Principal IT Security Architect

If you're passionate about building a better future for individuals, communities, and our country-and you're committed to working hard to play your part in building that future-consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:

Job Description

*This opportunity will be located on site in our future Raliegh, NC location*

Job Profile Summary:

The Principal IT Security Architect is a position of technical expertise, influence, and leadership in the security technology realm. The Principal Security Architect is highly passionate and is a deeply technical Security.
An expert to help the University and its employees develop sound security practices. WGU Principal Security Architects will deliver security solutions, risk and control guidance, lead proof-of-concept projects, and conduct workshops-experience determining, verifying, and documenting security flaws in accordance with industry best practice.

Essential Functions and Responsibilities:

• Cultivates secure coding standards based on industry-accepted frameworks.

• Works with developers as part of the Software Development Life Cycle.

• Identifies, exploits, and remediates common security vulnerabilities using tools.

• Functions as a lead security architect with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, auditing, risk analysis, compliance, security awareness, data security, threat hunting, vendor risk analysis, and identity and access efforts.

• Identifies, exploits, and remediates common application vulnerabilities using tools and code review.

• Prioritizes and tracks assigned security issues.

• Enforces secure development standards and requirements.

• Drives successful outcomes in a complex environment using a deep understanding of enterprise risk management methods & techniques and knowledge of compliance & security standards across the enterprise IT landscape.

• Hardens networks, containers, VMs, and other cloud infrastructure to reduce risk of cloud security misconfigurations.

• Writes and implements policy-as-code to automate compliance and security configuration management enforcement.

• Leads in the development of Security Content and Use Case Development. Alerting aligning to the MITRE ATT&CK Framework.

• Participates in tactical projects as they arise to clarify and respond to identified security risks across different technical domains.

• Assists in the development of cloud security policies and procedures.

• Builds and maintains relationships across the University to promote cloud security initiatives.

• Researches and deconstructs cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs. Creates abstract rules to detect network intrusions based on IOCs. Conducts open-ended analysis of large data sets to find network activity baselines and abnormalities.

• Designs and implements SOAR functions to automate compliance enforcement, security configuration management, and malicious activity remediation.

• Identifies gaps in the University's security model and suggests solutions, including tools and processes.

• Engages with security architects to capture design requirements for cloud architectures and implementation strategies.

• Creates new processes and identifies new threats and mitigation strategies.

• Performs other job-related duties as assigned.

Knowledge, Skill and Abilities:

• Knowledge of security industry standards and best practices. Proven experience interpreting and implementing those standards in a corporate environment.

• High integrity and confidentiality when working with sensitive data.

• Ability to operate information security tools and processes.

• Ability to execute established security practices with consistency and discipline.

• Hands on experience integrating security into the various stages of a CI/CD pipeline.

• Proven SOC and incident mitigation experience.

• Experience with all major categories of network security devices, including SIEM, IDS/IPS, firewalls, proxies, web filters, email filters, web application firewalls, and endpoint anti-virus.

• Advanced understanding of core AWS services, including compute (EC2, ECS, Lambda), network (VPC, Subnets, Security Groups), storage (S3, EFS, EBS), database (RDS), and identity (IAM).

• Complete understanding of cloud security engineering principles as applied in support of, and integration with, key business and strategic priorities.

• Ability to contribute new intellectual capital through deep knowledge and direct professional experience in a subject matter area or technical domain within this function.

• Strong analytical and technical skills

• Good written and oral communication skills

• Knowledge of threat modeling and risk assessment strategies

• Highly technical and analytical

• Ability to function equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work.

• Ability to think strategically about business, product, and technical challenges.

• Knowledge of archive, backup/recovery, and business continuity processes in distributed operations

Job Qualifications:

Minimum Qualifications:

• Master's Degree in IT Security, Computer Science, Engineering or related field

• 10 years of Information Security experience, including an understanding of all security domains

• Experience implementing MITRE ATT&CK Framework

• Recognized expert or thought leader in a technical discipline

• Hands-on experience creating, designing, and implementing SIEM content security rules to detect malicious, suspicious, and/or abnormal events.

• Experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)

• Expert scripting language experience (Bash, Python, etc.) with strong working knowledge of automation.

• Relevant security certifications (CISSP, GIAC, ISACA, CEH, CCSP, CCSK, AWS, etc.)

• Equivalent relevant experience performing the essential functions of this job may substitute for an educational degree requirement. Generally, equivalent relevant experience is defined as 1 year of experience for 1 year of education and is the hiring manager's discretion.

Preferred Qualifications:

• 15 years of Information Security experience, including an understanding of all security domains

• Strong experience with distance education and distance learning students

• Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies

• Solid understanding of the AWS well-architected framework with working experience on implementing the security pillar of the framework

• Working knowledge of federated single sign-on (SSO) solutions

• Experience designing and implementing native AWS security tools like Guard Duty, Security Hub, IAM access analyzer, Macie, Inspector, and WAF.

• Technical knowledge of securing containers and applying security controls to the container orchestration platform

• Ability to assist in establishing a Dev SecOps process using available AWS services

• Practical working experience establishing AWS IAM user groups, roles, and policies

Physical Requirements:

• Prolonged periods sitting at a desk and working on a computer.

• Must be able to lift up to 15 pounds at times.

Disclaimer: This Job Description has been designed to indicate the general nature, essential duties, and responsibilities of work performed by employees within this classification. It does not contain a comprehensive inventory of all duties, responsibilities, and qualifications that are required of the employee to do this job. Duties, responsibilities and activities may change at any time with or without notice. This Job Description does not constitute a contract of employment and the University may exercise its employment-at-will rights at any time.

#LI-AW2

Position & Application Details

How to Apply: If interested, an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. It's not all-inclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at recruiting@wgu.edu.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.