Pearson Cloud Security Engineer in Austin, Texas

Cloud Security Engineer

Description

At Pearson, we have a once in a generation opportunity to transform teaching & learning to prepare people for a changing economy. The educational ecosystem is changing at a ferocious pace. Our company is changing rapidly. We no longer have the luxury of waiting to see how the market will change; we need to operate differently. Learners today are preparing to enter a world of work in which the skills required for employment are rapidly changing. Lifelong learning & ongoing re-skilling will become a reality for most.

In addition - Technology has changed our expectations of how we live, work, communicate. Learners expect education to be engaging and inspiring. They expect digital learning to be as responsive, fast and effective as the other apps in their pocket - Facebook, iTunes. They expect to have access to learning anytime, anyplace, any device and get help when they need it - Consumer Grade

One of biggest investments is in a new digital platform - the Global Learning Platform - which will fundamentally change the way we design, develop and deliver learning experiences, enabling new business models. Pearson’s Global Learning Platform will provide engaging, responsive, and personalized learning experiences to students everywhere.

The cloud security team is responsible for the definition and deployment of security reference architectures that provide roadmaps and design guidance for key security domains such as cloud platforms and products, IdAM integration, data privacy, enabling services, and many more. In addition to defining reference architectures, the cloud security team functions as a leader across the organization, helping to evangelize the security story and drive a culture of “secure by design” into the Pearson cloud environments and across all its cloud-enabled products.

Within this team, the Cloud Security Engineer is responsible for reviewing technology designs, and designing security controls and solutions, to reduce the risk to Pearson and its customers. They will help define the information security architecture and roadmap for the enterprise. This is a lead technical role.

Responsibilities

As a direct report to the Product Information Security Officer (PISO), you will have the following responsibilities:

  • Work closely with product and platform teams to engineer security controls based upon CISO office policies and standards

  • Assess and understand Pearson’s current cloud security posture and future architecture, providing recommendations for vulnerability remediation and risk reduction

  • Develop secure cloud-based applications and platforms

  • Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner

  • Deploy automated security solutions for cloud delivery processes

  • Develop cloud security solutions to enable production security operations (SOC)

  • Deploy large-scale cloud environments using container and microservice technologies

  • Develop security capabilities in support of DevOps processes

  • Educate product and platform teams on secure coding practices

  • Perform threat models and risk assessments to characterize the risk and severity posture of large-scale cloud environments

  • Develop & deploy automated solutions to secure cloud development processes

  • Craft and evangelize secure cloud platform & product requirements

  • Serve as a security expert in application development, database and microservice design, container and/or virtual machine technologies, helping project teams comply with enterprise and CISO security policies, industry regulations, and best practices

  • Research, design, and advocate new technologies, architectures, and security products that will support security requirements for the cloud and cloud-enabled products

  • Contribute to the development and maintenance of the information security strategy

  • Develop secure solutions, based on approved security architectures

  • Analyze business impact and exposure, based on emerging security threats, vulnerabilities and risks

  • Communicate security risks and solutions to business partners, platform & product teams

  • Design security configuration guidelines for information technology devices and systems, as well as mechanisms for assessing compliance with the guidelines

  • Design and builds controls to address security risks and events as identified

  • Embrace a culture of continuous service improvement and service excellence

  • Stay current on security industry trends

Qualifications

Skills and Experience

Necessary Experience

  • 3-4 years in Cloud Computing

  • 2 years in Information Security space

  • 5 years in Information Technology/Computing Technology space

  • Extensive operations experience in either Linux or Windows operating systems

  • Strong experience with cloud provider ecosystems, including Amazon AWS, Microsoft Azure, and OpenStack.

  • Experience scripting with languages such as Python, Ruby, etc.

  • Experience with security strategy, with a passion to make security realistic, achievable and interwoven with the business fabric

  • Experience with a broad range of security technologies, including nextgen firewalls, DLP, NAC, IDS/IPS, IdAM, certificate management, SIEM, endpoint protection, anti-malware, vulnerability management and cloud security;

  • Strong oral, written, and presentation abilities -able to convey risk to all levels of the business, from C-level executives to operations and development teams;

  • Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders

  • Some proven ability in securing the CI/CD pipeline

  • Expert command of config management principles and an ability to code your desired state

  • A strong grasp of monitoring tools, approach and implementation

  • Recognition of the role security plays in PaaS and Continuous Delivery

  • Able to show examples of previous work exploiting containerized services

  • Proven experience in implementing software defined networking

  • Solid working experience of continuous integration practices & tools (Jenkins, Travis CI, etc…)

  • An established history of working in agile teams

  • How to collaborate with a globally distributed team of engineers using tools like chat

Desirable Experience

  • Master’s degree in a technical discipline such as Information Security, Computer Science or Information Technology

  • Experience in migrating enterprise companies from traditional data center infrastructure, application and data designs to hybrid or fully-cloud enabled practices

  • 1 years in software development, with an emphasis on rapid delivery and integration

  • Experience designing and implementing encryption solutions such as PKI and encryption at rest technologies

  • How to write rigorous test cases for your code and use automated test frameworks for them

  • Well-rounded background in network, host, database, and application security

  • Formal training in and experience using an enterprise architecture methodology (for example, the Zachman Framework or TOGAF)

  • Some experience with databases technologies

  • Some experience with logging and alerting platforms, including SIEM integration

  • Knowledge of incident response methodologies and technologies

  • Experience implementing security controls in an enterprise IT environment

  • Experience driving a culture of security awareness

  • Experience administering network devices, databases, and/or web application servers

  • Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, OSCP, CCIE Security, CEH, Security )

Competences and Behaviors

  • Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.

  • Ability to work within a dynamic and fast paced international environment

  • Ability to build rapport with other team members and relevant teams

  • Very good communications, presentation and negotiations skills

  • Technically innovative

  • Able to express technical and non-technical concepts in clear verbal and written English

  • Very good written skills to document complex concepts in a comprehensive, yet readable manner

  • Encourages people to be open and share their views

  • Considers a range of options that meet the needs of all stakeholders

  • Ability to use own initiative to solve technical problems

  • Delivery Focused

  • Takes responsibility for projects and strategic initiatives

  • Demonstrate clear and measurable results through the development of KPIs, goals and milestones

  • Ambitious and competitive

  • Drive innovation and best practice

  • Strive for standardization and simplification in all aspects of work

  • Able to balance the needs of the business against the desire for the best solution possible

#LI-LL

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-TX-San Antonio

Other Locations US-TX-Austin, US-CA-San Francisco, US-CO-Centennial

Work Locations: US-TX-San Antonio-19500 Bulverde 19500 Bulverde Road San Antonio 78259

Job: Technology

Organization: Technology & Operations

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Jul 12, 2017

Req ID: 1709318