Lead Specialist, Cybersecurity

Job Overview:

This role aligns to industry-level title such as Business Information Security Officer (BISO), is a leadership role focused on providing security guidance to the whole of Pearson. This individual serves as the primary security leader and strategic partner for the assigned Business Unit(s), ensuring cybersecurity is integrated into divisional operations, product delivery, and customer trust.

BISOS are trusted technical leads, regularly delivering complex tasks, leading vulnerability management efforts, and ensuring security architecture is executed to high standards. They are points of contact for teams requiring in-depth guidance on responding to incidents or remediating problematic findings. While acting as technical mentors, their primary attention is on ensuring controls are applied effectively, compliance checks are accurate, and projects achieve desired outcomes with minimal risk. Typical activities involve supporting project planning, drafting incident case reports, and recommending process improvements based on identified trends. Risk at this stage centers on incomplete application of controls or misunderstanding root causes, which could delay remediation or allow issues to persist unnoticed.

This role is responsible for shaping divisional security governance, managing risk, and driving security initiatives that enable innovation while protecting Pearson's global testing and assessment platform. The BISO will directly engage with Business Unit (BU) leadership and technology teams, while also collaborating with enterprise security and business stakeholders to ensure seamless alignment.

Key Responsibilities:

Strategic Leadership & Business Partnership

• Act as the executive-level cybersecurity advisor to BU leadership, ensuring security priorities align with divisional strategy.



• Serve as the bridge between BU technology teams, divisional stakeholders, and the Office of CISO.

Governance & Alignment

• Lead monthly divisional governance meetings with leadership to report on risks, controls, and ongoing initiatives.



• Ensure consistent alignment between BU and enterprise security objectives, embedding security into the division's product and technology roadmap.

Risk Management

• Oversee divisional risk assessments and drive mitigation strategies in partnership with technology leads.



• Escalate and track risks to the enterprise level where needed, ensuring visibility and accountability.

Security Change Leadership

• Drive adoption of new security capabilities and processes within the assigned Business Unit or division.



• Ensure security by design is built into technology lifecycle, protecting customer trust and business operations.

Collaboration & Stakeholder Engagement

• Partner with product managers, architects, engineers, and business leaders to integrate security controls into product delivery.



• Serve as the trusted point of contact for security inquiries from regulators, partners, and customers specific to.

Metrics & Reporting

• Develop divisional security dashboards and report progress to enterprise leadership.



• Provide visibility into divisional risk posture, control maturity, and ongoing improvement initiatives.

Education:

• Bachelor's degree in Cybersecurity, Information Systems, or related field. Master's degree or MBA strongly preferred.

Experience:

• 10+ years in cybersecurity, IT risk, or related fields.



• 8+ years in senior leadership roles, preferably within high-stakes technology divisions (testing, SaaS, or global platforms).



• Proven success in aligning security strategy with business objectives.



• Experience engaging directly with executive and customer stakeholders.



• CISSP, CISM, CRISC Certifications or equivalent required.

Skills:

• Executive Leadership: Trusted advisor to divisional and enterprise leadership.



• Business Acumen: Deep understanding of business operations and customer trust requirements.



• Risk Expertise: Advanced knowledge of enterprise risk frameworks and divisional application.



• Communication: Executive-level communication with business and technical leaders.



• Change Leadership: Ability to influence divisional adoption of security initiatives.

Key Attributes:

• Credibility: Trusted leader who brings authority and influence to divisional conversations.



• Reliability: Ensures risks and initiatives are managed with rigor and accountability.



• Vision: Shapes business's security strategy to balance innovation and risk.



• Collaboration: Builds partnerships across business and technical teams.

Who we are:

At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.

Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing [Confidential Information].

Job: Security

Job Family: TECHNOLOGY

Organization: Corporate Strategy & Technology

Schedule: FULL_TIME

Workplace Type: Hybrid

Req ID: 22766