Principal Architect - Digital Risk and Resilience (Remote)

Other Jobs To Apply

<div><b>Description</b><br/><br/><strong>Job overview and responsibilities</strong><br/><br/>The Principal Architect - Digital Risk and Resilience is part of a Cybersecurity team that shapes how the enterprise makes risk-informed decisions across technology, operations, and the business. This role drives high-visibility, cross-functional work to integrate Digital Risk Management with partners in Cybersecurity and Digital Risk, Digital Technology, and business owners of risk, helping the enterprise identify, assess, and govern systemic digital risk across critical operational capabilities, with a focus on digital fragility, operational survivability, and safe continuity of operations when digital systems degrade or fail. The Principal Architect will play a central role in defining and maturing the enterprise cyber resiliency program, including dependency mapping across critical capabilities, resilience indicators, systemic exposure assessments, recovery readiness, and executive decision support across United's digital footprint. This role will translate complex digital dependency, concentration, recoverability, and detection risks into decision-grade insight that informs resilience investments, governance priorities, and risk treatment strategies.<br/><br/><ul><li>Lead enterprise-level integration of Digital Risk Management with partners across Cybersecurity and Digital Risk, Digital Technology, and the business to embed risk-based decision making into planning, delivery, governance, and resilience decisions, with explicit focus on systemic digital risk across critical operational capabilities.</li><li>Design, implement, and mature monitoring, visibility, and response-readiness capabilities that move the organization beyond manual, compliance-based approaches toward continuous insight into digital fragility, actionable resilience signals, detection coverage, escalation readiness, and operational exposure across critical services.</li><li>Establish and evolve the enterprise resilience program by defining key resilience indicators, core resiliency capabilities, target outcomes, and implementation roadmaps, while mapping end-to-end digital dependencies for critical operational capabilities, identifying single points of failure, quantifying cross-functional coupling risk, and aligning requirements across Business Continuity, Cybersecurity and Digital Risk, Digital Technology, and business owners of risk.</li><li>Develop practical models, methods, and frameworks for evaluating systemic digital risk in emerging and complex environments, including concentration risk, recoverability complexity, dependency fragility, detection visibility, vendor coupling, and time-to-operational-failure, and translate results into executive-level scorecards and prioritized risk treatment options.</li><li>Improve risk prioritization and decision support at scale by partnering with technical and business stakeholders to assess blast radius, manual fallback capacity, data integrity restoration risk, vendor dependency, and digital safety margin, and operationalize resilience-focused decision support within governance and risk workflows.</li><li>Assess and integrate emerging systemic risk drivers-including AI-enabled threats, identity compromise, cloud control plane disruption, vendor update failure, integration breakdown, and data corruption-into enterprise governance, resilience planning, and risk treatment processes.</li><li>Conduct structured failure simulation and systemic stress testing to assess resilience across critical capabilities, including scenarios involving identity outage, cloud control plane disruption, vendor service failure, integration loss, and data corruption, and use findings to improve recovery sequencing, escalation readiness, and resilience investment priorities.</li></ul><br/><br/><b>Qualifications</b><br/><br/><b><strong>What's needed to succeed (Minimum Qualifications):</strong></b><br/><br/><ul><li>Bachelor's degree in Cybersecurity, Information Technology, Engineering, Risk Management, or a related field</li><li>5+ years of experience in cybersecurity, digital risk, operational resilience, business continuity, technology risk, or related disciplines, including experience working across complex business and technology environments</li><li>Experience applying governance, risk, and compliance concepts and enterprise risk management practices, including cybersecurity, resiliency, and control frameworks in complex business and technology environments</li><li>Knowledge of digital resilience, operational resilience, and business continuity concepts, including the ability to define meaningful indicators, capabilities, and target outcomes, map dependencies across critical operational functions, assess digital fragility, and evaluate recovery realism in support of enterprise resiliency objectives</li><li>Working knowledge of relevant technology domains such as cloud, software development, data platforms, identity, infrastructure, integrations, and security architecture concepts, including how dependencies across these domains affect concentration risk, recoverability, and systemic exposure</li><li>Skill in building practical risk and resiliency models, translating ambiguous or emerging risk issues into actionable frameworks, and using dependency, monitoring, and control insights to improve systemic risk prioritization and executive decision support</li><li>Experience designing or operationalizing monitoring, metrics, or governance mechanisms that move risk programs from periodic assessment toward continuous visibility, resilience signal generation, escalation readiness, and operational exposure management</li><li>Ability to lead change through influence, build awareness and adoption across diverse stakeholder groups, and communicate complex dependency, fragility, and resilience concepts clearly to technical, operational, and executive audiences</li><li>Strong problem solving, critical thinking, interpersonal, collaboration, written, and verbal communication skills, with the ability to work independently, navigate ambiguity, assess systemic exposure, and drive progress in high-visibility environments</li><li>Must be legally authorized to work in the United States for any employer without sponsorship</li><li>Successful completion of interview required to meet job qualification</li><li>Reliable, punctual attendance is an essential function of the position</li></ul><br/><br/><b><strong>What will help you propel from the pack (Preferred Qualifications):</strong></b><br/><br/><ul><li>Master's degree in Cybersecurity, Information Technology, Engineering, Risk Management, or a related field</li><li>Certification such as CISA, CRISC, CISSP, or CISM</li><li>Experience with operational resilience, dependency mapping, enterprise risk governance, or critical service resiliency</li><li>Expert knowledge of governance, risk, and compliance concepts and enterprise risk management practices</li><li>Knowledge of emerging risk drivers, including AI risk management and AI governance practices, and the ability to connect such risks to broader governance, resilience, and enterprise risk structures</li><li>Knowledge of recognized resilience risk management frameworks such as NIST CSF 2.0, NIST operational resilience standards, NIST SP 800-160 Vol. 2, CERT-RMM, or related industry guidance</li></ul><br/><br/>Job Posting Expiration: 8/10/2026</div>

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...