Pearson Jobs

Job Information

Pearson Associate Cloud Security​ Engineer in Colombo, Sri Lanka

Associate Cloud Security​ Engineer


Role Description:

The Cloud Security Engineer is responsible for the security posture of the infrastructure supporting our cloud-based applications, including but not limited to:

  • Visibility and assessment of the security configuration of cloud services

  • Automation of security controls into CI/CD deployment pipelines

  • API driven centralization of security metrics and data

  • Actionable security data to improve security and reduce risk

  • Enabling self-service security controls with pre-defined minimal guardrails

Main Responsibilities:

As a direct report to Senior Manager of Security Service Engineering, you will have the following accountabilities:

  • Analyze security infrastructure controls balancing risk with benefits tailored to the overall Pearson security standards

  • Assess and understand the current and planned security posture for new cloud application deployments, providing recommendations for improvement and risk reduction

  • Recommend, design, and implement security solutions for cloud-based environments, including an understanding of the cloud provider’s built-in security controls and integration/augmentation of those controls into commercial security solutions residing in the cloud and/or in company data centers

  • Interface effectively with the infrastructure and operations team to implement security solutions and controls

  • Design technical security standards and specifications for Pearson and mechanisms for assessing compliance with them

  • Identify and execute on opportunities to automate security controls

  • Design and build controls to address security risks and events as identified

  • Design and implement security infrastructure solutions by integrating commercial and open-source solutions into Pearson’s security governance/architecture

  • Define clear, concise, and executable standard operating procedures and documentation for any implemented solutions for formal operational handoff

  • Recognize, adopt, and instill industry leading practices in security engineering throughout the organization

  • Provide subject matter expertise on, and conduct in-depth security reviews of new cloud services and software-as-a-service (SaaS) offerings as they are identified for use

  • Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk

  • Embrace a culture of continuous service improvement and service excellence

  • Stay up to date on security industry trends



  • 2 years in Information Security space

  • 2 years with AWS security services and controls at scale (50 cloud accounts)

  • Experience securing server platforms, including both Linux and Windows

  • Strong experience with API integration of multiple solutions to provide an overall architecture, including proficiency in making in API calls and data manipulation using python

  • Technical knowledge of cloud orchestration/deployment solutions, such as terraform, CFTs, jenkins, chef, gitlab, bitbucket and how to integrate security control checks directly into the pipeline

  • Strong experience with managing security data, including structuring data into prioritized, actionable reports and summarization of data by teams and business units

  • A wide variety of experience with security controls, including but not limited to access, authorization, encryption, key management, event correlation, and auto-remediation

  • General knowledge on how to use and secure cloud resources, such as compute instances, container instances, serverless code, databases, load balancers, networking, logging, web application firewalls

  • Strong oral, written, and presentation abilities

  • Current understanding of Industry trends and emerging threats


Formal education or equivalent experience (note: this is the minimum requirement. Equivalent experience in lieu of a formal degree should be listed.)

  • Bachelor’s degree or appropriate combination of education and experience.

  • Experience in implementing/configuring standard controls across , Google Cloud Platform (GCP), and Azure with centralized reporting

  • Well-rounded background in host, network, database, and infrastructure security

  • Experience implementing security controls in a self-service environment

  • Understanding of general application security, secure communication methodologies, and cloud-based network/firewall security

  • Professional IT Accreditations (CISSP, AWS Security, GCP Security, Azure Security) AWS

  • Other qualifications helpful such as CCNA, MCSE, RHCE, CCSA

Primary Location: LK-1-Colombo

Work Locations: LK-Colombo-Orion City Rigel Bldg Orion City Rigel Bldg No 752 Dr. Danister De Silva Mawatha Colombo 900

Job: Technology

Organization: Technology & Operations

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Oct 28, 2020

Job Unposting: Ongoing

Schedule: Full-time Regular

Req ID: 2009281

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.