Security Architect

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hey guys,

Do we have any security architects here that can share their stories with me ? How they got to where they are ? certifications ? progression etc.

I think security Architecture is a part of IT i am interested in a lot at the moment and a possible career choice for the future to aim to.

Where to start ? and so forth though.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Are you in IT?

Because that sort of position its start off at the bottom work your way up, get lots of experiance.
Its not going to be a position where you get a few certs and walk straight into.

 

Andi,

I think WK is looking more to the future rather than trying to jump into such a position now...

 

When you say Architect, are you referring to someone who designs security as a job - ar are you referring to the Microsoft Certified Architect program?

 

The most I've done is to recommend, purchase, install, and administer security solutions (firewalls, Web monitoring/filtering apps, VPN solutions, etc.). That said, my job consisted of much more than security architecture, so I don't really think of myself as a "Security Architect".

 

Yea, I'm currently in IT at the first rung of the ladder although if i'm honest I do, do a lot of second line stuff (with it being a small company) and I do have the chance to learn a lot, anything I ask about my 2 colleagues have the [patience to explain which is good.

Someone that designs security as a job, network security etc, I don't really know the ins and outs of it.

 

Really, you just take what you've read and learned and experienced and mash it all together in your brain... then when you see a network that can use extra security measures, you recommend it and implement it. That's why real-world experience is absolutely essential for jobs like that... one can't just read the theory behind security concepts and expect to be able to immediately implement security hardware (and procedures!) in an existing production network. Having seen it before *really* helps... both what works AND what doesn't.

So... while you're in your current position, take note of what they implement, how they implement it, why they implemented what they did, and what difficulties they encountered. And again, don't just focus on the bits and bytes and bolts... determine the security policies, procedures, and documentation that is in place... those can be just as important as the gear and the configuration.

 

What sort of certifications do employers expect one to have usually ? whats the industry standard ?

 

For security? Experience, experience, experience, experience, experience.

 

As always, I couldn't have put it better myself. I know of and work with people who are architects (not necessarily security-specific mind you) who have years of experience and not a certificate between them... or their certs are well out of date.

They don't need them because of the circles they mix and the quality of the work they do means the governement agencies and other companies they work in know they can get it done. They are in demand regardless.

 

Yep. Certainly certifications can make you look more attractive, if for no other reason than you took the initiative to go out and get the bits of paper. But no company in their right mind will hire a security architect without a buttload of real-world experience.