Advanced Specialist, Cybersecurity

This is an advanced individual contributor role focused on providing hands-on cybersecurity expertise and risk guidance in support of Pearson’s business units and technology teams. This role serves as a trusted security specialist and advisor
, ensuring cybersecurity controls, risk management practices, and secure-by-design principles are effectively applied across products, platforms, and operations.

The BISO operates as a subject-matter expert
, independently handling complex security tasks, analyzing risk, and supporting remediation efforts. The role regularly provides technical guidance, mentoring, and influence to engineers, architects, and product teams, but does not carry formal people management or executive decision-making authority
.

Typical activities include conducting and supporting risk assessments, reviewing security architecture and controls, assisting with incident response analysis, validating compliance evidence, and identifying patterns or gaps that require corrective action. Risk at this level is associated with incomplete implementation of controls, misinterpretation of findings, or delayed remediation
, which the role mitigates through strong technical judgment and collaboration.

The BISO collaborates closely with Business Unit technology teams and enterprise security partners, helping ensure alignment with Pearson security standards while enabling innovation and customer trust.

Act as a primary cybersecurity subject-matter expert for assigned Business Unit initiatives and technology teams.

Provide practical security guidance that helps teams design, build, and operate secure systems and products.

Support business and technology stakeholders by translating security requirements into actionable technical controls.

Conduct and support security risk assessments
, threat modeling, and control evaluations.

Partners with technology leads to identify, document, and track remediation actions for security risks.

Escalate material risks to appropriate enterprise security stakeholders when needed, ensuring accurate documentation and follow-through.

Support the adoption of security-by-design practices throughout the technology and product life cycles.

Review solution designs, architectures, and implementations to validate alignment with Pearson security standards.

Assist teams in understanding and integrating new security controls, tools, or processes.

Provide technical expertise during security incidents
, investigations, and post-incident reviews.

Contribute to incident documentation, root cause analysis, and lessons learned
, recommending improvements to prevent recurrence.

Assist with remediation of vulnerability findings and security issues.

Work closely with product managers, engineers, architects, and security colleagues to embed security controls into delivery workflows.

Serve as a trusted point of contact for security-related questions from internal teams and stakeholders.

Influence outcomes through expertise, data, and recommendations rather than authority.

Contribute to security reporting, metrics, and dashboards by validating data accuracy and highlighting trends.

Identify recurring control gaps or process issues and recommend practical improvements
.

Support audits and compliance activities by preparing and reviewing evidence and responses.

Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field preferred
.

Equivalent practical experience will be considered.

6–9 years of experience in cybersecurity, information security, IT risk, or related technical roles.

Demonstrated experience performing risk assessments, security reviews, vulnerability management, or incident support
.

Experience working with cross-functional technology teams in SaaS, platform, or enterprise environments
.

Proven ability to work independently on complex problems and influence outcomes through expertise
.

Experience working with Business Intelligence tools, Risk…