×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Lead Specialist, Information Security

Job in Bengaluru, 560001, Bangalore, Karnataka, India
Listing for: Pearson
Full Time position
Listed on 2026-02-08
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Location: Bengaluru

Job Title:

– Lead Specialist, Information Security

Role Overview

Cybersecurity Governance, Risk & Compliance function sits within the Chief Information Security Office as part of the Digital and Technology organisation that consists of a wide range of shared services reporting to the Chief Information Officer at Pearson.

We are seeking a Cybersecurity GRC professional with strong experience in reviewing supplier and customer contracts, supporting customer security questionnaires and contractual security clauses, and helping to scale GRC processes through automation and tooling.

This role sits at the intersection of cybersecurity, risk, and legal, partnering closely with Data Privacy, Legal, Technology Procurement, and Technology teams to ensure security requirements are assessed, negotiated, and managed efficiently without slowing the business.

A legal, compliance, or contract-focused background (formal or practical) is highly desirable.

Key Responsibilities

Contract Review & Negotiation (Customer & Supplier)

Review customer and supplier contracts for cybersecurity, data protection, privacy, and risk-related clauses.
Assess contractual requirements against internal security controls, policies, and certifications (e.g. ISO 27001, SOC 2, Cyber Essentials).
Support Legal and Commercial teams during contract negotiations, advising on acceptable security positions, deviations, and risk trade-offs.
Identify and document non-standard security obligations and ensure appropriate risk acceptance or remediation plans are in place.
Maintain and improve security contract clause libraries and standard positions.
Support Sales, Legal, and Procurement teams by providing clear, pragmatic security positions that minimise unnecessary negotiation and friction.
Ensure customer security questionnaires and contract reviews are completed in a way that protects the organisation while supporting rapid deal closure.

Customer Assurance & Sales Enablement

Respond to customer security questionnaires, due diligence requests, and contractual security queries.
Act as a subject matter expert for customer-facing security discussions, supporting Sales and Customer Success teams.
Ensure responses are accurate, consistent, scalable, and reusable.

GRC Automation & Tooling

Help design, implement, and optimise GRC tooling and automation (e.g. contract review workflows, questionnaire automation, evidence repositories).
Identify opportunities to reduce manual effort through:
Automated questionnaire responses
Clause mapping and standardised positions
Workflow tooling and dashboards
Partner with Legal, Procurement, and IT to embed GRC processes into business-as-usual tooling.
Identify and eliminate unnecessary complexity in security requirements, documentation, and workflows.
Continuously improve turnaround times for:
Customer security reviews
Contractual security assessments
Supplier risk evaluations
Measure and track improvements in time-to-market and operational efficiency as part of GRC process maturity.

Governance, Risk & Compliance

Policy Maintenance and Updating
Maintain and update cybersecurity policies and standards in line with the evolving threat and compliance landscape, including frameworks such as NIST.
Ensure all policies are current, comprehensive, and in compliance with industry standards and regulatory requirements.
Collaborate with stakeholders to review and implement policy changes as necessary.
Support the maintenance of security policies, standards, and control mappings.
Contribute to internal and external audits where contractual obligations are in scope.
Help mature the organisation's risk management posture.
Collaborate closely with leaders and teams across Digital and Technology organisation to align portfolio initiatives with the cybersecurity strategy and business objectives
Extend the portfolio management role to include overseeing the governance function, ensuring compliance with applicable laws, regulations, and industry standards, as well as internal policies and procedures
Establish and maintain strong relationships with key stakeholders, including business leaders, technology teams, and external partners, to ensure effective communication,…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search