What are the responsibilities of a Security Architect?
A Security Architect is responsible for building, designing and overseeing implementation of computer and network security for a company or organization.
You are a senior level employee. As a result, you will be responsible for creating very complex security structures and making sure that they work.
Since this is a high level job, you cannot expect it to be easy. As a Security Architect, you will deal with the following responsibilities:
- Research, plan and design high end security architectures for IT projects within the organization
- Research security systems, authentication protocols and security standards
- Build up public key infrastructures (PKIs) that includes digital signatures and certification authorities
- Identify integration issues and prepare cost estimates for IT projects
- Install and approve VPN, servers, IDS scanning technologies and firewall
- help security teams by providing technical supervision and guidance
- Oversee any educational efforts or security awareness programs within the organization
- Upgrade and review security systems when required
- Understand and learn all about the technology of an organization and its information systems
- Perform risk analysis, vulnerability testing and security assessments whenever needed
- Create requirements for wide area networks, local area networks, virtual private networks, firewalls, routers and other related network devices wherever applicable
- Test security supervision once implemented to make sure they work perfectly
- Implement, maintain and define different corporate security procedures and policies
- Provide a thorough post event analysis whenever security related incidents take place
Throughout your job responsibilities, you will also be directing the members of your team to report your progress to the operation CISO of your company.
In order to become a Security Architect, you must begin as an entry level professional. Following positions are perfect:
- Network Administrator
- System Administrator
- Security Administrator
You can then move on to the following:
Once you have acquired enough experience, you can either choose to stay in your current position or move on. Many organizations will promote you to a Senior Security Architect or Chief Security Architect based on your experience, performance and skill level.
If your organization does not promote you, you could consider becoming a CISO. This is a better paying position with more branching careers later.
A Security Architect is also known by the following positions:
- Information Systems Security Architect
- Information Security Architect
The average pay of a Security Architect is $114,604 per year. Most companies start the salary at around $81,676 per year. Maximum reported salary in 2016 is $161,534 per year.
Most employers will demand at least a bachelor’s degree in Cyber security, computer sciences or related subjects. This is a tough job that requires a lot of talent and skill. Hence you must be prepared to have a technical degree and work experience at hand.
You can also consider doing related certifications along with a general master’s degree in IT security.
Security Architect is a high end job, as a result you will be required to have a bare minimum experience of 5 years. Some big organizations will require experience ranging from 5-10 years. Your experience should put you through system analysis, business planning and application development.
If you want to become a Security Architect, plan at least 3-5 years ahead and put in most of your time working in security.
A Security Architect job position is a managerial role. This means you should have exceptional teaching, oral and communication skills. Throughout your career, you will be conveying different technical information to laymen.
Most employers look for people with leadership qualities who are keen in problem solving. Throughout your career, they will put you in charge of teams where you will have to deal with a wide variety of IT projects and its assigned team members.
Technical skills are very important for a Security Architect. Here are some of the skills that you should know perfectly:
- ITIL, ISO 27001/27002 and COBIT Frameworks
- Perimeter security protocols like IDS/IPS, Firewall, network segmentation and network access control
- Knowledge of security concepts related to authentication, DNS, routing, proxy services, VPN and DDOS mitigation technologies
- Network security architecture definition and development
- Policy formation, authentication technologies, risk assessment procedures, role based authorization methodologies and security attack pathologies
- Linux, Unix and Windows Operating systems
- switch, VLAN security, wireless security and routers
- Methods and Practices of IT strategy, security architecture and enterprise architecture
- Understanding of third party cloud risk assessment methodologies and auditing
A Security Architect is expected to carry advanced certifications. No basic level certifications will carry any weight. Consider getting these:
CISSP-ISSAP: Information Systems Security Architecture Professional
CEH: Certified Ethical Hacker
CISSP: Certified Information Systems Security Professional
CISM: Certified Information Security Manager
CSSA: Certified SCADA Security Architect
Latest posts by Jake Ciber (see all)
- USA Muni market is slowly paying attention to cyber risks - June 15, 2017
- The cybersecurity industry will face massive worker shortfall by 2022 - June 8, 2017
- Is cybersecurity a threat to our interconnected future? - May 22, 2017