Information Security Architect - Cloud & Applications
The College Board, the national educational organization, is conducting a search for a Information Security Architect - Cloud & Applications for our IT department. This position is based in our Reston, Virginia office.
Named by Fast Company as one of the most innovative education companies, the College Board is a mission-focused organization. This job requires a strong focus on improving educational opportunities and outcomes, particularly for disadvantaged students, in the context of a competitive business environment.
The College Board is rapidly transforming itself into an agile organization, embracing DevOps and cloud-native systems, and focused on improving speed and security of service delivery in support of an important mission. To enable this mission, the College Board is seeking a DevSecOps Architect to be a senior member on the team, responsible for leading the design, architecture and implementation of next generation security architecture and automation solutions in our DevOps and cloud transformation initiatives. The DevSecOps Architect is a highly technical and creative contributor to a DevSecOps team, enabling the agile development of secure cloud-based solutions.
What you will do
- Provide technical leadership, guidance and direction in the design, development and implementation of automated solutions, based on a set of standards and processes, that enable College Board developers to own the security of their modern microservices-based cloud software solutions.
- Act as coach and mentor devoted to the growth of the DevSecOps team.
- Keep abreast of next-generation technologies and how they may reshape the security landscape or open new opportunities.
- Use expert knowledge of data analytics and machine learning to define an innovative, automated approach to secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure.
- Apply data and evidence to solve problems effectively and make measurable improvements to the security posture of College Board.
- Leverage expertise in DevOps and CI/CD tools to architect, design, build, harden, maintain, and instrument a comprehensive cloud-based security orchestration platform to be consumed in product pipelines.
- Use expert knowledge in AWS to guide the secure design and development of cloud-based solutions.
- Use software engineering skills and experience to minimize toil and craft lightweight approaches to simplify processes and tools.
- Support the development of security standards by creating reusable templates and patterns for ease of use and increase productivity of the security program.
- Foster, and build a community of practice for collective learning of the security tools, practices and systems across all disciplines within the College Board.
- Collaborate with DevSecOps product owner to breakdown and prioritize work in the product backlog.
- Communicate clearly and effectively across the organization, with a sharp sense of what is most important to the matter at hand.
- A bachelor’s degree in Computer Science, Engineering, or MIS or equivalent experience.
- 10+ years’ experience with extensive exposure to numerous aspects of software development, cloud, DevOps, and information security.
- Strong knowledge and experience in cloud and application security domains.
- Ability to find, collect, and distill data to guide action and resolve problems.
- Deep understanding of Amazon Web Services (AWS) including VPC, ELB/ALB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others. An AWS professional level certification is a plus, Security Specialty certification a big plus.
- Strong and evolving competence in multiple programming languages and technologies, working knowledge of multiple tools sets, technologies and implementation environments.
- Demonstrated expert level proficiency in the architecture, design and delivery of loosely coupled enterprise web and microservices solutions in the cloud.
- Working knowledge of IP networking, VPNs, DNS, load balancing and firewalls.
- Experience building infrastructure as code using AWS CloudFormation, Terraform or similar automated techniques.
- Experience with Chef, Puppet, Salt, or Ansible in production environments.
- Experience in establishing secure software development guidelines and in performing security code and design reviews.
- Experience in documenting security design and architecture artifacts and presenting artifacts for architectural review.
- Effective communication skills are a must along with a strong customer service orientation, and the ability to clearly discern client needs.
- Experience with Akamai WAF and CDN products a plus.
- Ability to self-manage assigned projects, and delegate to and supervise the completion of tasks by other team members.
- Ability to work independently with minimal direction.
- Strong interpersonal skills, written and verbal communication.
- Strong decision-making, problem-solving skills, critical thinking and testing skills.
- A growth mindset and love of learning new technologies.
- Exceptional attention to detail.
We offer our employees an outstanding benefits package which includes 4 weeks of paid time off, a generous retirement savings plan, tuition reimbursement and ongoing professional development and training.
Our mission is to clear a path for all students to own their future.
The College Board is committed to diversity in the workplace and is an Equal Opportunity Employer. The College Board participates in E-Verify, a service of DHS and SSA, where required. Please understand that only qualified applicants will be contacted.