Security Architect, Product

About The Position

Requirements

• Meaningful experience in security architecture, application security, or cloud security, with ownership of architectural decisions and trade-offs.
• Strong understanding of security risks in modern multi-tenant SaaS architectures (APIs, microservices/event-driven patterns, identity, data protection).
• Experience leading threat modeling, architecture reviews, and risk assessments, translating findings into clear, actionable guidance for technical and non-technical audiences.
• Cloud security depth (AWS preferred; comparable depth in Azure or GCP is valued).
• Experience securing third-party and customer integrations at scale (e.g., SSO/identity federation and data exchange).
• A pragmatic, risk-based approach and comfort operating with ambiguity, able to exercise agency and make decisions within guardrails.
• AI-native behavior: you actively use AI today (work or personal) and can articulate where it helps, where it introduces risk, and the guardrails you apply.
• Strong collaboration and influence skills; able to challenge ideas respectfully, mentor others, and partner effectively across engineering, product, privacy, and compliance.
• A passion for expanding educational and career opportunities and mission-driven work
• Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and comfort with learning and applying new digital tools independently and proactively.
• Clear and concise communication skills, written and verbal
• A learner's mindset and a commitment to growth: welcoming diverse perspectives, giving and receiving timely, respectful feedback, and continuously improving through iterative learning and user input.
• A drive for impact and excellence: solving complex problems, making data-informed decisions, prioritizing what matters most, and continuously improving through learning, user input, and external benchmarking.
• A collaborative and empathetic approach: working across differences, fostering trust, and contributing to a culture of shared success
• Authorization to work in the United States

Nice To Haves

• Experience in K–12 or higher education ecosystems (e.g., SIS/classroom platforms) is a strong advantage.

Responsibilities

• Secure SaaS Architectures (50%): Serve as a trusted security advisor to engineering and product teams, offering clear guidance on secure architecture, design decisions, and remediation strategies. Review system and application architectures, identifying gaps, recommending enhancements, and aligning solutions with College Board’s Product Security Framework and zero-trust principles. Partner with product teams early in the lifecycle to conduct architectural assessments, threat modeling, and data flow review, ensuring that secure-by-design practices guide every phase of development. Advise on secure implementation of cloud-native services, client/mobile applications, IAM, encryption, storage, access control and data protection, and serverless design patterns. Provide architectural guidance that supports audit and compliance readiness by ensuring security and privacy requirements are reflected in system design, technical controls, and documented patterns. Support the evaluation of new technologies, third-party integrations, and design proposals to assess security impact and ensure alignment to enterprise standards, including large-scale customer integrations (SSO/identity federation and data exchange) common in K–12 and higher education ecosystems Partner with engineering teams to evaluate failure modes, dependency risks, and systemic weaknesses as part of architectural reviews and threat modeling. Embed deeply within one of more product domains, partnering early with engineering and product teams as the primary security architecture advisor. Lead risk-based trade-off discussions (security, privacy, usability, delivery), documenting key decisions and rationale to help teams move quickly and consistently.
• Elevate Product Security (25%): Lead the creation and documentation of secure architectural reference patterns for recurring use cases across College Board (e.g., external API patterns, secure data ingestion). Collaborate with other architects to shape the long-term technical strategy for secure software and cloud architecture. Contribute to the continuous improvement of Product Security standards and threat modeling methodologies, ensuring consistency and scalability. Analyze emerging security and privacy threats, industry trends, and cloud-security advancements to proactively update architectural patterns and security guidance. Mentor junior security engineers and developers, providing coaching on architectural thinking, secure design, and modern application security concepts. Work with security partner team in maturing product-specific risk registers.
• Improve Product Security Operations (25%): Partner with engineering, DevSecOps, and cloud platform teams to create secure design patterns in CI/CD, infrastructure-as-code, and runtime environments. Support the design of security and platform guardrails that improve system resilience at scale, including secure defaults, automated rollback, isolation controls, and observable failure detection. Support governance workflows as stakeholders in broader multi-team processes. Contribute to development of metrics, KPIs, and maturity indicators to measure architectural security posture and influence roadmap planning. Assist in implementing automated guardrails and tooling that enforce architectural best practices at scale. Participate in evaluating and improving new and existing security policies and standards, tools, and controls across the organization to enhance the overall security posture.

Benefits

• Annual bonuses and opportunities for merit-based raises and promotions
• A mission-driven workplace where your impact matters
• A team that invests in your development and success