, from C-level executives to operations and development teams;
Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders
Excellent oral and written communication skills and exceptional interpersonal skills.
Demonstrated ability to work under pressure.
Ability to work within a dynamic and fast paced international environment
Ability to build rapport with other team members and relevant teams
Very good communications, presentation and negotiations skills
Able to express technical and non-technical concepts in clear verbal and written English
Very good written skills to document complex concepts in a comprehensive, yet readable manner
Encourages people to be open and share their views
Considers a range of options that meet the needs of all stakeholders
Ability to use own initiative to solve technical problems
Takes responsibility for projects and strategic initiatives
Demonstrate clear and measurable results through the development of KPIs, goals and milestones
Ambitious and competitive
Drive innovation and best practice
Strive for standardization and simplification in all aspects of work
Able to balance the needs of the business against the desire for the best solution possible
Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.
Primary Location: US-TX-San Antonio
Other Locations US-CA-San Francisco, US-CO-Centennial, US-TX-Austin
Work Locations: US-TX-San Antonio-19500 Bulverde 19500 Bulverde Road San Antonio 78259
Organization: Technology & Operations
Employee Status: Regular Employee
Job Type: Standard
Shift: Day Job
Job Posting: Oct 3, 2017
Req ID: 1716224