Principal IT Security Architect

If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:
 

Grade: Technical 411Pay Range: $157,000.00 - $243,400.00

Job Description

Job Summary

The Principal IT Security Architect is a position of technical expertise, influence, and leadership in the security technology realm. The Principal Security Architect is highly passionate and is a deeply technical Security

Expert to help the University and its employees develop sound security practices. WGU Principal Security Architects will deliver security solutions, risk and control guidance, lead proof-of-concept projects, and conduct workshops. Experience determining, verifying and documenting security flaws in accordance with industry best practice.

Job Duties

• Cultivates secure coding standards based on industry-accepted frameworks.
• Works with developers as part of the Software Development Life Cycle.
• Identifies, exploits, and remediates common security vulnerabilities using tools.
• Functions as a lead security architect with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, auditing, risk analysis, compliance, security awareness, data security, threat hunting, vendor risk analysis, and identity and access efforts.
• Identifies, exploits, and remediates common application vulnerabilities using tools and code review.
• Prioritizes and tracks assigned security issues.
• Enforces secure development standards and requirements.
• Drives successful outcomes in a complex environment using a deep understanding of enterprise risk management methods & techniques and knowledge of compliance & security standards across the enterprise IT landscape.
• Hardens networks, containers, VMs, and other cloud infrastructure to reduce risk of cloud security misconfigurations.
• Writes and implements policy-as-code to automate compliance and security configuration management enforcement.
• Leads in the development of Security Content and Use Case Development. Alerting aligning to the MITRE ATT&CK Framework.
• Participates in tactical projects as they arise to clarify and respond to identified security risks across different technical domains.
• Assists in the development of cloud security policies and procedures.
• Builds and maintains relationships across the University to promote cloud security initiatives.
• Researches and deconstructs cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs. Creates abstract rules to detect network intrusions based on IOCs. Conducts open-ended analysis of large data sets to find network activity baselines and abnormalities.
• Designs and implements SOAR functions to automate compliance enforcement, security configuration management, and malicious activity remediation.
• Identifies gaps in the University’s security model and suggests solutions, including tools and processes.
• Engages with security architects to capture design requirements for cloud architectures and implementation strategies.
• Creates new processes and identifies new threats and mitigation strategies.
• Performs other job-related duties as assigned.

KSAs

• Knowledge of security industry standards and best practices. Proven experience interpreting and implementing those standards in a corporate environment.
• High integrity and confidentiality when working with sensitive data.
• Ability to operate information security tools and processes.
• Ability to execute established security practices with consistency and discipline.
• Hands on experience integrating security into the various stages of a CI/CD pipeline.
• Proven SOC and incident mitigation experience.
• Experience with all major categories of network security devices, including SIEM, IDS/IPS, firewalls, proxies, web filters, email filters, web application firewalls, and endpoint anti-virus.
• Advanced understanding of core AWS services, including compute (EC2, ECS, Lambda), network (VPC, Subnets, Security Groups), storage (S3, EFS, EBS), database (RDS), and identity (IAM).
• Complete understanding of cloud security engineering principles as applied in support of, and integration with, key business and strategic priorities.
• Ability to contribute new intellectual capital through deep knowledge and direct professional experience in a subject matter area or technical domain within this function.
• Strong analytical and technical skills
• Good written and oral communication skills
• Knowledge of threat modeling and risk assessment strategies
• Highly technical and analytical
• Ability to function equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work.
• Ability to think strategically about business, product, and technical challenges.
• Knowledge of archive, backup/recovery, and business continuity processes in distributed operations

Minimum Qualifications

• Master's Degree in IT Security, Computer Science, Engineering or related field
• 10 years of Information Security experience, including an understanding of all security domains
• Experience implementing MITRE ATT&CK Framework
• Recognized expert or thought leader in the area of technical discipline
• Hands-on experience creating, designing, and implementing SIEM content security rules to detect malicious, suspicious, and/or abnormal events.
• Experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)
• Expert scripting language experience (Bash, Python, etc.) with strong working knowledge of automation.
• Relevant security certifications (CISSP, GIAC, ISACA, CEH, CCSP, CCSK, AWS, etc.)
• Equivalent relevant experience performing the essential functions of this job may substitute for education degree requirements. Generally, equivalent relevant experience is defined as 1 year of experience for 1 year of education and is the discretion of the hiring manager.

Preferred Qualifications

• 15 years of Information Security experience, including an understanding of all security domains
• Strong experience with distance education and distance learning students
• Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies
• Solid understanding of the AWS well architected framework with working experience on implementing the security pillar of the framework
• Working knowledge of federated single sign-on (SSO) solutions
• Experience with designing and implementing native AWS security tools like Guard Duty, Security Hub, IAM access analyzer, Macie, Inspector, and WAF.
• Technical knowledge of securing containers and applying security controls to container orchestration platform
• Ability to assist in establishing a DevSecOps process using available AWS services
• Practical working experience establishing AWS IAM user groups, roles, and policies

Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements and working conditions for the position. It is intended to be an accurate reflection of the current position, however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.

Position & Application Details

Full-Time Regular Positions (classified as regular and working 40 standard weekly hours): This is a full-time, regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical, dental, vision, telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident, critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave.

How to Apply: If interested, an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at [email protected].

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.