**Cloud Security Engineer**
The engineer will provide inputs for design, testing, engineering, automation, API integration, and implementation of security solutions in all aspects of Information Security.
**Specific Roles and Responsibilities include:**
As a direct report to the VP Security Engineering, Product Information Security Officer (PISO), you will have the following responsibilities:
Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps
● Web app/ Web service security - ideally experience pen testing web apps/services built in AWS
● Hands-on Threat modeling using attack trees, identifying application, cloud threats
● Microservice architecture expertise and identify best practices in securing microservices
● S-SDLC - pre-commit/pre-receive hooks, dependency scanning, SAST, vuln scanning, DAST to identify security issues such as OWASP
● Solid experience and background working with AWS services (EC2, VPC, ELB, S3, CloudFormation, RDS, Lambda, SNS, etc.)
● Proficiency with the AWS CLI
● Familiarity with build & release automation tools and methodologies like Jenkins, Gitlab required
**Requirements:**
● AWS Associate architect , Security Certifications
● Strong Development background with one or more tools / technologies
● CI/CD - Deployment pipeline experience (Jenkins, Ansible, Terraform)
● Familiarity with REST API design
● Python / Golang/ Java / Database expert level
● Devops container/orchestration tools (Kubernetes, Docker, Puppet, etc)
● AWS Deep knowledge
● 5+ years in Information Security
+ Configure and execute security vulnerability scanning such as Static Scanning, Dynamic Scanning, Open Source, Cloud Scanning, Platform and container scanning.
+ Identify patterns and improve overall security for AMI, Containers, Platform
+ CI/CD Security gates, quality gates
+ Help development, and cloud teams to remediate findings
+ Microservice architecture expertise and identifying best practices in securing microservices
+ Solid experience and background working with AWS services (EC2, VPC, ELB, S3, CloudFormation, RDS, Lambda, SNS, etc.)
Learning is the most powerful force for change in the world. More than 20,000 Pearson employees deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We are the world’s leading learning company. Learn more at pearsonplc.com.
Pearson believes that wherever learning flourishes, so do people. We are committed to being an anti-racist company in everything we do. We value the power of an inclusive culture and a strong sense of belonging. We promote a culture where differences are embraced, opportunities are accessible, consideration and respect are the norm, and all individuals are supported in reaching their full potential. Through our talent, we believe that diversity, equity, and inclusion make us a more innovative and vibrant place to work. People are at the center, and we are committed to a sustainable environment and workplace where talent can learn, grow, and thrive.
To learn more about Pearson’s commitment to a diverse and inclusive workforce, please click here: http://www.pearson.com/careers/diversity-and-inclusion.html
Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. All employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status, or any other group protected by law.
**Job:** TECHNOLOGY
**Organization:** Corporate Strategy & Technology
**Schedule:** FULL\_TIME
**Req ID:** 10421