Register  |  Log In  |  Contact Us

Senior Information Security Analyst

Contract Type
Education, Media & Communications
Iowa City, IA, 52240, USA
Expiry Date
Senior Information Security Analyst Description At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into lapto...

Job Description

Senior Information Security Analyst


At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into laptop lessons, we are always re-examining the way people learn best, whether it’s one child in our own backyard or an education community across the globe. We are bold thinkers and standout innovators who motivate each other to explore new frontiers in an environment that supports and inspires us to always be better. By pushing the boundaries of technology — and each other to surpass these boundaries — we create seeds of learning that become the catalyst for the world’s innovations, personal and global, large and small.

The Senior Information Security Analyst understands information security concepts, practices, and procedures common within the information security and assurance field. Completes tasks designed to protect the organization's computers, networks, systems, and information assets against unauthorized access, modification, or destruction. Uses risk analysis as a guiding principle in the assessment, development, and implementation of information security controls. Applies critical thinking and problem-solving skills to identify threats, vulnerabilities, and risks arising from gaps and weaknesses in the controls environment. Operates and manages information security tools used to detect information security vulnerabilities. Works with cross-functional teams to design and implement appropriate, risk-based information security controls. Works with end users to determine needs of individual departments, implements policies or procedures, and tracks compliance through the organization. Familiar with IEC/ISO27001, NIST Cybersecurity Framework, HITRUST, and similar information security standards and control frameworks. Works under general supervision and relies on experience and judgment to plan and accomplish goals. A certain degree of creativity and latitude is required in the design and application of information security concepts and solutions.

Primary Responsibilities:

  • Lead team of security engineers focused on vulnerability management of systems and applications
  • Maintain vulnerability management processes and tools.
  • Assist with information security risk management activities and assessments.
  • Assist cross-functional technical teams to facilitate remediation of identified system vulnerabilities and control weaknesses.
  • Assist solution architects in designing, documenting, and implementing information security remediation solutions.
  • Provide support and guidance to business and technical stakeholders regarding information security requirements and recommendations.
  • Perform threat and vulnerability analysis, including forensic investigation of actualized vulnerabilities.
  • Work as a cross-functional member supporting the entire lifecycle of application management in a highly dynamic cloud environment in Amazon AWS


Primary Qualifications:

  • Bachelor’s degree in computer science, Business Administration or equivalent educational or professional experience and/or qualifications.
  • Experience leading a team in the area of vulnerability management
  • Experience with industry leading vulnerability scanning tools (Nessus, Qualys, or similar)
  • 5 years of information security experience required
  • 5 years of experience with information technology audits and assessments preferred
  • Familiarity with privacy laws, data protection/security regulations, and frameworks, such as BITS, SOC 2, COBIT etc.
  • Experience with information security concepts as they relate to cloud security and compliance
  • Familiarity with Amazon Web Services (AWS) control and governance concepts preferred
  • Negotiation skills needed to obtain commitments to remediate risks and vulnerabilities from leadership of other teams
  • Possess a solid understanding of underlying infrastructure architecture including WANs, LANs, Internet, intranets, cloud computing, and communication protocols such as TCP, UDP, and IPSEC
  • Excellent communication, listening and facilitation skills

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Primary Location: US-IA-Iowa City

Work Locations: US-IA-Iowa City-2510 North Dodge 2510 North Dodge Street Iowa City 52245

Job: Technology

Organization: Assessments School

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Apr 19, 2018

Job Unposting: Ongoing

Schedule: Full-time Regular

Req ID: 1805617

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled