Manager, Security Operations

Manager, Security Operations Durham, NC Workplace Type: Hybrid Job: Security Schedule: FULL_TIME Req ID: 23711 Job Description Role: Manager, Security Operations Location: United States (Hybrid – Durham, NC) Department: Cybersecurity – Security Operations Reports to: Senior Director, Security Operations Role Overview The Manager, Security Operations is responsible for the operational delivery, governance, and assurance of cybersecurity services provided to government, public sector, and highly regulated Pearson customers . This role acts as the primary Security Operations point of accountability for these clients, ensuring that Pearson meets contractual, regulatory, and assurance obligations while maintaining a strong security posture. The role combines SOC leadership, stakeholder management, regulatory alignment, and incident oversight , working closely with internal SOC teams, GRC, Legal, Product, and Customer teams, as well as external auditors and government stakeholders. Key Responsibilities Government & Public Sector Client Management Act as the primary Security Operations contact for government and regulated customers, supporting security assurance discussions, audits, and contractual obligations. Own the operational security relationship with public sector clients, including response to security questionnaires, evidence requests, and assurance reviews. Ensure SOC services align with government security expectations , contractual SLAs, and regulatory requirements (e.g. FedRAMP‑adjacent controls, ISO, SOC, regional equivalents where applicable). Security Operations Oversight Provide operational leadership across SOC functions supporting government and regulated environments, including: Monitoring and detection Incident response coordination Access governance and periodic reviews Vulnerability and risk tracking Ensure consistent, auditable execution of SOC processes aligned to approved runbooks and playbooks. Oversee escalation handling for security events impacting regulated customers, ensuring timely, accurate, and compliant communications. Incident Response & Regulatory Support Lead or coordinate incident response activities involving government or regulated customers, including: Triage and containment oversight Executive and customer communications Post‑incident reporting and lessons learned Partner with Legal, GRC, and Communications teams to support regulatory notifications and customer disclosures where required. Assurance, Reporting & Evidence Management Own delivery of security reporting and evidence for government clients, including: Access reviews Incident summaries Control effectiveness metrics Ensure SOC data used for external reporting is accurate, validated, and defensible . Support internal and external audits relevant to government and regulated customers. Stakeholder & Cross‑Functional Leadership Act as a trusted advisor to: Government customer stakeholders Internal Product and Engineering teams GRC, Legal, and Privacy partners Translate complex SOC operations into clear, non‑technical risk and assurance narratives for customers and leadership. Continuous Improvement & Risk Reduction Identify systemic risks or control gaps affecting regulated environments and drive remediation through SOC and engineering teams. Contribute to the evolution of SOC processes, tooling, and reporting to better support government and regulated use cases. Mentor SOC team members on regulatory awareness, evidence quality, and customer‑facing security operations. Skills & Experience Required Proven experience in Security Operations or Incident Response leadership roles. Strong understanding of security controls, monitoring, and incident management in regulated environments. Demonstrated experience supporting government or highly regulated customers . Excellent stakeholder management and written communication skills, particularly for audit and customer‑facing contexts. Ability to translate technical security issues into clear risk‑based explanations for non‑technical audiences. Desirable Experience supporting audits or frameworks such as ISO 27001, SOC 2, FedRAMP‑aligned environments, or similar . Familiarity with SOC tooling (SIEM, EDR, SOAR) and access governance processes. Prior experience working with Legal, Privacy, or Compliance teams during security incidents. What Success Looks Like Government and regulated customers have high confidence in Pearson’s Security Operations capability. Security incidents involving regulated clients are managed professionally, consistently, and compliantly . Audit and assurance requests are handled efficiently with high‑quality evidence . SOC processes supporting regulated environments are repeatable, documented, and defensible . Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing TalentExperienceGlobalTeam@grp.pearson.com. Job: Security Job Family: TECHNOLOGY