Career.lk

About PEARSON

Pearson is the world’s leading learning company, with over 41,000 people in more than 70 countries, helping people of all ages to make progress in their lives through all kinds of learning.

Pearson owns brands such as Financial Times, Penguin and Pearson Education with overall revenue of over $9.4 B in 2011. Pearson has over 40,000 employees working out of offices in over 70 countries.

We are Pearson Lanka, a core part of Pearson's global Learning Technologies team. We build and manage some of the industry leading cloud based learning platforms that serve millions of students across the world. Over the years, we have built a strong Agile Development team, and we are now looking to expand aggressively over the next 12 months.  The industry leading cloud-based technology platforms of Pearson help educate more than 30 million students across the globe.

The 150+ strong engineering team based out of the Colombo office works dedicatedly to service Pearson technology companies located in North America, Europe and Australia.

At Pearson, we aim to be the best company to work for in the world. It is part of our philosophy to provide benefits, profit share plans, development opportunities and a culture that beats anywhere else. If you are 'always learning', and have a passion for technology and creativity, send in your resume and join our exciting engineering culture.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Identify, manage, and mitigate risks and vulnerabilities in a complex and diverse application landscape.
• Perform application vulnerability tests
• Drive the adoption of security testing in the quality assurance testing phase which includes both manual and automated security test cases.
• Work with multiple testing teams, both internal and third party, to advise on security requirements, influence design decisions, mitigate known risks and remediate vulnerabilities
• Serve as a liaison between quality assurance and the security team
• Ensure production system and application stability, performance and availability thru the appropriate use of security practices and procedures.
• Promotes security awareness and mentors other team members about information security
• Report progress of security testing and issues to SQE Manager and security team on a regular basis 
• Performs other duties as assigned.

KNOWLEDGE, SKILLS AND ABILITIES

• Have a solid knowledge of the Secure Development Lifecycle and experience in agile development methodologies
• Able to articulate vulnerability fixes to a variety of roles
• Experience working in a high-availability, high-transaction, and rapidly scaling IT environment which supports Internet-based applications.
• Experience with automation using tools like Selenium, Fitness and Testing
• Assist with supporting the automation framework and work on automation
• Can write Java/.NET code in the selenium framework, or some other service testing framework
• Familiarity with common application security testing tools like Burp Suite, ZAP Proxy or AppScan.
• Experienced with scripting languages and able to write security test cases
• A high level understanding of web applications and architectures, relational databases, and hardware architectures, and ability to effectively apply the principles of information security to the IT environment.
• Project management: Able to assess needs, define objectives, identify resources needed to achieve objectives and begin implementation towards goal completion
• Superior oral, written, and presentation abilities in front of upper management as well as peers 

CERTIFICATES, LICENSES, REGISTRATIONS

• Relevant Information Technology, Network and Application Security Certifications a plus, CISSP, CSSLP or equivalent preferred.

EDUCATION and/or EXPERIENCE

• 6-10+ year's information security or network security experience
• Bachelors Degree in an IT related discipline or equivalent 

Please use the apply button below to send your job application to us.