[Hiring] Security Architect, Product @College Board

Role Description

As a Product Security Architect, you will serve as a trusted advisor to product teams building and operating multi-tenant SaaS applications that support millions of students. You’ll guide secure-by-design architecture, lead threat modeling and design reviews, and help teams make practical trade-offs across security, privacy, resilience, and delivery.

This role requires strong judgment and agency. You will be expected to make risk-based decisions within established guardrails, knowing when to escalate and when to move forward independently. You will also help shape security architecture for high-trust assessment experiences and large-scale integrations common in K–12 and higher education ecosystems.

• Secure SaaS Architectures (50%)
  • Serve as a trusted security advisor to engineering and product teams, offering clear guidance on secure architecture, design decisions, and remediation strategies.
  • Review system and application architectures, identifying gaps, recommending enhancements, and aligning solutions with College Board’s Product Security Framework and zero-trust principles.
  • Partner with product teams early in the lifecycle to conduct architectural assessments, threat modeling, and data flow review, ensuring that secure-by-design practices guide every phase of development.
  • Advise on secure implementation of cloud-native services, client/mobile applications, IAM, encryption, storage, access control and data protection, and serverless design patterns.
  • Provide architectural guidance that supports audit and compliance readiness by ensuring security and privacy requirements are reflected in system design, technical controls, and documented patterns.
  • Support the evaluation of new technologies, third-party integrations, and design proposals to assess security impact and ensure alignment to enterprise standards, including large-scale customer integrations (SSO/identity federation and data exchange) common in K–12 and higher education ecosystems.
  • Partner with engineering teams to evaluate failure modes, dependency risks, and systemic weaknesses as part of architectural reviews and threat modeling.
  • Embed deeply within one or more product domains, partnering early with engineering and product teams as the primary security architecture advisor.
  • Lead risk-based trade-off discussions (security, privacy, usability, delivery), documenting key decisions and rationale to help teams move quickly and consistently.
• Elevate Product Security (25%)
  • Lead the creation and documentation of secure architectural reference patterns for recurring use cases across College Board (e.g., external API patterns, secure data ingestion).
  • Collaborate with other architects to shape the long-term technical strategy for secure software and cloud architecture.
  • Contribute to the continuous improvement of Product Security standards and threat modeling methodologies, ensuring consistency and scalability.
  • Analyze emerging security and privacy threats, industry trends, and cloud-security advancements to proactively update architectural patterns and security guidance.
  • Mentor junior security engineers and developers, providing coaching on architectural thinking, secure design, and modern application security concepts.
  • Work with security partner team in maturing product-specific risk registers.
• Improve Product Security Operations (25%)
  • Partner with engineering, DevSecOps, and cloud platform teams to create secure design patterns in CI/CD, infrastructure-as-code, and runtime environments.
  • Support the design of security and platform guardrails that improve system resilience at scale, including secure defaults, automated rollback, isolation controls, and observable failure detection.
  • Support governance workflows as stakeholders in broader multi-team processes.
  • Contribute to development of metrics, KPIs, and maturity indicators to measure architectural security posture and influence roadmap planning.
  • Assist in implementing automated guardrails and tooling that enforce architectural best practices at scale.
  • Participate in evaluating and improving new and existing security policies and standards, tools, and controls across the organization to enhance the overall security posture.

Qualifications

• Meaningful experience in security architecture, application security, or cloud security, with ownership of architectural decisions and trade-offs.
• Strong understanding of security risks in modern multi-tenant SaaS architectures (APIs, microservices/event-driven patterns, identity, data protection).
• Experience leading threat modeling, architecture reviews, and risk assessments, translating findings into clear, actionable guidance for technical and non-technical audiences.
• Cloud security depth (AWS preferred; comparable depth in Azure or GCP is valued).
• Experience securing third-party and customer integrations at scale (e.g., SSO/identity federation and data exchange).
• Experience in K–12 or higher education ecosystems (e.g., SIS/classroom platforms) is a strong advantage.
• A pragmatic, risk-based approach and comfort operating with ambiguity, able to exercise agency and make decisions within guardrails.
• AI-native behavior: you actively use AI today (work or personal) and can articulate where it helps, where it introduces risk, and the guardrails you apply.
• Strong collaboration and influence skills; able to challenge ideas respectfully, mentor others, and partner effectively across engineering, product, privacy, and compliance.

Requirements

• A passion for expanding educational and career opportunities and mission-driven work.
• Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and comfort with learning and applying new digital tools independently and proactively.
• Clear and concise communication skills, written and verbal.
• A learner's mindset and a commitment to growth: welcoming diverse perspectives, giving and receiving timely, respectful feedback, and continuously improving through iterative learning and user input.
• A drive for impact and excellence: solving complex problems, making data-informed decisions, prioritizing what matters most, and continuously improving through learning, user input, and external benchmarking.
• A collaborative and empathetic approach: working across differences, fostering trust, and contributing to a culture of shared success.
• Authorization to work in the United States.

Benefits

• At College Board, we offer more than a paycheck- we provide a meaningful career, a supportive team, and a comprehensive package designed to help you thrive.
• A Thoughtful Approach to Compensation: The hiring range for this role is $156,000–$172,000. Your exact salary will depend on your location, experience, and how your background compares to others in similar roles at the College Board.
• We aim to make our best offer upfront, rooted in fairness, transparency, and market data.
• We adjust salaries by location to ensure fairness, no matter where you live.
• You’ll have open, transparent conversations about compensation, benefits, and what it’s like to work at College Board throughout your hiring process.