Search by job, company or skills

Pearson

Specialist, Information Security

Pearson
Bengaluru, India
Fresher
new job description bg glownew job description bg glownew job description bg svg
  • Posted 6 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Role Title



Specialist, Information Security



Reports to



Team Manager, Cybersecurity



Location



Channi/Bangalore, Hybrid



Team



Cybersecurity, OCTO



Role Overview



The Cybersecurity Governance, Risk & Compliance (GRC) function sits within the Chief Information Security Office as part of the Digital and Technology organisation, reporting to the Chief Information Officer at Pearson.



We are seeking a motivated and detailoriented Cybersecurity Risk Analyst to support cyber risk and thirdparty risk management activities within the Cyber GRC team. This role contributes to how cyber risks are identified, assessed, tracked, and reported across the organisation, working closely with Technology, Data Privacy, Procurement, and Risk Owners.



The role supports informed, riskbased decisionmaking by ensuring cyber risks are clearly documented, understood, and monitored, while enabling the business to move at pace. This is an individual contributor role, focused on highquality risk analysis, stakeholder engagement, and consistent execution of Cyber GRC processes.



Key Responsibilities



Cyber Risk Management



  • Support the identification, assessment, and documentation of cyber risks across technology and business domains.


  • Maintain accurate and uptodate cyber risk records, including risk statements, impact assessments, controls, and remediation plans.


  • Work with Designated Risk Owners to ensure risks are clearly articulated in businessrelevant terms and appropriately owned.


  • Track risk treatment activities, issues, and remediation progress, highlighting delays or concerns for escalation.


  • Contribute to cyber risk reporting and dashboards to support management and senior stakeholder visibility.


  • Promote a pragmatic, riskbased approach to cybersecurity decisionmaking across technology initiatives and operational activities.


ThirdParty Risk Management



  • Support the execution of the thirdparty cyber risk management (TPRM) process in line with business criticality and risk appetite.


  • Perform supplier cyber risk assessments and reviews, working with Procurement, Legal, and Technology stakeholders.


  • Track thirdparty remediation actions, risk acceptances, and reassessments through to closure.


  • Support material supplier risk discussions by preparing risk summaries, evidence reviews, and decision documentation.


  • Maintain accurate thirdparty risk data to support reporting, metrics, and audit or assurance activities.


Stakeholder Engagement & Collaboration



  • Partner with Technology, Data Privacy, Procurement, and Risk Owners to gather information and support risk assessments.


  • Act as a point of contact for cyber risk and thirdparty risk queries within defined areas of responsibility.


  • Escalate emerging risks, issues, or blockers to the Team Manager with clear analysis and recommended next steps.


  • Contribute to a positive risk culture by supporting constructive, solutionfocused conversations.


GRC Process, Tooling & Continuous Improvement



  • Follow and consistently apply Cyber GRC frameworks, standards, and processes.


  • Use GRC tooling effectively to manage risk workflows, evidence, and reporting.


  • Identify opportunities to simplify risk documentation, improve data quality, or streamline processes.


  • Support audits, assessments, and regulatory or assurance activities by providing accurate risk evidence and analysis.


Key Skills & Experience



  • Experience in cybersecurity risk management, thirdparty risk, IT risk, or GRC within a complex organisation.


  • Working knowledge of cyber risk frameworks such as ISO 27001, NIST CSF, or SOC2.


  • Strong analytical skills, with the ability to assess risk scenarios and control effectiveness.


  • Ability to communicate risk clearly and concisely in written and verbal form.


  • Strong attention to detail and ability to manage multiple tasks and priorities.


  • Comfortable working with stakeholders across technical and nontechnical teams.


  • Professional certifications or progress toward certifications desirable (e.g. CRISC, CISM, CISSP, CISA).


What Success Looks Like



  • Cyber risks are accurately identified, documented, and tracked through to resolution or acceptance.


  • Risk data is complete, consistent, and reliable, supporting meaningful reporting and decisionmaking.


  • Thirdparty cyber risks are assessed proportionately and managed without creating unexpected exposure.


  • Stakeholders experience Cyber GRC as a helpful, pragmatic partner rather than a compliance hurdle.


  • The Cyber GRC team operates efficiently with clear visibility of risk posture and priorities.


Why Join Us



  • Opportunity to develop deep expertise in cyber risk and thirdparty risk management.


  • Exposure to a wide range of technology, suppliers, and business stakeholders.


  • Clear development pathway within a maturing Cyber GRC capability.


  • Supportive environment with strong focus on learning, growth, and professional development.


Who we are:



At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.



Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.



If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing [Confidential Information].



Job: Security



Job Family: TECHNOLOGY



Organization: Corporate Strategy & Technology



Schedule: FULL_TIME



Workplace Type: Hybrid



Req ID: 22978

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

About Company

Pearson

Job ID: 145082855

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 01-04-2026 06:03:08 AM
Homejobs in Bengaluru / BangaloreSpecialist, Information Security