Principal IT Security Architect (Threat Detection)

If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:
 

Pay Range: $157,000.00 - $243,400.00

Job Description

*This opportunity will be on-site in our future Raleigh, NC location*

Western Governors University (WGU) is on a mission to expand access to education and empower students through affordable, high-quality online learning. As a Principal IT Security Architect (Threat Detection), you’ll be critical in securing the systems that make this mission possible.

This role is not just about protecting infrastructure—it's about enabling the future of learning. You’ll join a forward-thinking, collaborative security team that is deeply invested in innovation, cloud-native solutions, and proactive threat detection. If you're excited by the opportunity to lead security initiatives from strategy to implementation and to build systems that help protect the digital experience of over 170,000 students nationwide, we want to hear from you.

This is your chance to do meaningful work that supports WGU’s students—and to have fun doing it with a smart, tight-knit team that values trust, curiosity, and a shared commitment to learning.

Essential Functions and Responsibilities

• Architect and lead development of advanced threat detection capabilities, aligning with frameworks such as MITRE ATT&CK and building custom use cases.

• Implement and enhance SOAR functionality to automate threat response, improve efficiency, and support compliance across the university.

• Design and deploy scalable, cloud-native security solutions using tools like AWS GuardDuty, Security Hub, IAM Access Analyzer, Macie, Inspector, and WAF.

• Drive implementation of the AWS Well-Architected Framework, with a focus on the Security Pillar.

• Collaborate cross-functionally with IT, engineering, and compliance teams to integrate DevSecOps principles and improve secure development practices.

• Lead security projects and initiatives across multiple domains, from concept to deployment.

• Contribute as a thought partner and mentor to elevate the overall security strategy and maturity of the team.

Knowledge, Skills and Abilities

• Expertise in threat detection, incident response, and designing detection logic using MITRE-aligned methods.

• Deep experience working with SIEM platforms (Devo or similar), developing custom use cases, and optimizing for performance and accuracy.

• Solid understanding of cloud security, especially within AWS environments.

• Hands-on experience implementing and automating security operations through SOAR tools.

• Strong project leadership skills with the ability to work independently and cross-functionally.

• Passion for innovation, curiosity, and continuous learning.

Minimum Qualifications

• Master's Degree in IT Security, Computer Science, Engineering or related field

• 10 years of Information Security experience, including an understanding of all security domains

• Experience implementing MITRE ATT&CK Framework

• Recognized expert or thought leader in the area of threat detection

• Hands-on experience creating, designing, and implementing SIEM content security rules to detect malicious, suspicious, and/or abnormal events.

• Experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)

• Equivalent relevant experience performing the essential functions of this job may substitute for education degree requirements. Generally, equivalent relevant experience is defined as 1 year of experience for 1 year of education and is the discretion of the hiring manager.

Preferred Qualifications

• 15 years of Information Security experience, including an understanding of all security domains

• CISSP, CCSP, AWS Security, or SANS certifications.

• Master’s degree in IT Security, Risk Management, or a related field.

• Experience securing containerized environments and cloud workloads.

• Familiarity with SSO, IAM policies, and federated identity systems.

• Experience in distance education or supporting large-scale online learning environments.

​ Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements and working conditions for the position. It is intended to be an accurate reflection of the current position, however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.

#LI-aw2

Position & Application Details

Full-Time Regular Positions (classified as regular and working 40 standard weekly hours): This is a full-time, regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical, dental, vision, telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident, critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave.

How to Apply: If interested, an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at recruiting@wgu.edu.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.