Job Description

About the Position:

The IT Security Architect at George Mason University is responsible for designing and maintaining a robust, scalable, and forward-looking security architecture that protects the university’s digital assets, research, and operational systems. This role translates institutional goals and risk management strategies into secure technology solutions, ensuring alignment with GMU’s academic mission and compliance requirements. The architect will lead the development of security frameworks, standards, and best practices across cloud and on-premise environments, while collaborating with stakeholders to integrate security into all phases of IT planning and implementation. This position plays a key role in safeguarding the university’s information systems against evolving cyber threats and ensuring the confidentiality, integrity, and availability of institutional data.

Responsibilities:

Security Architecture Design & Strategy

Develop and maintain enterprise-wide security architecture aligned with business and technology goals;
Create security roadmaps, models, standards, and procedures for cloud and on-premise environments; and
Define baseline configurations and secure design patterns for systems and networks.
Security Risk Management & Assurance

Conduct security reviews and threat modeling for applications and infrastructure;
Validate security configurations and recommend improvements; and
Support internal audits and compliance with regulatory frameworks (e.g., NIST, HIPAA, FERPA).
Collaboration & Stakeholder Engagement

Liaise with other IT Architects, Enterprise Cybersecurity, ITS, and University community to ensure secure practices;
Participate in project planning to integrate security requirements; and
Coordinate with system owners and architects to allocate and implement security controls.
Technology Evaluation & Implementation

Evaluate and recommend security tools and services based on technical and financial metrics;
Support secure deployment of applications and infrastructure, including cloud services; and
Stay current with emerging threats and technologies.
Policy Development & Documentation

Draft and maintain security policies, procedures, and standards; and
Document data flows and security requirements across systems and services.
Required Qualifications:

Bachelor’s degree in related field or the equivalent combination of education and experience;
Hands-on experience with security infrastructure (e.g., firewalls, SIEM, endpoint protection);
Experience with threat modeling and risk assessments;
Experience securing cloud and on-premise environments;
Experience with IAM technologies (e.g., Active Directory, AWS IAM, Okta);
Knowledge:
Enterprise security architecture principles (e.g., SABSA, TOGAF, NIST CSF);
Security technologies (e.g., firewalls, SIEM, IAM, endpoint protection);
Regulatory and compliance frameworks (e.g., HIPAA, FERPA, ISO 27001);
Cloud and on-premise infrastructure security;
Working knowledge of IT service management practices (e.g., change, incident, asset management);
Familiarity with IT infrastructure components (e.g., OS, networks, databases, containers);
Skills:
Strategic planning and roadmap development;
Threat modeling and risk assessment;
Secure system and network design;
Technical documentation and policy writing;
Abilities:
Translate business and risk requirements into technical solutions;
Collaborate across departments and technical teams;
Evaluate and recommend security tools and services;
Communicate complex security topics to non-technical stakeholders;
Other Attributes:
Strong analytical and problem-solving mindset;
Commitment to continuous learning and staying current with threats;
US Citizen; and
One or more of the following: CISSP, CISA, TOGAF, GIAC.
Preferred Qualifications:

Master’s degree in related field;
CISM or other advanced security certifications (e.g., CCSP, CRISC);
Experience in higher education or research environments;
Experience with vendor risk assessments and third-party security reviews;
Experience with OT/IoT security and business continuity planning;
Knowledge:
Advanced understanding of cloud-native security (e.g., AWS, Azure, GCP);
Data protection techniques (e.g., encryption, tokenization);
Operational technology (OT) and IoT security;
Skills:
Financial analysis of security investments (e.g., ROI, TCO);
Project management and cross-functional coordination;
Vendor risk assessment and third-party security reviews;
Abilities:
Lead security architecture in large-scale IT projects;
Influence policy and governance decisions; and
Adapt to evolving technologies and threat landscapes.