**Job Title: Staff Security Engineer** **Reports To:** SOC Engineering Manager **Skip-Level Manager:** Senior Director, Security Operations **Role Summary:** Pearson’s Security Operations Centre is seeking a technically skilled and operationally mature **Senior SOC Engineer** to lead the design, implementation, and optimisation of security tooling and infrastructure. This role will be instrumental in advancing Pearson’s detection capabilities, automation workflows, and integration of security platforms across the enterprise. The successful candidate will serve as a technical authority within the SOC, driving engineering excellence, supporting incident response, and collaborating across teams to ensure Pearson’s security posture remains robust and adaptive to emerging threats. **Key Responsibilities:** **Security Engineering & Tooling** + Design, deploy, and maintain SIEM, SOAR, EDR, UEBA, and other SOC tooling. + Develop and optimise detection content, including correlation rules, playbooks, and alert logic. + Build automation workflows for incident response, enrichment, and case management. **Platform Integration & Data Engineering** + Integrate security platforms with enterprise systems to ensure seamless data flow and actionability. + Establish onboarding pipelines for new log sources and data feeds. + Maintain and enhance the detection stack, ensuring high fidelity and low false positives. **Operational Support & Incident Response** + Support SOC analysts during investigations and incident response. + Tune detection logic based on threat intelligence and operational feedback. + Lead technical escalations and provide guidance on remediation strategies. **Collaboration & Enablement** + Work closely with CTI, IRM, and compliance teams to operationalise threat intelligence. + Mentor junior engineers and analysts, fostering a culture of continuous improvement. + Contribute to SOC maturity initiatives and roadmap development. **Required Skills & Experience:** + 5+ years of experience in SOC engineering, detection content development, or security platform integration. + Strong understanding of SIEM/SOAR architecture and incident response workflows. + Hands-on experience with platforms such as Splunk, Siemplify, Sentinel, or similar. + Proficiency in scripting languages (Python preferred) for automation and enrichment. + Familiarity with MITRE ATT&CK, threat modelling, and detection engineering best practices. + Excellent documentation and communication skills. **Preferred Qualifications:** + Experience in regulated environments or government-aligned SOC operations. + Exposure to cloud security (AWS, Azure, GCP) and hybrid infrastructure. + Certifications such as GCIA, GCIH, OSCP, or equivalent. + Experience with AI-driven detection and emerging security technologies. **Who we are:** At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson. Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing TalentExperienceGlobalTeam@grp.pearson.com. **Job:** Engineering **Job Family:** ENGINEERING **Organization:** Corporate Strategy & Technology **Schedule:** FULL\_TIME **Workplace Type:** Hybrid **Req ID:** 22726