Security Architect at Project Kitty Hawk

Who We Are

PKH is a nonprofit ed tech company designed to help the University of North Carolina System grow the number of adult learners through online delivery at the undergraduate level. We are equipping universities within the UNC System with best-in-class technology, processes, and student support solutions so they can better compete with out-of-state, online universities.

The Role

The Security Architect role is focused on security operations for Project Kitty Hawk (PKH) by leading security best practices across the organization. You will have the chance to create and execute a plan for developing a strategy for internal operations, SaaS applications, and Public Cloud environments. This role will partner with vendors to ensure best-in-class security practices are considered, designed, and implemented. This position will oversee and take part in the incident response planning and exercises for internal operations and our managed services partners.

• Communicate the value of Information Technology (IT) security and present at various levels of technical detail depending on the audience, ranging from cybersecurity deep dives to non-technical stakeholders.
• Strong understanding of cybersecurity concepts, standards, guidelines, principles, & frameworks (e.g., NIST, Zero Trust Architecture, SOC 2).
• Assist in ensuring compliance with system security configuration guidelines to mitigate security risks. 
• Update and manage documentation, policies, procedures, runbooks, standards, and playbooks to align with evolving requirements and threats.
• Supply information that will be shared which includes technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to senior leadership to ensure sound security principles are reflected in the organization's vision and goals.
• Monitor and document the outcomes of the audit process, including any identified deficiencies and suggested improvements, to guarantee they are implemented effectively. 
• Report metrics and scorecards to measure the effectiveness and efficiency of detection and response capabilities.
• Recognize a possible security violation and take proper action to report an incident, as required by supervising and managing corrective measures when a cybersecurity incident or vulnerability is discovered.
• Lead regular incident response and postmortem exercises, with an emphasis on creating measurable benchmarks to show progress.
• Demonstrate strong interpersonal skills to collaborate with colleagues across levels and influence without formal authority.
• Use federal and organization-specific published documents to manage operations of their computing environment system(s).
• Forecast ongoing service demands and ensure that security assumptions are reviewed as necessary.
• Completes other reasonable duties, as assigned occasionally, to meet the Company's ongoing needs.

• 8+ years of experience in specific technology domain areas (e.g., software development, cloud computing, systems engineering, infrastructure, security, networking, data & analytics).
• 5+ years of experience developing, leading, and supporting organizational risk management processes. Experience in higher education is a plus.
• Experience in business continuity and disaster recovery continuity plans, including plan development and operationalization.
• Experience working with vendors to support business security practices.
• Knowledge of cybersecurity and privacy principles related to the use, processing, storing, and transmitting information or data.
• Knowledge of cyber threats, vulnerabilities, and specific operational impacts of cybersecurity lapses. 
• Driven self-starter with an appetite for new challenges.
• Strong project management abilities and excellent organizational skills to manage multiple projects simultaneously.
• Creative problem solver with common sense and practical solutions orientation; must be passionate about technology and security's role in improving business performance.
• Bachelor's Degree, Masters preferred in security-related field.

*This position is remote, but based in North Carolina*

Project Kitty Hawk is an Equal Opportunity Employer that does not discriminate based on actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state, or local laws.    

Project Kitty Hawk is dedicated to this policy concerning recruitment, hiring, placement, promotion, training, compensation, benefits, employee activities, and general treatment during employment. For individuals with disabilities who would like to request an accommodation, please contact Yasemin Rodriguez at ytrodriguez@projectkittyhawk.com.