Information Security Architect
The College Board, the national education organization, is conducting a search for a Information Security Architect for our IT department. This position is based in our Reston, Virginia office.
College Board is rapidly transforming itself into an agile organization, embracing DevOps and cloud-native systems, and focused on improving speed and security of service delivery in support of an important mission. To enable this mission, the College Board is seeking an Information Security Architect to design and drive innovative and transformative security solutions across the organization. The security architect is a technical and creative leader responsible for the planning, design, and implementation of security solutions and secure systems at the College Board. He or she identifies security and privacy risks across the organization, effectively communicates risks in context, recommends actions for mitigation and resilience, and leads the efforts to implement corresponding controls. The security architect applies critical thinking to address the risks to the College Board’s mission of enabling students’ access to college and providing more opportunities to succeed.
- Enhances current state security architectures and develops target state security architectures to support projected business objectives, reflect the threat landscape, and compliment DevOps operating models.
- Partners with other security staff, delivery teams, and business units to create and maintain comprehensive system security architectures by identifying gaps and evaluating, selecting, implementing appropriate security functions.
- Designs and build systems to support the development and enforcement of a diverse set of security controls, while maintaining alignment to functional and business requirements.
- Analyses the College Board data ecosystem (e.g. classifications, flows, data lifecycles, etc.) and designs systems and processes accordingly to enable and safeguard mission-critical functionality.
- Orchestrates the integration of security systems with security operational processes, building on and improving those processes across the organization.
- Supports the development, assessment, implementation, and continual enhancement of comprehensive security roadmap(s).
- Assists in the development of new security frameworks, principles, policies, and standards as needed by observed or anticipated business, regularity, or environmental change.
- Participates in enterprise architecture (EA) committees and working groups and provides strategic and tactical guidance and direction related to security.
- Updates and maintains knowledge and awareness by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; and participating in professional organizations.
- Mentors team members in information security methodologies, frameworks, processes and procedures.
- Minimum 7+ years’ experience in the field of information technology with extensive exposure to numerous aspects of systems design, development, implementation, and operations as well as business planning.
- A minimum of 5 years’ experience in information security with knowledge and exposure to security architecture, security assessment, security program management, or security engineering.
- Knowledge of risk and security assessment procedures, security policy implementation, authentication and authorization strategies and technologies, and the attack lifecycle.
- Experience implementing cloud-based security solutions, AWS experience preferred.
- Demonstrable ability to diligently execute tasks in a dynamic and cross-functional environment.
- Demonstrated competency in strategic thinking with abilities in relationship management.
- Industry recognized certification (e.g., CISSP, CCSP, AWS CSA, etc.) preferred.
- Bachelor’s degree preferred.
Related Skills & Other Requirements:
- Knowledge and experience working with any of the following is preferred
- Software (web servers, application servers, databases, middleware, AWS API, etc.)
- Networking (TCP/IP, SSH, SFTP, VPN, Firewalls, Routers, etc.)
- Server and workstation operating systems (Windows, Linux, etc.)
- Security systems (SIEM, vulnerability scanners, IPS, etc.)
- Excellent oral and written communication skills with the ability to confidently present and discuss technical information.
- Confidence and leadership as a member of project teams in working with business users in a cross-functional environment.
- Excellent problem solving and analytical ability.
- We offer our employees an outstanding benefits package, which includes 4 weeks of paid time off, a generous retirement savings plan, tuition reimbursement and ongoing professional development and training.
- The College Board’s mission is to connect students to college success and opportunity. We are a not-for-profit membership organization committed to excellence and equity in education. Among our best-known products are the SAT®, PSAT/NMSQT®, and Advanced Placement Program®. The College Board is committed to diversity in the workplace and is an Equal Opportunity Employer. The College Board participates in E-Verify, a service of DHS and SSA, where required. Please understand that only qualified applicants will be contacted.