Specialist, Information Security
Role Title
Specialist, Information Security
Reports to
Team Manager, Cybersecurity
Location
Channi/Bangalore, Hybrid
Team
Cybersecurity, OCTO
Role Overview
The Cybersecurity Governance, Risk & Compliance (GRC) function sits within the Chief Information Security Office as part of the Digital and Technology organisation, reporting to the Chief Information Officer at Pearson.
We are seeking a motivated and detailoriented Cybersecurity Risk Analyst to support cyber risk and thirdparty risk management activities within the Cyber GRC team. This role contributes to how cyber risks are identified, assessed, tracked, and reported across the organisation, working closely with Technology, Data Privacy, Procurement, and Risk Owners.
The role supports informed, riskbased decisionmaking by ensuring cyber risks are clearly documented, understood, and monitored, while enabling the business to move at pace. This is an individual contributor role, focused on highquality risk analysis, stakeholder engagement, and consistent execution of Cyber GRC processes.
Key Responsibilities
Cyber Risk Management
Support the identification, assessment, and documentation of cyber risks across technology and business domains.
Maintain accurate and uptodate cyber risk records, including risk statements, impact assessments, controls, and remediation plans.
Work with Designated Risk Owners to ensure risks are clearly articulated in businessrelevant terms and appropriately owned.
Track risk treatment activities, issues, and remediation progress, highlighting delays or concerns for escalation.
Contribute to cyber risk reporting and dashboards to support management and senior stakeholder visibility.
Promote a pragmatic, riskbased approach to cybersecurity decisionmaking across technology initiatives and operational activities.
ThirdParty Risk Management
Support the execution of the thirdparty cyber risk management (TPRM) process in line with business criticality and risk appetite.
