Security Architect - Job Description? - Security

This is a discussion on Security Architect - Job Description? - Security ; Hello, Can someone describe the Security Architect job description/responsibilities? In some instances, I am finding Security Architect jobs with configuring firewalls/ids etc. In other instances, I am seeing on an enterprise scale which falls into the management (almost) category. Is ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Security Architect - Job Description?

  1. Security Architect - Job Description?

    Hello,

    Can someone describe the Security Architect job
    description/responsibilities?

    In some instances, I am finding Security Architect jobs with configuring
    firewalls/ids etc. In other instances, I am seeing on an enterprise
    scale which falls into the management (almost) category. Is there any
    standard organizational chart that shows the status of Security
    Architect in the food chain?

    I know this is a very (very) broad question.

    Any information is appreciated.

    Thank you in advance.

    NJ

  2. Re: Security Architect - Job Description?

    Neil Jones wrote:
    > Hello,
    >
    > Can someone describe the Security Architect job
    > description/responsibilities?


    You may get several answers, all different.

    > In some instances, I am finding Security Architect jobs with configuring
    > firewalls/ids etc. In other instances, I am seeing on an enterprise
    > scale which falls into the management (almost) category. Is there any
    > standard organizational chart that shows the status of Security
    > Architect in the food chain?


    A Security Architect doesn't touch firewalls. The SA can describe what
    pinholes are needed for a service to work, but the rest should be left
    to the netadmin.

    IMHO a Security Architect is an expert who consults management, i.e.
    produces only slideware. The job is on the engineering ladder, not
    management.

    -- Lassi

  3. Re: Security Architect - Job Description?

    Lassi Hippeläinen wrote:
    > Neil Jones wrote:
    >> Hello,
    >>
    >> Can someone describe the Security Architect job
    >> description/responsibilities?

    >
    > You may get several answers, all different.
    >
    >> In some instances, I am finding Security Architect jobs with configuring
    >> firewalls/ids etc. In other instances, I am seeing on an enterprise
    >> scale which falls into the management (almost) category. Is there any
    >> standard organizational chart that shows the status of Security
    >> Architect in the food chain?

    >
    > A Security Architect doesn't touch firewalls. The SA can describe what
    > pinholes are needed for a service to work, but the rest should be left
    > to the netadmin.
    >
    > IMHO a Security Architect is an expert who consults management, i.e.
    > produces only slideware. The job is on the engineering ladder, not
    > management.
    >


    Thank you for your input. It does make a lot of sense.

    NJ

  4. Re: Security Architect - Job Description?

    "Lassi Hippeläinen" wrote in message
    news:VgB9h.43399$Nb2.821756@news1.nokia.com...

    > IMHO a Security Architect is an expert who consults management, i.e.
    > produces only slideware. The job is on the engineering ladder, not
    > management.


    I would color that a little. A security architect needs to understand the
    corporation's stategies and objectives, and as such, has to be fluent in
    management-speak. In many companies, the architect may well supervise a
    staff of security specialists. So the line between management and
    engineeering can get a little blurred at the architect level. While a
    security architect does need to stay well grounded in engineering
    principles, it wouldn't be all that surprising for him to be accused of
    being part of "management". Particularly since, as you say, he mainly
    produces slideware, goes to meetings, talks on the telephone, and does all
    those things managers do.

    ...



  5. Re: Security Architect - Job Description?

    Hello Neil,

    > Can someone describe the Security Architect job
    > description/responsibilities?


    In what area? development, technical or what?

    For me this job description is not enough to tell what you you'll do.

    If you work with the management then this job probably will include
    1) writing policies, and make sure they are followed.
    2) work with the management to identify cost (and value!) of such policies

    If you work with the networking department this job would be something like:
    1) design a secure network
    2) implement it
    3) manage it

    But whatever job that involves security there is both the technical aspect
    and the user aspect. If you make a password policy that requires at least
    10 digit password you have a good password, right? But what is the use when
    half of the users write it on a post-it note at their keyboard?

    > In some instances, I am finding Security Architect jobs with
    > configuring firewalls/ids etc. In other instances, I am seeing on an
    > enterprise scale which falls into the management (almost) category.
    > Is there any standard organizational chart that shows the status of
    > Security Architect in the food chain?


    Don't know. Since I'm from Norway, any chart I show you is probably of no
    use for you.
    ---
    Helge Olav Helgesen
    http://www.helge.net



+ Reply to Thread