Pearson

Lead Specialist Application Security

Pearson  •  Bengaluru, IN (Onsite)  •  5 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.
69
AI Success™

Job Description

Lead Application Security Engineer

We are seeking a highly experienced Lead Application Security Engineer to serve as a senior individual contributor and technical authority within the Application Security function. This role is designed for a hands-on expert who drives security outcomes through deep technical expertise, influence, and close collaboration with engineering teams.

The successful candidate will play a critical role in embedding security into the software development lifecycle (SDLC), identifying and mitigating complex application risks, and shaping secure engineering practices across the organization. You will work closely with developers, architects, DevOps, and cloud teams to ensure that security is built in by design and scaled effectively.

Key Responsibilities

Expert Application Security Delivery

  • Provide security guidance for AI technologies, including GenAI and agentic systems, ensuring responsible and secure adoption.
  • Perform advanced secure code reviews, dependency scanning (SCA), and dynamic application security testing (DAST/IAST) across a wide range of applications and technology stacks.
  • Conduct in-depth risk assessments and provide clear, actionable remediation guidance aligned with business priorities.
  • Act as an application security subject matter expert, guiding teams on secure design, architecture, and implementation patterns.
  • Embed application security controls into SDLC and CI/CD pipelines, ensuring security is integrated without slowing delivery.
  • Design, review, and advise on secure authentication and authorization mechanisms, APIs, and identity integrations.
  • Identify systemic security weaknesses and drive long-term improvements to reduce recurring vulnerabilities.
  • Partner closely with software engineers, architects, platform, and DevOps teams to solve security problems collaboratively.
  • Influence secure engineering practices through technical credibility, design reviews, and hands-on support, not policy enforcement.
  • Act as a trusted advisor to engineering leadership on application security risks, trade-offs, and improvements.
  • Contribute to internal security guidance, patterns, and documentation to improve security maturity at scale.
  • Stay current with emerging threats, attack techniques, and application security trends, translating insights into practical improvements.
  • Support secure adoption of cloud-native and containerized platforms (AWS, Azure, Kubernetes).

Qualifications & Skills

  • Good exposure to and understanding of AI technologies, including GenAI and agentic systems.
  • 8+ years of combined experience in software development, cybersecurity, and application security.
  • Proven track record as a senior / expert-level individual contributor in application security.
  • Strong hands-on experience with application security tools, including SAST, DAST/IAST, and SCA.
  • Deep understanding of secure software development practices and integrating security into SDLC and CI/CD pipelines.
  • Proficiency in one or more programming languages such as Python, Java, and JavaScript.
  • Strong knowledge of application security standards and frameworks (OWASP, NIST, CIS).
  • Advanced understanding of cryptography, authentication, authorization, and identity concepts.
  • Practical experience with threat modelling and use of commercial threat modelling tools.
  • Experience securing cloud and containerized environments (AWS, Azure, Kubernetes).
  • Excellent communication skills with the ability to influence cross-functional teams through technical expertise.
  • This role is based out of Bangalore/Chennai, with at least 3 days per week in the office.

Preferred Qualifications

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a related field.
  • One or more of the following certifications:
    • OSCP / OSWE
    • GWAPT / eWPT
    • CISSP, CSSLP, or CEH (with an application security focus)

Why Join Us?

  • Operate as a true expert individual contributor with real technical impact.
  • Work on complex, high-scale applications and modern platforms, including cloud and AI-driven systems.
  • Influence security outcomes across engineering teams without people-management overhead.
  • Competitive compensation, benefits, and long-term career growth on a technical expert track.
Pearson

About Pearson

Our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. That’s why our c. 20,000 Pearson employees are committed to creating vibrant and enriching learning experiences designed for real-life impact. We are the world’s leading learning company, serving customers in nearly 200 countries with digital content, assessments, qualifications, and data. For us, learning isn’t just what we do. It's who we are.

Industry
Education & Training
Company Size
5,001-10,000 employees
Headquarters
London, GB
Year Founded
Unknown
Website
pearson.com
Social Media