Principal IT Security Architect

If youre passionate about building a better future for individuals communities and our countryand youre committed to working hard to play your part in building that futureconsider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online competency-based degree programs WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century one that has received praise from academic industry government and media leaders. Whatever your role working for WGU gives you a part to play in helping students graduate creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU it is not typical for an individual to be hired at or near the top of the range for their position and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:

Grade: Technical 411

Pay Range: $157000.00 - $243400.00

Job Description

Job Summary

The Principal IT Security Architect is a position of technical expertise influence and leadership in the security technology realm. The Principal Security Architect is highly passionate and is a deeply technical Security

Expert to help the University and its employees develop sound security practices. WGU Principal Security Architects will deliver security solutions risk and control guidance lead proof-of-concept projects and conduct workshops. Experience determining verifying and documenting security flaws in accordance with industry best practice.

Job Duties

• Cultivates secure coding standards based on industry-accepted frameworks.
• Works with developers as part of the Software Development Life Cycle.
• Identifies exploits and remediates common security vulnerabilities using tools.
• Functions as a lead security architect with penetration testing incident handling/digital forensics continuous monitoring intrusion detection/prevention auditing risk analysis compliance security awareness data security threat hunting vendor risk analysis and identity and access efforts.
• Identifies exploits and remediates common application vulnerabilities using tools and code review.
• Prioritizes and tracks assigned security issues.
• Enforces secure development standards and requirements.
• Drives successful outcomes in a complex environment using a deep understanding of enterprise risk management methods & techniques and knowledge of compliance & security standards across the enterprise IT landscape.
• Hardens networks containers VMs and other cloud infrastructure to reduce risk of cloud security misconfigurations.
• Writes and implements policy-as-code to automate compliance and security configuration management enforcement.
• Leads in the development of Security Content and Use Case Development. Alerting aligning to the MITRE ATT&CK Framework.
• Participates in tactical projects as they arise to clarify and respond to identified security risks across different technical domains.
• Assists in the development of cloud security policies and procedures.
• Builds and maintains relationships across the University to promote cloud security initiatives.
• Researches and deconstructs cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs. Creates abstract rules to detect network intrusions based on IOCs. Conducts open-ended analysis of large data sets to find network activity baselines and abnormalities.
• Designs and implements SOAR functions to automate compliance enforcement security configuration management and malicious activity remediation.
• Identifies gaps in the Universitys security model and suggests solutions including tools and processes.
• Engages with security architects to capture design requirements for cloud architectures and implementation strategies.
• Creates new processes and identifies new threats and mitigation strategies.
• Performs other job-related duties as assigned.

KSAs

• Knowledge of security industry standards and best practices. Proven experience interpreting and implementing those standards in a corporate environment.
• High integrity and confidentiality when working with sensitive data.
• Ability to operate information security tools and processes.
• Ability to execute established security practices with consistency and discipline.
• Hands on experience integrating security into the various stages of a CI/CD pipeline.
• Proven SOC and incident mitigation experience.
• Experience with all major categories of network security devices including SIEM IDS/IPS firewalls proxies web filters email filters web application firewalls and endpoint anti-virus.
• Advanced understanding of core AWS services including compute (EC2 ECS Lambda) network (VPC Subnets Security Groups) storage (S3 EFS EBS) database (RDS) and identity (IAM).
• Complete understanding of cloud security engineering principles as applied in support of and integration with key business and strategic priorities.
• Ability to contribute new intellectual capital through deep knowledge and direct professional experience in a subject matter area or technical domain within this function.
• Strong analytical and technical skills
• Good written and oral communication skills
• Knowledge of threat modeling and risk assessment strategies
• Highly technical and analytical
• Ability to function equally well in abstract conceptual and architectural work as in granular technical implementation and configuration work.
• Ability to think strategically about business product and technical challenges.
• Knowledge of archive backup/recovery and business continuity processes in distributed operations

Minimum Qualifications

• Masters Degree in IT Security Computer Science Engineering or related field
• 10 years of Information Security experience including an understanding of all security domains
• Experience implementing MITRE ATT&CK Framework
• Recognized expert or thought leader in the area of technical discipline
• Hands-on experience creating designing and implementing SIEM content security rules to detect malicious suspicious and/or abnormal events.
• Experience maintaining cloud resources using infrastructure-as-code (CloudFormation CDK etc.)
• Expert scripting language experience (Bash Python etc.) with strong working knowledge of automation.
• Relevant security certifications (CISSP GIAC ISACA CEH CCSP CCSK AWS etc.)
• Equivalent relevant experience performing the essential functions of this job may substitute for education degree requirements. Generally equivalent relevant experience is defined as 1 year of experience for 1 year of education and is the discretion of the hiring manager.

Preferred Qualifications

• 15 years of Information Security experience including an understanding of all security domains
• Strong experience with distance education and distance learning students
• Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies
• Solid understanding of the AWS well architected framework with working experience on implementing the security pillar of the framework
• Working knowledge of federated single sign-on (SSO) solutions
• Experience with designing and implementing native AWS security tools like Guard Duty Security Hub IAM access analyzer Macie Inspector and WAF.
• Technical knowledge of securing containers and applying security controls to container orchestration platform
• Ability to assist in establishing a DevSecOps process using available AWS services
• Practical working experience establishing AWS IAM user groups roles and policies

Job Description Disclaimer: This position description provides the major duties/responsibilities requirements and working conditions for the position. It is intended to be an accurate reflection of the current position however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.

Position & Application Details

Full-Time Regular Positions (classified as regular and working 40 standard weekly hours): This is a full-time regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical dental vision telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual flexible paid sick time with no need for accrual 11 paid holidays and other paid leaves including up to 12 weeks of parental leave.

How to Apply: If interested an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. Its not all-inclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.