Job Description

Role: Manager Security Operations

Location: United States (Hybrid Durham NC)
Department: Cybersecurity Security Operations
Reports to: Senior Director Security Operations

Role Overview

The Manager Security Operationsis responsible for the operational delivery governance and assurance of cybersecurity services provided to government public sector and highly regulated Pearson customers. This role acts as the primary Security Operations point of accountability for these clients ensuring that Pearson meets contractual regulatory and assurance obligations while maintaining a strong security posture.

The role combines SOC leadership stakeholder management regulatory alignment and incident oversight working closely with internal SOC teams GRC Legal Product and Customer teams as well as external auditors and government stakeholders.

Key Responsibilities

Government & Public Sector Client Management

• Act as the primary Security Operations contact for government and regulated customers supporting security assurance discussions audits and contractual obligations.
• Own the operational security relationship with public sector clients including response to security questionnaires evidence requests and assurance reviews.
• Ensure SOC services align with government security expectations contractual SLAs and regulatory requirements (e.g. FedRAMPadjacent controls ISO SOC regional equivalents where applicable).

Security Operations Oversight

• Provide operational leadership across SOC functions supporting government and regulated environments including:
  • Monitoring and detection
  • Incident response coordination
  • Access governance and periodic reviews
  • Vulnerability and risk tracking
• Ensure consistent auditable execution of SOC processes aligned to approved runbooks and playbooks.
• Oversee escalation handling for security events impacting regulated customers ensuring timely accurate and compliant communications.

Incident Response & Regulatory Support

• Lead or coordinate incident response activities involving government or regulated customers including:
  • Triage and containment oversight
  • Executive and customer communications
  • Postincident reporting and lessons learned
• Partner with Legal GRC and Communications teams to support regulatory notifications and customer disclosures where required.

Assurance Reporting & Evidence Management

• Own delivery of security reporting and evidence for government clients including:
  • Access reviews
  • Incident summaries
  • Control effectiveness metrics
• Ensure SOC data used for external reporting is accurate validated and defensible.
• Support internal and external audits relevant to government and regulated customers.

Stakeholder & CrossFunctional Leadership

• Act as a trusted advisor to:
  • Government customer stakeholders
  • Internal Product and Engineering teams
  • GRC Legal and Privacy partners
• Translate complex SOC operations into clear nontechnical risk and assurance narratives for customers and leadership.

Continuous Improvement & Risk Reduction

• Identify systemic risks or control gaps affecting regulated environments and drive remediation through SOC and engineering teams.
• Contribute to the evolution of SOC processes tooling and reporting to better support government and regulated use cases.
• Mentor SOC team members on regulatory awareness evidence quality and customerfacing security operations.

Skills & Experience

Required

• Proven experience in Security Operations or Incident Response leadership roles.
• Strong understanding of security controls monitoring and incident management in regulated environments.
• Demonstrated experience supporting government or highly regulated customers.
• Excellent stakeholder management and written communication skills particularly for audit and customerfacing contexts.
• Ability to translate technical security issues into clear riskbased explanations for nontechnical audiences.

Desirable

• Experience supporting audits or frameworks such as ISO 27001 SOC 2 FedRAMPaligned environments or similar.
• Familiarity with SOC tooling (SIEM EDR SOAR) and access governance processes.
• Prior experience working with Legal Privacy or Compliance teams during security incidents.

What Success Looks Like

• Government and regulated customers have high confidence in Pearsons Security Operations capability.
• Security incidents involving regulated clients are managed professionally consistently and compliantly.
• Audit and assurance requests are handled efficiently with highquality evidence.
• SOC processes supporting regulated environments are repeatable documented and defensible.