Pearson Jobs

Job Information

Pearson Security & Information Risk Compliance Manager in Columbia, Maryland

Security & Information Risk Compliance Manager

Description

At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into laptop lessons, we are always re-examining the way people learn best, whether it’s one child in our own backyard or an education community across the globe. We are bold thinkers and standout innovators who motivate each other to explore new frontiers in an environment that supports and inspires us to always be better. By pushing the boundaries of technology — and each other to surpass these boundaries — we create seeds of learning that become the catalyst for the world’s innovations, personal and global, large and small.

Security & Information Risk Compliance Manager

Responsibilities

Trusted security advisor to the Pearson Online & Blended Learning (OBL) business; working with business and technology stakeholders to implement product security compliance to Pearson's Security Policy, communicate security risk requirements (non-functional) and where appropriate participate in Value stream analysis to help prioritize security work in the development process

  • Work closely with product, platform and central CISO service teams to engineer and implement security controls

  • Automatic scanning (Static and Dynamic)

  • Analysis on reports

  • Identify trends and assist remediation activities

  • Assist in implementing an automated framework for Security Tool deployment and development, and manage continuous compliance

  • Work with product and CISO service teams to implement API Security, Container Security, AWS Cloud Security.

  • Apply knowledge and/or skills of security risk/posture assessment and requirements based hardening; Appsec, Encryption, Data Privacy/Protection, automation and tool integration.

  • Identify information security risks within the OBL business and ensure they are tracked and remediated in accordance with CISO's ISMS.

  • Ensure business, product and platform teams are fully aware of their security responsibilities.

  • Manage the day-to-day monitoring and performance of the IT SOX program

  • Collaboratively partner with adjacent functional areas in Internal Audit, portfolio operating companies, IT, HR, Finance, and external audit organizations in identifying and managing risks

  • Provide and perform independent assurance and validation activities over common security controls including both administrative and technical procedures

  • Perform and oversee the risk assessment framework and processes in identifying technical and administrative control gaps

  • Drive continuous process improvement measures through use of metrics, workshops, and relationship building

  • Maintain a security controls framework that consists of standards, measures, practices, and procedures that provides assurance of compliance to regulatory requirements

  • Manage an Exceptions/Variance program that tracks program risk against policies and standards

Qualifications

Skill set Requirements:

  • 3 years experience in Information Security

  • AWS and Azure cloud security certifications

  • ISC2 CISSP Certification

  • Some development experience background with one or more tools / technologies

  • Experience of CI/CD - Deployment pipeline experience (Jenkins)

  • Good working knowledge of development languages (Java, .NET, Python)

  • RDBMS security knowledge

  • Security expertise in OWASP top 10 vulnerabilities identification and remediation

  • Familiarity with Code Scanning tools (Static and Dynamic)

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-MD-Columbia

Work Locations: US-MD-Columbia-Grantchester Merriweather 10960 Grantchester Way Two Merriweather Columbia 21044

Job: Technology

Organization: Technology & Operations

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Jun 12, 2019

Job Unposting: Ongoing

Schedule: Full-time Regular

Req ID: 1907726

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

DirectEmployers