What is a Security Architect?
A security architect is a senior-level employee who is responsible for designing, building and maintaining the security structures for an organization's computer system.
Thinking like a malicious hacker helps a security architect become adept at understanding and anticipating the moves and tactics that a hacker might use to try and gain unauthorized access to the computer system. Throughout the process, security architects report their progress to the CISO.
What does a Security Architect do?
A security architect is responsible for designing security structures to thwart malware and hacker intrusions to an organization's computer system. Once these structures are in place, the security architect will test for any weaknesses and audit the entire system. To fully test the system, an outside ethical hacker may need to be brought in to run a thorough penetration test in order to ensure that the system is secure from outside attacks.
A security architect needs to have a thorough understanding of an organization's systems in order to learn who has access and where the vulnerable points may be. After making a thorough assessment, recommendations are made to update and improve the security system through software and hardware. User policies and protocols are then set, as well as monitored and enforced. Last but not least, countermeasures are set up that will protect the computer system when an unauthorized user attempts to gain access.
Security architects are required to:
- Understand a company’s technology and information systems
- Plan, research and design security architectures
- Perform vulnerability testing and security assessments
- Research security systems and authentication protocols
- Develop requirements for local, wide, and virtual private networks
- Develop requirements for routers, firewalls, and related network devices
- Design public key infrastructures
- Prepare cost estimates
- Identify integration issues
- Review and approve installation of firewall, VPN, routers, and servers
- Test final security structures
- Provide technical supervision to a security team
- Implement and maintain security policies and procedures
- Oversee security awareness programs
- Respond immediately to security-related incidents
- Provide a thorough post-event analysis
- Update and upgrade security systems
What is the workplace of a Security Architect like?
It is important for security architects to stay up to date with all the latest and current developments in both the security end as well as the attacking end. It is important to know how to communicate with staff and how to think of creative solutions and innovation. Security architects need to be comfortable being a mentor, and working with employees who are experiencing difficulties and need help.
Security architects work at least 40 hours a week if not more. Depending on their specific job duties, developers may work as part of a team, independently, or through telecommunication.
Security Architects are also known as:
IT Security Architect Information Systems Security Architect Enterprise Information Security Architect