What Does a Security Architect Do?
The Short Version
A Security Architect designs, builds and oversees the implementation of network and computer security for an organization.
As a senior-level employee, you’ll be responsible for creating complex security structures – and ensuring they work.
Security Architect Responsibilities
Since this is a “big-picture” job, you may be required to:
- Acquire a complete understanding of a company’s technology and information systems
- Plan, research and design robust security architectures for any IT project
- Perform vulnerability testing, risk analyses and security assessments
- Research security standards, security systems and authentication protocols
- Develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices
- Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
- Prepare cost estimates and identify integration issues
- Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers
- Test final security structures to ensure they behave as expected
- Provide technical supervision for (and guidance to) a security team
- Define, implement and maintain corporate security policies and procedures
- Oversee security awareness programs and educational efforts
- Respond immediately to security-related incidents and provide a thorough post-event analysis
- Update and upgrade security systems as needed
Throughout this process, you will be directing members of your programming team and reporting your progress to the CISO.
Security Architect Career Paths
The road to becoming a Security Architect often starts with entry-level security positions such as:
- Security Administrator
- Network Administrator
- System Administrator
This is followed by intermediate-level positions such as:
Once you have achieved your title, you may choose to stay in your position. In large organizations, it’s possible to be promoted to Senior Security Architect or even Chief Security Architect.
Or you could consider becoming a:
The role of “Security Architect” encompasses job titles such as:
- Information Security Architect
- Information Systems Security Architect
Security Architect Salaries
According to Payscale, the median salary for a Security Architect is $119,808 (2018 figures). Overall, you can expect to take home a total pay of $84,295 – $168,334. This includes your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.
Security Architect Job Requirements
Since Security Architects are intimately involved in creating security systems and procedures, employers will require you to have a bachelor’s degree in Computer Science, Cyber Security or a related field.
If you don’t have a bachelor’s degree, you may wish to consider gaining a master’s degree in IT security. You can supplement this qualification with training and certifications.
Security Architects are expected to have at least 5-10 years of relevant IT experience, including exposure to business planning, systems analysis and application development. Plan for 3-5 of those years to be devoted specifically to security.
Knowledge of the following technical skills should prove useful:
- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
- ISO 27001/27002, ITIL and COBIT frameworks
- Windows, UNIX and Linux operating systems
- Perimeter security controls – firewall, IDS/IPS, network access control and network segmentation
- Router, switch and VLAN security; wireless security
- Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
- Practices and methods of IT strategy, enterprise architecture and security architecture
- Network security architecture development and definition
- Knowledge of third party auditing and cloud risk assessment methodologies
Since this is a management role, you should be completely comfortable with your oral, teaching and communication skills. You will often be conveying technical information to a non-technical audience.
Employers are also looking for candidates who are inspiring leaders and strategic problem-solvers. Throughout the year, you will be responsible for managing a wide variety of projects and team members.
Certifications for Security Architects
Due to the nature of your work, employers will be looking for advanced security certifications from accredited bodies. You may wish to consider researching:
- CISSP: Certified Information Systems Security Professional
- CISSP-ISSAP: Information Systems Security Architecture Professional
- CISM: Certified Information Security Manager
- CEH: Certified Ethical Hacker
- CSSA: Certified SCADA Security Architect
- GSEC / GCIH / GCIA: GIAC Security Certifications