Security Engineer III at Pearson PlcWestminster

Bangalore, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

30 Aug, 26

Salary

0.0

Posted On

01 Jun, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Secure Code Review, SCA, DAST, SAST, Penetration Testing, CI/CD Security, Python, Java, JavaScript, Generative AI, OWASP Top 10, Cryptography, Threat Modeling, AWS, Azure, Kubernetes

Industry

Education

Description

About Pearson At Pearson, we are committed to transforming learning through technology. As a global leader in education, we leverage cutting-edge digital platforms, AI-driven solutions, and secure systems to deliver impactful learning experiences to millions worldwide. Our culture emphasizes innovation, collaboration, and continuous improvement—making it an ideal place for passionate professionals to grow and make a difference. -------------------------------------------------------------------------------- Role: Application Security Engineer We are seeking a highly skilled and motivated Application Security Engineer to join our growing security team. In this role, you will play a critical part in securing our applications by embedding security throughout the Software Development Lifecycle (SDLC), identifying vulnerabilities, and enabling development teams to build secure, resilient systems. -------------------------------------------------------------------------------- Key Responsibilities * Perform secure code reviews, dependency analysis (SCA), and dynamic security testing (DAST) across a range of applications. * Conduct manual security assessments and penetration testing to identify vulnerabilities. * Integrate security best practices into SDLC and CI/CD pipelines. * Collaborate closely with engineering teams to design and implement secure-by-design applications. * Design and implement robust authentication and authorization mechanisms. * Drive adoption of modern application security practices and frameworks. * Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques. * Deliver secure coding training sessions and awareness programs for developers. * Conduct risk assessments and provide actionable recommendations for mitigation. -------------------------------------------------------------------------------- Qualifications & Skills * 6+ years of combined experience in software development, cybersecurity, and application security. * Hands-on experience with SAST, DAST, and SCA tools. * Strong knowledge of secure SDLC practices and CI/CD security integration. * Proficiency in Python, Java, or JavaScript. * Understanding of AI technologies such as Generative AI and Agentic systems. * Knowledge of security frameworks (OWASP Top 10, NIST, CIS). * Strong grasp of cryptography, authentication, and authorization protocols. * Experience in threat modeling (experience with commercial tools is a plus). * Familiarity with cloud and container security (AWS, Azure, Kubernetes). * Excellent communication and collaboration skills. -------------------------------------------------------------------------------- Preferred Qualifications * Bachelor’s degree in Computer Science, Cybersecurity, or related field. * Industry certifications such as: * OSCP / OSWE * GWAPT / eWPT * CISSP, CSSLP, or CEH (with application security focus) -------------------------------------------------------------------------------- Why Join Pearson? * Work on cutting-edge security challenges in a global organization. * Be part of an innovative and collaborative environment. * Competitive compensation and benefits package. * Opportunity to influence secure product development at scale. * Hybrid work model (Chennai / Bangalore) with 3 days in-office collaboration.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The role involves embedding security throughout the SDLC by performing secure code reviews, vulnerability assessments, and penetration testing. The engineer will collaborate with development teams to design secure-by-design applications and implement robust authentication mechanisms.