Cloud Security Engineer

Location : Madrid, Spain (Remote or Hybrid

About Pearson : Our purpose : At Pearson we ‘add life to a lifetime of learning’ so everyone can realise the life they imagine. We do this by creating vibrant and enriching learning experiences designed for real-life impact.

About English Language Learning (ELL) : We aspire to become the world's leading destination to learn and improve English language skills.

About the role : Are you passionate about planning, implementing, upgrading, or monitoring security measures for the protection of Company systems? We are thrilled to announce a great opportunity to join our team as a Cloud Security Engineer. As a member of the cloud security team, you will be responsible for maintaining and elevating the security across our environments. The main goal of this role is to reduce risk while allowing the business to operate quickly, safely, and efficiently.

Key Accountabilities :

• Well versed with Cloud Security standards, SDLC and DevSecOps processes and tools.
• Serve as a subject matter expert for security for applications and processes.
• Be the single point of contact for Security Central team.
• Collaborate with security leadership, engineering, and compliance to execute security strategies.
• Evaluate new technologies and tools that will impact organization security.
• Explore new threats, attack methods, and techniques.
• Assess our current cloud security and propose improvements or solutions across Pearson infrastructure.
• Assist other teams in solving security issues in a manner that complies with business requirements and best practices.
• Drive adoption of security and privacy policies and procedures across ELL products.
• Provide, when required, security training and guidance for developer teams.
• Review existing applications and software to identify security improvements.
• Monitor system activities, logs, and alerts.
• Collaborate with CISO organisation in developing and refining product security best practices.
• Maintain documentation of application security controls.
• Perform application vulnerability assessments and evaluations.
• Provide guidance and oversight for the correction of discovered vulnerabilities.
• Provide DevOps with security oversight and design guidance.
• Integrate security into the development lifecycle of software (SDLC).
• Identify application logs that should be monitored by SIEM and ensure logs are being sent to SIEM.

Experience, Skills, and Knowledge :

• Most important skill : self-drive, proactiveness, and passion for work.
• Previous experience working in an application security role.
• Good experience in DevSecOps processes.
• Thorough understanding of cloud and network security and web protocols.
• Knowledge of modern cloud technology components and deployment patterns.
• Experience deploying services in a multi-cloud environment – AWS, GCP, Azure.
• Experience using security tools such as : Snyk, Insight AppSec (Rapid7), Qualys Guard, Insight Cloud Sec (Divvy Cloud), Irius Risk.
• Experience with vulnerability scanners, static analysers, IDS / IPS, firewalls, and endpoint security monitoring.
• Experience developing software with object-oriented languages.
• Experience with database programming and administration.
• Experience with log management and / or correlation systems.
• Fluent in one or more programming or scripting language.
• Knowledge of secure development lifecycle principles.
• Strong analytical problem-solving skills.
• Communication skills, being able to elevate the work to senior management and influence senior stakeholders.

Benefits :

• 24 Days annual leave (increasing by 1 day with every 2 years of continuous service up to 30 days).
• Life insurance.
• Discounts on books and access to digital content and other development and training.
• International environment.
• If you live in Madrid, you will be able to enjoy our brand-new office because we have a remote / hybrid working model policy in place!

Diversity : At Pearson we value the power of an inclusive culture and a strong sense of belonging.

Flexible working : Pearson is committed to hybrid working practices and has adopted flexible remote and virtual working.

How to apply : Please submit an updated CV and cover letter (optional) in English. If you have any additional questions or require further information, please do not hesitate to reach out to us.

We look forward to receiving your application - Pearson Recruitment

J-18808-Ljbffr