Who is a Security Architect?
A security architect takes on a vital role in an IT department. You'll design systems, manage employees and help evolve the security needs of the organization. You can rise to this senior-level position once you have garnered extensive experience and credentials in the computer security field.
As a security architect, your job is primarily with 'designing' security systems to thwart all kinds of malwares, hacker intrusions and Denial of Service attacks. Once your designed security system is in its place, you will need to test for any vulnerabilities and audit the entire system. To fully test your system, you may need specialized Security Auditor in-house or you may have to hire an outside consultant who can run a thorough penetration test to ensure that the system is secure from outside attacks.
When new standards and procedures are rolled out, it will be your responsibility to instruct your staff on these matters. As a management-level employee, you will likely need to stay abreast of current trends in the security field. You will need to travel to conferences and stay abreast of industry publications.
When you are up-to-date on trends in the industry, you will be equipped to assess when and how to upgrade your system. You will then need to oversee the roll out of new software packages, ensuring the integrity of the overall network while you do installations and uninstalls. After such upgrades, you can then perform a new audit to catch any software conflicts or glitches.
How A Security Architect is different from Security Auditor?
Usually, Security architects and auditors work in the same departments but the chief difference between the two is that the architect is frequently the auditor’s manager. The Security Architect is the one who designs and supervises the rollout of a system, and frequently the auditor is on the team of staffers who implement that roll out.
Security Architect: The architect is the one who designs and oversees the roll out of a system.
Security Auditor: The auditor is on the team of staffers who physically implement that roll out.
Once security architect’s system is in a proper place, it comes to the auditor to test it and ensure that it is sound. He or she will carry out the tests and examine the results to see if there are any battles between several software packages and regulate how to resolve any conflicts effectively. The architect will be required to review the auditor’s findings and then the two will discuss and decide how to continue.
Unlike the auditor, if you are an architect then you are required to perform other managerial duties such as reviewing costs as well as budgetary estimates. You are also required to ensure that new software costs are within the budget and that any external consultants can be paid promptly. You will regularly require to be prepared to protect any new-fangled expenses to the CISO or CEO of the company.
More often, Security Architect is the Senior Management profile. Regardless of what career path you take to reach this profile, you are expected to possess the knowledge of the following topics:
-
Risk management and assessment procedures
-
Enterprise and security architecture
-
Network security and architecture
-
Wired and wireless security
-
Windows, Unix and Linux operating systems
-
Security attack pathologies
-
Cyber law and ethics
A Security Architect should understand a lot about the business they’re trying to secure. They should have a working knowledge of cloud technologies, understand who the big players are, and the differences between their offerings.
As a Security Architect, You would spend a large amount of your time in planning, designing and engineering automated workflows for Incident Response and Threat Hunting. This would require you to become an expert in SIEM, Endpoint Detection and Response (EDR), Case Management, Threat Intelligence, and collaborative analyst workspaces (ChatOps), etc.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
30,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM