Pearson Sr. Cloud Security Engineer in Centennial, Colorado

Sr. Cloud Security Engineer

Description

At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into laptop lessons, we are always re-examining the way people learn best, whether it’s one child in our own backyard or an education community across the globe.We are bold thinkers and standout innovators who motivate each other to explore new frontiers in an environment that supports and inspires us to always be better. By pushing the boundaries of technology — and each other to surpass these boundaries — we create seeds of learning that become the catalyst for the world’s innovations, personal and global, large and small.

The Security Engineeringteam is responsible for testing, designing and implementing security controlsand solutions driven by CISO policies and standards to reduce the risk toPearson and its customers. This includes enterprise-level design work forsystem security, cloud security, identity and access management, dataprotection and many more. Within this team, the Security Engineer isresponsible for reviewing technologies and designing security controls andsolutions to reduce the risks to Pearson and its customers.

The Security Engineer isa member of the Security Engineering team and is responsible for reviewing securitydesigns, implementing technical security controls, and designing securitysolutions in support of Pearson’s digital transformation to various cloud providers.They will help implement the information security design for cloud usagethroughout the enterprise, enforce compliance with security policies and controlsand function as a technical security expert on various projects. This is a midto senior technical role.

Responsibilities

  • As a direct report to the Director of Security Engineering, you will have the following responsibilities:

  • Work closely with functional-area architects, engineering, and security specialists throughout Pearson to ensure adequate security solutions and controls are in place throughout all IT systems, cloud systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements;

  • Assess and understand Pearson’s current security posture and future architecture, providing a viable solution path to bridge the gap;

  • Assess and understand the current and planned security posture for platforms (e.g. servers, databases, web servers), providing recommendations for improvement and risk reduction;

  • Provide security subject matter expertise on cloud control implementation for enterprise-scale projects;

  • Serve as a security expert in cloud-based application development, database design, network and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices;

  • Design security configuration standards, procedures, and guidelines for platforms such as baseline security configurations and hardening guides;

  • Design and implement mechanisms for assessing compliance with the security standards, procedures, and guidelines;

  • Identify and execute on opportunities to automate internal, cloud and platform security controls;

  • Design and build controls to address security risks and events as identified;

  • Define clear, concise, and executable standard operating procedures and documentation for any implemented solutions for formal operational handoff to other groups;

  • Provide subject matter expertise on, and conduct in-depth security reviews of, new OS, database, middleware, etc. solutions as they are identified for use;

  • Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk;

  • Support security incident response as required;

  • Researches, designs, and advocates new technologies and security products that will support security requirements for the enterprise and its customers, business partners, and vendors;

  • Contributes to the development and maintenance of the information security strategy;

  • Evaluates and develops secure solutions, based on approved security architectures;

  • Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks;

  • Communicates security risks and solutions to business partners and IT staff;

  • Recognize, adopt, and instill industry leading practices in security engineering throughout the organization;

  • Embrace a culture of continuous service improvement and service excellence; and

  • Stay up to date on security industry trends.

Qualifications

  • 7 years in Information Security space;

  • Strong experience with cloud security strategy, with a passion to make security realistic, achievable and interwoven with the business fabric;

  • Strong experience in migrating enterprise companies from traditional data center infrastructure, application and data designs to hybrid or fully-cloud enabled practices.

  • Strong experience with security in cloud provider ecosystems, including Amazon AWS, Microsoft Azure, and OpenStack.

  • Strong experience with a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS/ IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management;

  • Strong experience with logging and alerting platforms, including SIEM integration;

  • Some experience with relational database platforms such as MSSQL, Oracle and MySQL;

  • Some experience with Unix/Linux and Windows system administration;

  • Some experience with NoSQL database platforms, including Mongo, Cassandra;

  • Some experience with product security, product development, dev ops and secure dev ops processes and the ability to integrate into these teams.

  • Some proven ability in security process and organizational design;

  • Current understanding of Industry trends and emerging threats; and

  • Knowledge of incident response methodologies and technologies.

Desirable

  • Well-rounded background in network, host, database, and application security;

  • Knowledge and experience using SABSA methodology;

  • Experience implementing security controls in a global enterprise IT environment;

  • Experience driving a culture of security awareness;

  • Experience administering network devices, databases, and/or web application servers; and

  • Professional IT Accreditations (CISSP, CISM, CCSA, CCSE, JNCIA, CCNA, CCIE Security).

Competences and Behaviors

  • Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.

  • Ability to work within a dynamic and fast paced international environment

  • Ability to build rapport with other team members and relevant teams

  • Very good communication, presentation and negotiation skills

  • Technically innovative

  • Able to express technical and non-technical concepts clearly

  • Very good written skills to document complex concepts in a comprehensive, yet readable manner

  • Encourages people to be open and share their views

  • Considers a range of options that meet the needs of all stakeholders

  • Takes responsibility for projects and drives them to completion

  • Demonstrate clear and measurable results through the development of KPIs, goals and milestones

  • Drive innovation and best practice

  • Strive for standardization and simplification in all aspects of work

  • Able to balance the needs of the business against the desire for the best solution possible

#LI-LL

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-CO-Centennial

Other Locations GB-GB-London, US-NC-Morrisville

Work Locations: US-CO-Centennial-2154 East Commons 2154 East Commons Avenue Centennial 80122

Job: Technology

Organization: Technology & Operations

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Jul 12, 2017

Req ID: 1711441