Technical Service Delivery Manager - CISO

Description

We are the world’s learning company with more than 24,000 employees operating in 70 countries. We combine world-class educational content and assessment, powered by services and technology, to enable more effective teaching and personalized learning at scale. We believe that wherever learning flourishes so do people.

Company Summary

At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into laptop lessons, we are always re-examining the way people learn best whether it’s one child in our own backyard or an education community across the globe. We are bold thinkers and standout innovators who motivate each other to explore new frontiers in an environment that supports and inspires us to always be better. By pushing the boundaries of technology—and each other to surpass these boundaries—we create seeds of learning that become the catalyst for the world’s innovations, personal and global, large, and small.

About the Chief Information Security Office (CISO)

CISO is responsible for establishing and maintaining Pearson-wide security and risk management programmes. This team safeguards the confidentiality and security of all information assets, including learner, customer and business data.

CISO covers Security Service Management & Performance | Governance, Risk, Compliance and Assurance (GRCA) | Security Operations and Forensics | Security Digital Technology (D&T) and Security Architecture | Product Security.

Security Service Management & Performance

The team drives Security as a Service across Pearson's digital footprint in three main areas;

• Automation – supports CISO teams to provide fully automated and consistent security service processes with 'built-in' capabilities and controls
• Coverage – helps drive increased coverage of security services so that they are widely adopted across the Divisional units
• Data – in order to answer business questions, aggregated data sources are centralised to present one unified and un-silo view of security service performance trends

The team defines and governs a set of aligned Security frameworks and processes that underpin CISO, which fully supports how teams work in a simplified but scalable way so that our overall business goals can be achieved at pace.

The team interfaces with Technology Platforms, Product Teams, SOX and Quality Engineering business units and is fully accountable for ensuring security services and solutions are developed, tested and deployed in line with Security Policy. The team also own the end to end service governance of the CISO business and technology security initiatives through active leadership and engagement at a strategic and programme level.

Team Values form the foundations of our service delivery approach delivering the right security information, services and technologies across the organisation for maximum consumption:

• Customer Commitment – we develop and maintain relationships that make a positive impact in our customers’ working lives
• Teamwork – we collaborate to meet the demands of our customers and to help us provide the best customer service
• Quality – we provide outstanding security services and products, all the while providing value to our customers
• Integrity – we uphold the highest standards of integrity in everything we do
• Culture – we drive a culture of responsibility and accountability and cultivate a high performing workforce that innovates and delivers dynamic product and platform learning experiences quickly and at scale

Position Summary

Reporting to the Senior Manager, Security Service Management and Performance, the CISO Technical Service Manager will have two key areas of responsibility:

1. Own the Security as a Service lifecycle. The individual will bring a high level of business acumen with an ability to build strong, trusted relationships across CISO, and business pillars. They must know how to work with a cross-functional, multi-location teams, act as a trusted advisor for consuming Security services and tools and will act as the voice of the customer within CISO. Moreover, they understand how to deliver value and outcomes in complex, agile and matrix environments.
2. Will be embedded into the Security D&T and GRCA function. The individual will be responsible for leading the full end-to-end delivery of D&T and GRCA security service initiatives to deliver business solutions and enabling tools, covering service requirements gathering and technical service solution design, implementation and optimisation.

Our CISO technologists are focused on providing quality and service value so the individual must be a strategic thinker and advisor who will lead and influence the teams, providing a technical and business lens on everything our CISO technologists do, keeping them focused on what matters.

The individual must also have a keen eye for detail, be hands-on and data-centric, exploiting data to empower security teams to drive results, outcomes, and growth all the while driving operational excellence. This is a new culture change for CISO so the individual must be service oriented and be able to think outside the box.

Role Responsibilities

• Responsible for building the Security as a Service lifecycle; including, but not limited to, collaboration with CISO Service Owners whilst designing their service visions and service descriptions, gathering customer requirements, establishing service objectives and SLA measurement, Service Review facilitation.
• Own the end to end service governance of CISO business and technology security initiatives for PD&T and GRCA through active leadership and engagement at a programme level
• Ensure that effective programme value realisation drives everything PD&T and GRCA develops, delivers or operates
• Primary responsibility for day to day service governance excellence within the PD&T and GRCA teams, collaborating with (but not limited to) the VP - Information Technology Security Officer, Director - Platform Security and Cloud Security Engineering, Director - GRCA Strategy and Compliance and Director - Enterprise Security Architecture
• Maintain control of PD&T and GRCA service programme level resource and utilisation and costs
• Forecast PD&T and GRCA resource demand by reviewing service programme requirements, making reasonable efforts to estimate what people and other resources are required to meet the service success criteria.
• PD&T and GRCA KPI management and Team Objectives Management
• Primary security change agent for PD&T and GRCA influencing Technology business teams on security service adoption; performing service reviews ensuring there is always optimised coverage and performance
• Ensuring effective and timely communications with appropriate stakeholders in terms of service delivery objectives, timescales and dependencies

Characteristics

• Experience leading large scale agile security and SDLC service oriented programmes for global organisations
• Experience in developing effective programme governance based on value realisation
• Ability to handle multiple projects at any given time, track and report multiple initiatives
• Able to proactively identify opportunities to simplify and automate process to ensure focus on service value-add work
• Programme budgets upwards of £5m+ Strong business acumen with an ability to build and maintain close business relationships with all levels of management.
• Drives out dependency and blockers
• Excellence communications and negotiation skills
• Team player and hands-on approach
• Financial modelling desired

Capabilities

• Customer-centric
• Data-centric
• Strong communication skills
• Works well in a matrix
• Takes personal responsibility
• Embraces change

Behaviours

• Open and positive attitude promoting confidence and credibility to peers, project, and business stakeholders
• Positive engagement with stakeholders at all levels
• Highly adaptable
• Effectively manage performance issues
• Flexible
• Ability to effectively deal with change
• Highly accurate and detail-oriented

Qualifications

Basic Qualifications

• Background in Cybersecurity or Security Information Technology strongly preferred
• Background in Service Management consulting and framework adoption within a global organisation
• Experience of implementing Security change and process alignment
• Possesses a breadth and depth of understanding of business and Security and IT strategy
• Experience with Agile led business transformations
• Strong business change experience
• Strong technical and operational academic grounding coupled with sound experience
• Effectively translate technical requirements to business terminology to promote business buy-in and understanding
• Ability to positively influence peers and business stakeholders to achieve results
• 5 years of prior programme management experience with teams of up to 10 resources in a large organisation with a track record of successful delivery
• Experience managing large scale programme budgets (up to $5M)
• Experience of working and coordinating with global teams on many time zones
• Bachelor’s degree or equivalent, required
• Ability to communicate effectively at all levels with both technical and non-technical stakeholders (both written and verbal)
• Ability to make timely decisions independent of senior management involvement or ratification
• Strong facilitation skills
• Ability to effectively manage multiple projects and see to completion
• Confidently respond to and manage conflict
• Proactively escalates ongoing issues that negatively impact programme progress
• Demonstrated ability to work in a fast-paced and collaborative environment

Preferred Qualifications

• Security Certification (CompTIA Security+, CISM)
• Service Management Certification (ITIL v4 Practitioner desired)
• PMP certification or equivalent
• Agilist certification
• Proficient in tools required to manage complex projects

Primary Location – US, North Carolina

Other Locations – UK, London

\#LI-POST

Learning is the most powerful force for change in the world. More than 20,000 Pearson employees deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We are the world’s leading learning company. Learn more at pearsonplc.com.

Pearson believes that wherever learning flourishes, so do people. We are committed to being an anti-racist company in everything we do. We value the power of an inclusive culture and a strong sense of belonging. We promote a culture where differences are embraced, opportunities are accessible, consideration and respect are the norm, and all individuals are supported in reaching their full potential. Through our talent, we believe that diversity, equity, and inclusion make us a more innovative and vibrant place to work. People are at the center, and we are committed to a sustainable environment and workplace where talent can learn, grow, and thrive.  

To learn more about Pearson’s commitment to a diverse and inclusive workforce, please click here: 

http://www.pearson.com/careers/diversity-and-inclusion.html

Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. All employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status, or any other group protected by law.

Job: TECHNOLOGY

Organization: Technology & Operations

Schedule: FULL_TIME

Req ID: 2112494