IT Security Architect

About the Department:

Enterprise Cybersecurity strives to protect George Mason University from threats to data exposure or the loss of integrity or availability of data and systems that the university relies upon. We strive to achieve this goal through partnerships education and the balanced use of effective controls that align with the Universitys responsibilities and mission.

About the Position:

The IT Security Architect at George Mason University is responsible for designing and maintaining a robust scalable and forward-looking security architecture that protects the universitys digital assets research and operational systems. This role translates institutional goals and risk management strategies into secure technology solutions ensuring alignment with GMUs academic mission and compliance requirements. The architect will lead the development of security frameworks standards and best practices across cloud and on-premise environments while collaborating with stakeholders to integrate security into all phases of IT planning and implementation. This position plays a key role in safeguarding the universitys information systems against evolving cyber threats and ensuring the confidentiality integrity and availability of institutional data.

Responsibilities:

Security Architecture Design & Strategy

• Develop and maintain enterprise-wide security architecture aligned with business and technology goals;
• Create security roadmaps models standards and procedures for cloud and on-premise environments; and
• Define baseline configurations and secure design patterns for systems and networks.

Security Risk Management & Assurance

• Conduct security reviews and threat modeling for applications and infrastructure;
• Validate security configurations and recommend improvements; and
• Support internal audits and compliance with regulatory frameworks (e.g. NIST HIPAA FERPA).

Collaboration & Stakeholder Engagement

• Liaise with other IT Architects Enterprise Cybersecurity ITS and University community to ensure secure practices;
• Participate in project planning to integrate security requirements; and
• Coordinate with system owners and architects to allocate and implement security controls.

Technology Evaluation & Implementation

• Evaluate and recommend security tools and services based on technical and financial metrics;
• Support secure deployment of applications and infrastructure including cloud services; and
• Stay current with emerging threats and technologies.

Policy Development & Documentation

• Draft and maintain security policies procedures and standards; and
• Document data flows and security requirements across systems and services.

Required Qualifications:

• Bachelors degree in related field or the equivalent combination of education and experience;
• Hands-on experience with security infrastructure (e.g. firewalls SIEM endpoint protection);
• Experience with threat modeling and risk assessments;
• Experience securing cloud and on-premise environments;
• Experience with IAM technologies (e.g. Active Directory AWS IAM Okta);
• Knowledge:
  • Enterprise security architecture principles (e.g. SABSA TOGAF NIST CSF);
  • Security technologies (e.g. firewalls SIEM IAM endpoint protection);
  • Regulatory and compliance frameworks (e.g. HIPAA FERPA ISO 27001);
  • Cloud and on-premise infrastructure security;
  • Working knowledge of IT service management practices (e.g. change incident asset management);
  • Familiarity with IT infrastructure components (e.g. OS networks databases containers);
• Skills:
  • Strategic planning and roadmap development;
  • Threat modeling and risk assessment;
  • Secure system and network design;
  • Technical documentation and policy writing;
• Abilities:
  • Translate business and risk requirements into technical solutions;
  • Collaborate across departments and technical teams;
  • Evaluate and recommend security tools and services;
  • Communicate complex security topics to non-technical stakeholders;
• Other Attributes:
  • Strong analytical and problem-solving mindset;
  • Commitment to continuous learning and staying current with threats;
• US Citizen; and
• One or more of the following: CISSP CISA TOGAF GIAC.

Preferred Qualifications:

• Masters degree in related field;
• CISM or other advanced security certifications (e.g. CCSP CRISC);
• Experience in higher education or research environments;
• Experience with vendor risk assessments and third-party security reviews;
• Experience with OT/IoT security and business continuity planning;
• Knowledge:
  • Advanced understanding of cloud-native security (e.g. AWS Azure GCP);
  • Data protection techniques (e.g. encryption tokenization);
  • Operational technology (OT) and IoT security;
• Skills:
  • Financial analysis of security investments (e.g. ROI TCO);
  • Project management and cross-functional coordination;
  • Vendor risk assessment and third-party security reviews;
• Abilities:
  • Lead security architecture in large-scale IT projects;
  • Influence policy and governance decisions; and
  • Adapt to evolving technologies and threat landscapes.

Instructions to Applicants:

For full consideration applicants must apply forIT Security Architect at and submit the online application to include three professional references with contact information and provide a Cover Letter and Resume for review.

Posting Open Date:February 6 2026

For Full Consideration Apply by:February 23 2026

Open Until Filled:Yes