AppSec Jobs
← Back to all jobs

Pearson

Security Engineer III

Hybrid
Chennai, Tamil Nadu, IndiaPosted 4 days agoWebsite
Apply on LinkedIn →

At a Glance

AWSAzurePythonJavaJavaScript/TypeScriptKubernetes

About This Role

We are seeking a highly skilled and motivated Application Security Engineer to join our growing security team. In this role, you will play a critical part in securing our applications by embedding security throughout the Software Development Lifecycle (SDLC), identifying vulnerabilities, and enabling development teams to build secure, resilient systems.

Responsibilities

  • Perform secure code reviews, dependency analysis (SCA), and dynamic security testing (DAST) across a range of applications.
  • Conduct manual security assessments and penetration testing to identify vulnerabilities.
  • Integrate security best practices into SDLC and CI/CD pipelines.
  • Collaborate closely with engineering teams to design and implement secure-by-design applications.
  • Design and implement robust authentication and authorization mechanisms.
  • Drive adoption of modern application security practices and frameworks.
  • Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques.
  • Deliver secure coding training sessions and awareness programs for developers.
  • Conduct risk assessments and provide actionable recommendations for mitigation.

Requirements

SASTDASTSCACI/CDPythonJavaJavaScriptOWASPNISTAWSAzureKubernetesOSCPCISSP
  • 6+ years of combined experience in software development, cybersecurity, and application security.
  • Hands-on experience with SAST, DAST, and SCA tools.
  • Strong knowledge of secure SDLC practices and CI/CD security integration.
  • Proficiency in Python, Java, or JavaScript.
  • Understanding of AI technologies such as Generative AI and Agentic systems.
  • Knowledge of security frameworks (OWASP Top 10, NIST, CIS).
  • Strong grasp of cryptography, authentication, and authorization protocols.
  • Experience in threat modeling (experience with commercial tools is a plus).
  • Familiarity with cloud and container security (AWS, Azure, Kubernetes).
  • Excellent communication and collaboration skills.
  • Bachelor's degree in Computer Science, Cybersecurity, or related field (preferred).
  • Industry certifications such as OSCP/OSWE, GWAPT/eWPT, CISSP, CSSLP, or CEH with application security focus (preferred).

Benefits & Perks

Work on cutting-edge security challenges in a global organization.
Be part of an innovative and collaborative environment.
Competitive compensation and benefits package.
Opportunity to influence secure product development at scale.
Hybrid work model (Chennai / Bangalore) with 3 days in-office collaboration.

About Pearson

Pearson is a global education and publishing company with a history that dates back to 1844. Originally founded as a construction firm in Yorkshire, England, it has transformed into the world's largest learning company, focusing on educational materials and services. Headquartered in the UK, Pearson operates in over 70 countries and employs more than 41,000 people. The company specializes in education publishing and learning services. Its offerings include textbooks and digital learning resources for K-12, higher education, and professional markets, serving over 100 million learners globally. Pearson also develops educational assessments and testing programs, and has invested in digital education technologies to support personalized and online learning. With well-known imprints like Addison-Wesley and Prentice Hall, Pearson publishes a wide range of educational content. Its customers include educational institutions, students, professional learners, and government authorities, all benefiting from Pearson's extensive resources and expertise in education.

Industry

education management

Employees

18,000

2144 engineers

Revenue

$4.6B

Website

Visit →

Security at Pearson

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Pearson's Application Security team is responsible for the security of Pearson learning management applications.
  • They provide security training to their developer community through in-person sessions, webinars, and online courses.
  • Their philosophy emphasizes embedding security into every stage of CI/CD pipelines and supporting security initiatives related to AI/ML-driven development.
  • They also maintain a 24x7 Security Operations Center (SOC) that monitors and responds to security incidents, with a principle of reporting anything that doesn't seem right to the SOC.

Security Team

Pearson's Application Security team is responsible for the security of Pearson learning management applications. Information regarding named, public-facing Application Security leaders, team size, and organizational chart with AppSec headcount is not publicly available.

Key Initiatives

Pearson provides security training to its developer community through in-person sessions, webinars, and online courses. They aim to embed security into every stage of their CI/CD pipelines and lead a Developer Security Champion program. The team also supports security initiatives related to AI/ML-driven development. Information regarding explicit vulnerability triage SLAs, MTTR targets, ticketing workflow details, or recent (last 6 months) specific new AppSec programs or tool rollouts is not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.

Interested in this role?

Apply on LinkedIn