Security Architect, Product

The College Board

Product Security Architect at College Board serving as trusted advisor for secure SaaS architecture, leading threat modeling, and collaborating across teams. Focused on K–12 and higher education ecosystems.

Posted 5/30/2026full-time🇺🇸 United StatesJunior💰 $156,000 - $172,000 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudGoogle Cloud PlatformMicroservices

About the role

Key responsibilities & impact

Serve as a trusted security advisor to engineering and product teams, offering clear guidance on secure architecture, design decisions, and remediation strategies.
Review system and application architectures, identifying gaps, recommending enhancements, and aligning solutions with College Board’s Product Security Framework and zero-trust principles.
Partner with product teams early in the lifecycle to conduct architectural assessments, threat modeling, and data flow review, ensuring that secure-by-design practices guide every phase of development.
Advise on secure implementation of cloud-native services, client/mobile applications, IAM, encryption, storage, access control and data protection, and serverless design patterns.
Provide architectural guidance that supports audit and compliance readiness by ensuring security and privacy requirements are reflected in system design, technical controls, and documented patterns.
Support the evaluation of new technologies, third-party integrations, and design proposals to assess security impact and ensure alignment to enterprise standards, including large-scale customer integrations (SSO/identity federation and data exchange).
Partner with engineering teams to evaluate failure modes, dependency risks, and systemic weaknesses as part of architectural reviews and threat modeling.
Lead risk-based trade-off discussions (security, privacy, usability, delivery), documenting key decisions and rationale to help teams move quickly and consistently.

Requirements

What you’ll need

Meaningful experience in security architecture, application security, or cloud security, with ownership of architectural decisions and trade-offs.
Strong understanding of security risks in modern multi-tenant SaaS architectures (APIs, microservices/event-driven patterns, identity, data protection).
Experience leading threat modeling, architecture reviews, and risk assessments, translating findings into clear, actionable guidance for technical and non-technical audiences.
Cloud security depth (AWS preferred; comparable depth in Azure or GCP is valued).
Experience securing third-party and customer integrations at scale (e.g., SSO/identity federation and data exchange).
Experience in K–12 or higher education ecosystems (e.g., SIS/classroom platforms) is a strong advantage.
A pragmatic, risk-based approach and comfort operating with ambiguity, able to exercise agency and make decisions within guardrails.
AI-native behavior: you actively use AI today (work or personal) and can articulate where it helps, where it introduces risk, and the guardrails you apply.
Strong collaboration and influence skills; able to challenge ideas respectfully, mentor others, and partner effectively across engineering, product, privacy, and compliance.

Benefits

Comp & perks

Annual bonuses and opportunities for merit-based raises and promotions
A mission-driven workplace where your impact matters
A team that invests in your development and success

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security architectureapplication securitycloud securitythreat modelingarchitecture reviewsrisk assessmentsdata protectionidentity and access management (IAM)encryptionserverless design patterns

Soft Skills

collaborationinfluencementoringrisk-based decision makingcomfort with ambiguityclear communicationguidancechallenge ideas respectfullyagencydocumentation