A security architect is responsible for designing security structures to impede hacker attacks and malware infections to an organization's computer system. Once these structures are in place, the security architect will test for any weaknesses and audit the entire system. To fully test the system, a third party assessor may need to be brought in to run a thorough penetration test in order to ensure that the system is secure from outside attacks.
A security architect needs to have a thorough understanding of different security controls and sentience on organization's systems in order to learn who has access and where the vulnerable points may be. After making a thorough assessment, recommendations are made to update and improve the security system through software and hardware. User policies and protocols are then set, as well as monitored and enforced. Last but not least, countermeasures are set up that will protect the computer system when an unauthorized user attempts to gain access.
Security architects are required to:
· Understand a company’s technology and information systems
· Plan, research and design security architectures
· Perform vulnerability testing and security assessments
· Research security systems and authentication protocols
· Develop requirements for local, wide, and virtual private networks
· Develop requirements for routers, firewalls, and related network devices
· Design public key infrastructures
· Prepare cost estimates
· Identify integration issues
· Review and approve installation of firewall, VPN, routers, and servers
· Test final security structures
· Provide technical supervision to a security team
· Implement and maintain security policies and procedures
· Oversee security awareness programs
· Respond immediately to security-related incidents
· Provide a thorough post-event analysis
· Update and upgrade security systems
The road to becoming a security architect likely beings with a bachelor’s degree and proceeds through two tiers in the IT world. If you are interested in pursuing a security career into the management level, you will need to consider at least a graduate-level certificate in computer security, as well as any certificates from industry organizations. This graphic shows the various tiers in your profession:
Download Brochure