Security Architect - Job Description?

Security Architect - Job Description?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Security Architect - Job Description? Neil Jones 11-23-2006
Posted by Neil Jones on November 23, 2006, 8:10 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello,

Can someone describe the Security Architect job
description/responsibilities?

In some instances, I am finding Security Architect jobs with configuring
firewalls/ids etc. In other instances, I am seeing on an enterprise
scale which falls into the management (almost) category. Is there any
standard organizational chart that shows the status of Security
Architect in the food chain?

I know this is a very (very) broad question.

Any information is appreciated.

Thank you in advance.

NJ

Posted by =?ISO-8859-1?Q?Lassi_Hippel=E4 on November 24, 2006, 7:08 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Neil Jones wrote:
> Hello,
>
> Can someone describe the Security Architect job
> description/responsibilities?

You may get several answers, all different.

> In some instances, I am finding Security Architect jobs with configuring
> firewalls/ids etc. In other instances, I am seeing on an enterprise
> scale which falls into the management (almost) category. Is there any
> standard organizational chart that shows the status of Security
> Architect in the food chain?

A Security Architect doesn't touch firewalls. The SA can describe what
pinholes are needed for a service to work, but the rest should be left
to the netadmin.

IMHO a Security Architect is an expert who consults management, i.e.
produces only slideware. The job is on the engineering ladder, not
management.

-- Lassi

Posted by Neil Jones on November 24, 2006, 12:02 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Lassi Hippeläinen wrote:
> Neil Jones wrote:
>> Hello,
>>
>> Can someone describe the Security Architect job
>> description/responsibilities?
>
> You may get several answers, all different.
>
>> In some instances, I am finding Security Architect jobs with configuring
>> firewalls/ids etc. In other instances, I am seeing on an enterprise
>> scale which falls into the management (almost) category. Is there any
>> standard organizational chart that shows the status of Security
>> Architect in the food chain?
>
> A Security Architect doesn't touch firewalls. The SA can describe what
> pinholes are needed for a service to work, but the rest should be left
> to the netadmin.
>
> IMHO a Security Architect is an expert who consults management, i.e.
> produces only slideware. The job is on the engineering ladder, not
> management.
>

Thank you for your input. It does make a lot of sense.

NJ

Posted by xpyttl on November 24, 2006, 3:28 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> IMHO a Security Architect is an expert who consults management, i.e.
> produces only slideware. The job is on the engineering ladder, not
> management.

I would color that a little. A security architect needs to understand the
corporation's stategies and objectives, and as such, has to be fluent in
management-speak. In many companies, the architect may well supervise a
staff of security specialists. So the line between management and
engineeering can get a little blurred at the architect level. While a
security architect does need to stay well grounded in engineering
principles, it wouldn't be all that surprising for him to be accused of
being part of "management". Particularly since, as you say, he mainly
produces slideware, goes to meetings, talks on the telephone, and does all
those things managers do.

..



Posted by Helge Olav Helgesen on November 25, 2006, 6:57 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello Neil,

> Can someone describe the Security Architect job
> description/responsibilities?

In what area? development, technical or what?

For me this job description is not enough to tell what you you'll do.

If you work with the management then this job probably will include
1) writing policies, and make sure they are followed.
2) work with the management to identify cost (and value!) of such policies

If you work with the networking department this job would be something like:
1) design a secure network
2) implement it
3) manage it

But whatever job that involves security there is both the technical aspect
and the user aspect. If you make a password policy that requires at least
10 digit password you have a good password, right? But what is the use when
half of the users write it on a post-it note at their keyboard? :)

> In some instances, I am finding Security Architect jobs with
> configuring firewalls/ids etc. In other instances, I am seeing on an
> enterprise scale which falls into the management (almost) category.
> Is there any standard organizational chart that shows the status of
> Security Architect in the food chain?

Don't know. Since I'm from Norway, any chart I show you is probably of no
use for you.
---
Helge Olav Helgesen
http://www.helge.net



Similar ThreadsPosted
Security Architect Needed in VA! July 9, 2006, 5:07 pm
Security Breaches Pandemic - Deloitte Touche 2006 Global Security Survey June 29, 2006, 12:42 am
New site dedicated to security conferences : www.security-briefings.com May 6, 2006, 11:16 am
New It Security News and Information site for security professionals August 6, 2008, 2:46 am
Excellent website for IT Security (Security+) February 8, 2008, 12:32 am
Google Closes Security Holes in Google Base Security November 21, 2005, 5:37 pm
Security IP June 10, 2005, 3:09 pm
BGP Security October 4, 2005, 1:49 pm
MSc IT Security February 28, 2006, 4:42 pm
security+ February 6, 2008, 1:03 pm

The site map in XML format XML site map

Contact Us | Privacy Policy