IT Security Architect

Edtech.com's Summary

George Mason University is hiring an IT Security Architect. This role designs and maintains the university's security architecture, aligns security strategies with institutional goals, and safeguards digital assets by developing frameworks and collaborating with stakeholders across IT environments.

Highlights

Develop and maintain enterprise-wide security architecture and strategic roadmaps.
Conduct security risk assessments, threat modeling, and validate security configurations.
Collaborate with IT architects, cybersecurity teams, and university departments to integrate security measures.
Evaluate and recommend security tools and support secure deployment of applications including cloud services.
Draft and maintain security policies, procedures, and documentation.
Requires experience with security infrastructure such as firewalls, SIEM, endpoint protection, and IAM technologies.
Must be knowledgeable in enterprise security frameworks (e.g., SABSA, TOGAF, NIST CSF) and regulatory compliance (HIPAA, FERPA).
Qualifications include a bachelor’s degree or equivalent experience, US citizenship, and certifications like CISSP, CISA, or TOGAF.
Preferred qualifications include a master's degree, advanced certifications (CISM, CCSP), and experience with cloud-native security and vendor risk assessments.
Position involves leadership in security architecture for large-scale projects and influences security policy and governance.

IT Security Architect Full Description

Department: Information Technology

Classification: Info Technology Spec 3

Job Category:Â Classified Staff

Job Type:Â Full-Time

Work Schedule:Â Full-time (1.0 FTE, 40 hrs/wk)

Location: Fairfax, VA

Workplace Type:Â On Site Required

Sponsorship Eligibility:Â Not eligible for visa sponsorship

Pay Band:Â 06

Salary:Â Salary commensurate with education and experience

Criminal Background Check:Â Yes

About the Department:

Enterprise Cybersecurity strives to protect George Mason University from threats to data exposure, or the loss of integrity or availability of data and systems that the university relies upon. We strive to achieve this goal through partnerships, education and the balanced use of effective controls that align with the University's responsibilities and mission.

About the Position:

The IT Security Architect at George Mason University is responsible for designing and maintaining a robust, scalable, and forward-looking security architecture that protects the universityâs digital assets, research, and operational systems. This role translates institutional goals and risk management strategies into secure technology solutions, ensuring alignment with GMUâs academic mission and compliance requirements. The architect will lead the development of security frameworks, standards, and best practices across cloud and on-premise environments, while collaborating with stakeholders to integrate security into all phases of IT planning and implementation. This position plays a key role in safeguarding the universityâs information systems against evolving cyber threats and ensuring the confidentiality, integrity, and availability of institutional data.

Responsibilities:

Security Architecture Design & Strategy

Develop and maintain enterprise-wide security architecture aligned with business and technology goals;
Create security roadmaps, models, standards, and procedures for cloud and on-premise environments; and
Define baseline configurations and secure design patterns for systems and networks.

Security Risk Management & Assurance

Conduct security reviews and threat modeling for applications and infrastructure;
Validate security configurations and recommend improvements; and
Support internal audits and compliance with regulatory frameworks (e.g., NIST, HIPAA, FERPA).Â

Collaboration & Stakeholder Engagement

Liaise with other IT Architects, Enterprise Cybersecurity, ITS, and University community to ensure secure practices;
Participate in project planning to integrate security requirements; and
Coordinate with system owners and architects to allocate and implement security controls.

Technology Evaluation & Implementation

Evaluate and recommend security tools and services based on technical and financial metrics;
Support secure deployment of applications and infrastructure, including cloud services; and
Stay current with emerging threats and technologies.

Policy Development & Documentation

Draft and maintain security policies, procedures, and standards; and
Document data flows and security requirements across systems and services.Â

Required Qualifications:

Bachelorâs degree in related field or the equivalent combination of education and experience;
Hands-on experience with security infrastructure (e.g., firewalls, SIEM, endpoint protection);
Experience with threat modeling and risk assessments;
Experience securing cloud and on-premise environments;
Experience with IAM technologies (e.g., Active Directory, AWS IAM, Okta);
Knowledge:
- Enterprise security architecture principles (e.g., SABSA, TOGAF, NIST CSF);
- Security technologies (e.g., firewalls, SIEM, IAM, endpoint protection);
- Regulatory and compliance frameworks (e.g., HIPAA, FERPA, ISO 27001);
- Cloud and on-premise infrastructure security;
- Working knowledge of IT service management practices (e.g., change, incident, asset management);
- Familiarity with IT infrastructure components (e.g., OS, networks, databases, containers);
Skills:
- Strategic planning and roadmap development;
- Threat modeling and risk assessment;
- Secure system and network design;Â
- Technical documentation and policy writing;
Abilities:
- Translate business and risk requirements into technical solutions;
- Collaborate across departments and technical teams;
- Evaluate and recommend security tools and services;
- Communicate complex security topics to non-technical stakeholders;
Other Attributes:
- Strong analytical and problem-solving mindset;
- Commitment to continuous learning and staying current with threats;
US Citizen; and
One or more of the following: CISSP, CISA, TOGAF, GIAC.

Preferred Qualifications:

Masterâs degree in related field;
CISM or other advanced security certifications (e.g., CCSP, CRISC);
Experience in higher education or research environments;
Experience with vendor risk assessments and third-party security reviews;
Experience with OT/IoT security and business continuity planning;
Knowledge:
- Advanced understanding of cloud-native security (e.g., AWS, Azure, GCP);
- Data protection techniques (e.g., encryption, tokenization);
- Operational technology (OT) and IoT security;
Skills:
- Financial analysis of security investments (e.g., ROI, TCO);
- Project management and cross-functional coordination;
- Vendor risk assessment and third-party security reviews;
Abilities:
- Lead security architecture in large-scale IT projects;
- Influence policy and governance decisions; and
- Adapt to evolving technologies and threat landscapes.

Instructions to Applicants:Â

For full consideration, applicants must apply forÂ IT Security Architect at https://jobs.gmu.edu/.Â Complete and submit the online application to include three professional references with contact information, and provide a Cover Letter and Resume for review.

Posting Open Date:Â February 6, 2026

For Full Consideration, Apply by:Â Â February 23, 2026

Open Until Filled:Â Â Yes

Original Job Description