Pearson Senior Cyber Security Threat Specialist in Durham, North Carolina
Senior Cyber Security Threat Specialist
At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into laptop lessons, we are always re-examining the way people learn best, whether it’s one child in our own backyard or an education community across the globe. We are bold thinkers and standout innovators who motivate each other to explore new frontiers in an environment that supports and inspires us to always be better. By pushing the boundaries of technology — and each other to surpass these boundaries — we create seeds of learning that become the catalyst for the world’s innovations, personal and global, large and small.
The role of the Cyber Security Threat Specialist will be to help identify, manage, monitor, analyze and communicate the information security risks associated with internal and external cyber threats that may result in harm or disruption to the company. The individual will support the Cyber Threat Intelligence and Investigations (CTII) team, and closely partner with key stakeholders from IT, Business and Corporate Support Functions to gather intelligence requirements in order to understand priorities and communicate the impact and context of analyzed threats. The individual will be directly involved in turning research and analysis into the production of threat intelligence reporting both strategic, operational and tactical in order to inform stakeholders of current and future threats to Pearson. The individual will help T&I management to develop metrics and to measure the effectiveness of practices and controls to mitigate threats and vulnerabilities as well as contributing to and developing the overarching threat intelligence strategy.
Additionally, the individual will work with teams to resolve information security related incidents events and related security breaches in a manner that ensures the safety of information system assets and confidential customer, consumer, employee and corporate data. The individual will also help identify and manage the implementation of threat intelligence and appropriate security controls, aligned with industry best practices to meet security objectives and standards while allowing flexibility for the businesses to manage their responsibilities.
As a member of the global Cyber Security Threat and Investigation Team, help to define, ratify, maintain and improve the threat intelligence program.
Implement and operate the Pearson Threat Intelligence Platform (TIP).
Use host-based and network forensic capabilities to develop information regarding Indicators of Compromise (IOC) and Tactics, Techniques & Procedures (TTPs) for threat actors and malware, which can be shared amongst other internal teams.
Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based appliances.
Perform cyber threat intelligence operations including threat hunting, intelligence collection (IOCs), tracking threat actors, identifying and tracking malicious infrastructure.
Respond to research requests from stakeholders with timely and accurate assessments and reporting.
Proactively research relevant threats, provide intelligence briefings to stakeholders and produce reports and intelligence products.
Partner with the lines of business to provide continuous awareness of key threats and risks that may impact the Business and assist with prioritisation of remediation efforts.
Support prototyping and continuous development/integration of tools to store, exchange, and analyse threat and incident data.
Consumption, curation and integration of open source and commercial intelligence feeds.
Drive and coordinate threat life cycle management, recommend actions that strengthen controls.
Assess and understand Pearson’s current security posture and future architecture, providing recommendations for Cyber Security improvement and risk reduction based on the wider intelligence picture.
Technical Skills and Experience:
Experience with Threat Intelligence or Incident Response processes.
Working knowledge of open/commercial threat intelligence feeds and formats (STIX/TAXII).
Experience of Open Source or Enterprise TIPS platform.
Prior experience with SIEM tools, such as Splunk.
Strong analytical skills (i.e., technical and non-technical problem-solving skills).
Familiarity with OSINT (Open Source Intelligence) data sources and usage.
Technical writing experience and ability to research, perform and articulate threat analysis
Creation of threat Intelligence products, strategic and technical.
Knowledge of current threat actors, including nation-state, criminal and hacktivist.
Experience with MITRE ATT&CK framework.
Use of scripting languages (Python, PowerShell, Bash etc).
Host, network, memory and log analysis experience.
Malware analysis/reverse engineering.
Appreciation of MacOS and Linux threats.
Countermeasure/detection writing – NIDS, Sigma, Yara etc.
Understanding of current geopolitical landscape.
Experience with cloud-platforms, such as AWS, Azure or GCP.
Infrastructure design, build and maintenance.
Exposure to red/purple team operations.
Usage of SOAR for automation.
Business Skills and Experience:
Ability to work across team boundaries to achieve goals
Proficient communication skills
Results driven, with a strong sense of accountability
Great team player to work with colleagues and managers
A pro-active, motivated approach while following management direction for task completion in time
The ability to operate with urgency and prioritize work accordingly
A structured and logical approach to solving business challenges.
Strong problem solving skills.
A creative and innovative approach to work.
The ability to manage workloads and tight deadlines.
Excellent attention to detail and accuracy.
Drive efficacy into all solutions delivered, demonstration clear and measurable results through the development of KPIs .
Drive innovation and best practice.
Strive for standardisation and simplification in all aspects of work.
Always cost conscious balancing the needs of the business against the provision of the best solutions possible.
Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.
Primary Location: US-TX-San Antonio
Other Locations US-NC-Durham, US-CA-San Francisco
Work Locations: US-TX-San Antonio-19500 Bulverde 19500 Bulverde Road San Antonio 78259
Organization: Technology & Operations
Employee Status: Regular Employee
Job Type: Standard
Shift: Day Job
Job Posting: Oct 13, 2020
Job Unposting: Ongoing
Schedule: Full-time Regular
Req ID: 2009677