In this video, Marc Menninger describes key roles and functions performed by IT security architects. Discover which skills and certifications IT security architects are expected to have. Learn how many years of experience and other requirements you'll need to qualify for this high-demand IT security job.
- [Instructor] IT security architects plan, research, and design security architectures and ensure that they are deployed properly. Since IT Security Architect is often a senior-level role, with much responsibility, it is not unusual for architects to provide technical supervision for and guidance to a security team. As an IT Security Architect, you might be responsible for designing an architecture that looks like this, for example. You'd know what all the components do, why they are necessary, where they belong, and how they work together.
You'd also be able to review the security configurations of each of the components to ensure that they are providing the level of security required by the organization. As the designer of this architecture, you'd be responsible for identifying integration issues for each component, as well as preparing cost estimates. In addition to IT Security Architect, common job titles include information security architect, information systems security architect, and cyber security architect. Architects are among the highest skilled of all IT security jobs.
Architects are part engineer because they must develop complex security solutions, part analyst because they must thoroughly understand the security environment they're working in, and part consultant because they must work with many teams to successfully deploy their architectures. They need strong system administration skills in Windows, Unix, or Linux operating systems. And they must have skills with many security technologies and processes, such as multi-factor authentication, IDS/IPS, firewalls, penetration and vulnerability testing, anti-malware, BPNs, application security, advanced persistent threats, phishing, and social engineering.
IT security architects must have a thorough understanding of authentication technologies, security attack methodologies, and network security architectures. They also need solid people skills because they must interact with personnel at all levels and across all business units. IT security architect jobs aren't entry-level positions. Most job postings will require a minimum of seven years of hands-on experience in information security, and/or IT risk management, and at least five years of experience architecting solutions with a concentrated focus on security, performance, scalability, and reliability.
Almost every architect role will require a Bachelor's degree in a related field. This means an IT field, such as a Computer Information Systems degree. Other technical degrees may also be accepted. Frequently, desired certifications for IT security architects include CISSP, CISSP-ISSAP, CISM, CEH, CSSA, and GIAC certifications, GSEC, GCIH, and GCIA. IT security architect jobs are perfect for highly experienced security professionals who want to put their knowledge to work designing and implementing architectures that will help protect information systems.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- Understanding the job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself