Pearson Jobs

Job Information

Pearson Senior Security Engineer in Bloomington, Minnesota

Senior Security Engineer

Description

We are the world’s learning company with more than 24,000 employees operating in 70 countries. We combine world-class educational content and assessment,powered by services and technology, to enable more effective teaching and personalized learning at scale. We believe that wherever learning flourishes so do people.

The position will be located in the Bloomington, MN office - Minnesota Residence required .

As a Security Engineer, you will be responsible for testing, designing and implementing security controls and solutions driven by CISO and company policies and standards to reduce the risk to Pearson VUE and its customers. This includes enterprise-level design work for system security, cloud security, identity and access management, data protection and many more.

The Security Engineer is a member of the Cyber Security team and is responsible for reviewing security designs, implementing technical security controls, and designing security solutions. They will help implement the information security design, enforce compliance with security policies and controls and function as a technical security expert on various projects. This is a mid to senior technical role.

Security controls and best practices

  • Work closely with product and platform teams to implement security controls

  • Plan and monitor security measures

  • Work closely with functional-area architects, engineering, and security specialists throughout Pearson VUE to ensure adequate security solutions and controls are in place throughout all VUE systems, cloud systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements;

  • Provide security subject matter expertise and help project teams comply with enterprise and IT security policies, industry regulations, and best practices;

  • Assess and understand Pearson VUE current security posture and future architecture, providing a viable solution path to bridge the gap;

  • Assess and understand the current and planned security posture for platforms (e.g. servers, databases, web servers), providing recommendations for improvement and risk reduction;

  • Design security configuration standards, procedures, and guidelines for platforms such as baseline security configurations and hardening guides;

  • Communicate security risks and solutions to business partners and IT staff;

  • Coach developers on application security

  • Recognize, adopt, and instill industry leading practices in security engineering throughout the organization

  • Correctly balance security risk and product advancement

Secure DevOps/Secure SDLC

  • Identify and execute on opportunities to automate internal, cloud and platform security controls;

  • Provide subject matter expertise on, and conduct in-depth security reviews of software applications

  • Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk;

Incident Response

  • Support security incident response as required;

Research

  • Researches, designs, and advocates new technologies and security products that will support security requirements for the enterprise and its customers, business partners, and vendors;

  • Contributes to the development and maintenance of the information security strategy;

  • Evaluates and develops secure solutions, based on approved security architectures;

Security Tooling

  • Administer, configure, and support security tools

  • Assist with adoption of new/existing security tools as needed

  • Create/support integrations of security tools into central analytics system

  • Embrace a culture of continuous service improvement and service excellence;

  • Stay up to date on security industry trends.

Qualifications

Education and Experience:

  • Bachelor's degree in Computer Science, MIS, or equivalent technology discipline

  • 7 years minimum software development required (Java, .NET)

  • Working knowledge of application development tools, techniques, and platform technologies

  • Familiar with OWASP Secure Coding Practices

  • Familiar with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts

  • Familiar with REST API technology and methods

  • Ability to develop scripts in Python (or comparable language)

  • Experience in OOAD, agile processes, design patterns

  • Strong experience with logging and alerting platforms, including SIEM integration;

  • Some experience with relational database platforms such as MSSQL, MySQL, NoSQL databases;

  • Some proven ability in security process and organizational design;

  • Current understanding of Industry trends and emerging threats;Knowledge of incident response methodologies and technologies.

Desirable Skills:

  • Experience working in agile environment highly preferred

  • Well-rounded background in application security;

  • Experience implementing security controls in a global enterprise IT environment;

  • Experience driving a culture of security awareness;

  • Professional IT Accreditations (CISSP, CISM, CCSA, CCSE, JNCIA, CCNA, CCIE Security).

  • Experience in creating design documents, performing code reviews

  • Desire to expand knowledge in many development languages, applications, and tools

  • Proven ability to quickly learn new processes and tools, business domains and technical applications

  • Ability to think technically and analytically

  • Ability to understand philosophy of architecture

  • Ability to assimilate information, distill knowledge, apply experience and provide solution alternatives and recommendations

  • Must have strong time management skills - including ability to work well under pressure, plan, set priorities, adapt to change, and meet established timelines

  • Must be a self-starter and detail-oriented

#LI-POST

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-MN-Bloomington

Work Locations: US-MN-Bloomington-5601 Green Valley 5601 Green Valley Drive Suite 220 Bloomington 55437

Job: Technology

Organization: Assessments VUE

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Sep 14, 2020

Job Unposting: Ongoing

Schedule: Full-time Regular

Req ID: 2008388

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

DirectEmployers