Serve as a trusted security advisor to engineering and product teams, offering clear guidance on secure architecture, design decisions, and remediation strategies.
Review system and application architectures, identifying gaps, recommending enhancements, and aligning solutions with College Board’s Product Security Framework and zero-trust principles.
Partner with product teams early in the lifecycle to conduct architectural assessments, threat modeling, and data flow review, ensuring that secure-by-design practices guide every phase of development.
Advise on secure implementation of cloud-native services, client/mobile applications, IAM, encryption, storage, access control and data protection, and serverless design patterns.
Provide architectural guidance that supports audit and compliance readiness by ensuring security and privacy requirements are reflected in system design, technical controls, and documented patterns.
Support the evaluation of new technologies, third-party integrations, and design proposals to assess security impact and ensure alignment to enterprise standards, including large-scale customer integrations (SSO/identity federation and data exchange) common in K–12 and higher education ecosystems.
Lead risk-based trade-off discussions (security, privacy, usability, delivery), documenting key decisions and rationale to help teams move quickly and consistently.
Lead the creation and documentation of secure architectural reference patterns for recurring use cases across College Board (e.g., external API patterns, secure data ingestion).
Requirements
Meaningful experience in security architecture, application security, or cloud security, with ownership of architectural decisions and trade-offs.
Strong understanding of security risks in modern multi-tenant SaaS architectures (APIs, microservices/event-driven patterns, identity, data protection).
Experience leading threat modeling, architecture reviews, and risk assessments, translating findings into clear, actionable guidance for technical and non-technical audiences.
Cloud security depth (AWS preferred; comparable depth in Azure or GCP is valued).
Experience securing third-party and customer integrations at scale (e.g., SSO/identity federation and data exchange).
Experience in K–12 or higher education ecosystems (e.g., SIS/classroom platforms) is a strong advantage.
A pragmatic, risk-based approach and comfort operating with ambiguity, able to exercise agency and make decisions within guardrails.
Strong collaboration and influence skills; able to challenge ideas respectfully, mentor others, and partner effectively across engineering, product, privacy, and compliance.
Tech Stack
AWS
Azure
Cloud
Google Cloud Platform
Microservices
Benefits
Annual bonuses and opportunities for merit-based raises and promotions
A mission-driven workplace where your impact matters
A team that invests in your development and success