Pearson Senior DevSecOps Engineer in Durham, North Carolina
We are the world’s learning company with more than 24,000 employees operating in 70 countries. We combine world-class educational content and assessment,powered by services and technology, to enable more effective teaching and personalized learning at scale. We believe that wherever learning flourishes so do people.
A security minded DevOps engineer or a Security Engineer with a depth of DevOps (i.e. config mgmt, CI/CD, automated testing, shift left security) experience.
You will be responsible for helping application development teams identify security threats/risks via Threat Modelling implementing security controls to mitigate those threats.
Requires a reasonable level of web application and cloud infrastructure knowledge and the common attacks against them.
You will have a good working knowledge of auomated security testing tools and integrating them in to applicaiton CI/CD pipelines.
Required knowledge areas:
Infrastructure as code (mostly in Terraform)
Configruation management (mostly in Ansible)
Configuring CI/CD pipeline jobs and templates (Gitlab, Jenkins) & integrating security tooling
Knowledge of common attack scenarios and how to protect against them (i.e. OWASP Top 10)
Basic scripting ability in Python or BASH
Understanding of Threat Modelling and how to identify specific security requirements for a project
The more you know the better:
Java secure coding practices
Identity and access mananagement
Protective monitoring (SIEM)
Learning is the most powerful force for change in the world. More than 20,000 Pearson employees deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We are the world’s leading learning company. Learn more at pearsonplc.com.
Pearson believes that wherever learning flourishes, so do people. We are committed to being an anti-racist company in everything we do. We value the power of an inclusive culture and a strong sense of belonging. We promote a culture where differences are embraced, opportunities are accessible, consideration and respect are the norm, and all individuals are supported in reaching their full potential. Through our talent, we believe that diversity, equity, and inclusion make us a more innovative and vibrant place to work. People are at the center, and we are committed to a sustainable environment and workplace where talent can learn, grow, and thrive.
To learn more about Pearson’s commitment to a diverse and inclusive workforce, please click here:
Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. All employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status, or any other group protected by law.
Organization: Technology & Operations
Req ID: 2109571