Newsletters Welcome, Guest Log In | Register
Knowledge Network :

Discussions

Join the Community

Exchange

Get full access to our community's expertise and resources.

Register Now >

What's New

Hosted by JohnStorts

Updates and news from the Knowledge Network

E-Mail Usage Policies Reduce Spam, Increase Meaningful Communication
 
Visualizing Virtualization: Is It Right for Your Company?
 
Knowledge Network Tools Make Learning About, Upgrading to Windows 7 Easier
 

Top Contributors

View all participants

Popular Tags

View all

Re: Security Architect Skills

32 Replies Last post: Nov 30, 2009 6:31 AM by JasonT.Zane   1 2 3 Previous Next
Ralph DeFrangesco  
Ralph DeFrangesco
54 posts since
Oct 3, 2008
Reply

Dec 16, 2009 1:30 PM

Security Architect Skills

"What business and soft skills would be beneficial for a security architect to have, and why?"

Tags: linux_distributions, os_security, network_security, job_descriptions, linux, security_architect
MarcZurcher  
MarcZurcher
14 posts since
Sep 25, 2009
1. Sep 25, 2009 7:17 PM in response to: Ralph DeFrangesco
Re: Security Architect Skills

After listening to what you talked about last class i have to say that i think having basic communication and people skills goes a long way. the basic ability to talk to coworkers in a plain and simple manner makes it much easier to discuss different topics with a wide variety of people including upper management. I also think that having some business courses such as economics, under your belt would aid in being able to more easily understand business decisions and how they differ from IT decisions.

Report Abuse
RobDeStasio  
RobDeStasio
16 posts since
Sep 27, 2009
2. Sep 27, 2009 6:42 PM in response to: Ralph DeFrangesco
Re: Security Architect Skills

A Security Architect should possess confidence in his work, and needs to know his or her job better than anyone else. As we discussed in class a security architect will need to state their case for the equipment they feel the company will need. We talked about how companies tend to dislike spending a lot of money, and how we halt business in their eyes. Security Architechs need to be smooth, convincing talkers.  The Architects need to be able to explain the risk and certain vulnerabilities in which the company they work for should be aware and prepared for.

Report Abuse
RobDeStasio  
RobDeStasio
16 posts since
Sep 27, 2009
3. Sep 27, 2009 6:49 PM in response to: MarcZurcher
Re: Security Architect Skills

I agree, a better understanding of how the business is thinking will help build a stronger bridge between everyone. This would make it easier for a security architect to get a little more out of their company.

Report Abuse
JeVoneSmith  
JeVoneSmith
24 posts since
Sep 27, 2009
4. Sep 27, 2009 8:42 PM in response to: Ralph DeFrangesco
Re: Security Architect Skills

I think a person who will carry the title as "Security Architect" will have a well verse backgroud in all aspects of security. This includes digital, physical, personnel and other security areas. They should be network, equipment (physical and virtual) savvy and very well spoken. Be familiar with different network security tools and architecture in order to accomodate business goals. Furthermore, a security architect will have to be persuasive in selling there facts and how the impact of not having the security mechanisms in place could be very detrimental to a company or business.

Report Abuse
JeVoneSmith  
JeVoneSmith
24 posts since
Sep 27, 2009
5. Sep 27, 2009 8:47 PM in response to: MarcZurcher
Re: Security Architect Skills

Good point Marc. Being able to communicate with co workers upper management and deck plate personnel is always a good trait. An just to add my two cents in is they must be able to sell security to those same people even though it will probably put many restrictions in them getting there work done, and no tangible return on investment. Upper management especially the bean counters never understand why we can not afford to skimp on funds when it comes to security. They only worry about how much revenue it's going to produce for them. Well the revenue is produce when the security incidents and intrusion do not happen.

 

JeVone

Report Abuse
JeVoneSmith  
JeVoneSmith
24 posts since
Sep 27, 2009
6. Sep 27, 2009 8:51 PM in response to: RobDeStasio
Re: Security Architect Skills

Your absolutely right. Security Architects should use fact sheets of security infractions, intrusions, etc that have happened to other companies to help get their points across and drive home the fact that security is paramount. They need to see what the consequences have been for other companies and compare that to what could happen to them.

Report Abuse
Ralph DeFrangesco  
Ralph DeFrangesco
54 posts since
Oct 3, 2008
7. Sep 28, 2009 12:22 PM in response to: MarcZurcher
Re: Security Architect Skills

Marc,

 

Yes, I can't stress how important communication skills are.

 

-Ralph

Report Abuse
BryanMareletto  
BryanMareletto
16 posts since
Sep 28, 2009
8. Sep 28, 2009 3:01 PM in response to: Ralph DeFrangesco
Re: Security Architect Skills

A security architect should possess necessary skills to effectively communicate his or her plans, emphasizing what's best for the company. If the company's mission or business plan does not mesh well with the security architect's plans, then there is a good chance it's not going to go through. It's part of a security architect's necessary skillset to be able to convince the senior management that these plans are good for the company and will bring a return on investment.

Report Abuse
BryanMareletto  
BryanMareletto
16 posts since
Sep 28, 2009
9. Sep 28, 2009 3:04 PM in response to: RobDeStasio
Re: Security Architect Skills

I agree with Rob, confidence is an important trait to have as a security architect. It helps convince senior management that your ideas are in the company's best interest.

Report Abuse
Ralph DeFrangesco  
Ralph DeFrangesco
54 posts since
Oct 3, 2008
10. Sep 28, 2009 10:48 PM in response to: BryanMareletto
Re: Security Architect Skills

I think of confidence as being a personality trait versus a skill.

Report Abuse
MattHemeleski  
MattHemeleski
8 posts since
Sep 25, 2009
11. Sep 29, 2009 4:08 AM in response to: Ralph DeFrangesco
Re: Security Architect Skills

While I will agree that communicatin is a big part of Security Architecture, I would argue it is at the tail-end of things. You could be a great communicator, but still communicate the absolute wrong thing. Having a crisp idea of what the actual needs of the company are, as well as accounting for expansion and worst-case-scenarios. This requires a good deal of big-picture thinking that is a bit more nuanced than simply piling up the sexiest hardware and measures.

 

The job of the architect isto give the business the measures and defenses that they need. And, as was mentioned in class this last week, most business people don't really know what that is. To a degree, you're doing the thinking for them. This requires the flexibility to bring yourself out of the IT world and think in terms of feasablility and the effect that any new network and its appropriate security will have on all phases and departments of a given company.

Report Abuse
MattHemeleski  
MattHemeleski
8 posts since
Sep 25, 2009
12. Sep 29, 2009 4:17 AM in response to: JeVoneSmith
Re: Security Architect Skills

JeVone:

 

I would agree. But such comparisons could only be made in an apples to apples sense. For example, my current company is an internet-based phone company with a little over four hundred clients and about one hundred employees. The stability of our server and network is absolutely vital to the business itself. However, while that is the case, I would not guage that we at the same security risk as, lets say, Google. We don't have that much exposure and rarely anyone outside of our clients, and local competitors, is even aware of our existance. I do agree that making comparisons out of case studies is important for communicating the needs of the network to the business, but it should be done in a measured and well thought ot manner.

Report Abuse
Ralph DeFrangesco  
Ralph DeFrangesco
54 posts since
Oct 3, 2008
13. Sep 29, 2009 9:36 AM in response to: MattHemeleski
Re: Security Architect Skills

Matt,

 

I do agree with your communications argument, however the opposite it true also. Please remember the idea here is what soft skills are needed. The hard skills should be a given for our discussion.

 

Ralph

Report Abuse
JackieClayton  
JackieClayton
16 posts since
Sep 28, 2009
14. Sep 29, 2009 2:40 PM in response to: Ralph DeFrangesco
Re: Security Architect Skills

A security architect should have an indepth buisiness skill's foundation in information security and the soft skills to encourage innovation.  A strong foundation in information security will allow the security architect the ability to support the business goals by designing and appling the required governance to current system operations with little impact on daily operations.  Additionally, encouraging innovation within the company will allow all staff members the opportunity to provide quality feedback during each layer of security application.  A security architect must be able to communicate the big picture to management and each tenant of the business to be effective.

Report Abuse

Re: Security Architect Skills

Go to original post 1 2 3 Previous Next

Premium Tools

Browse

IT Manager Development Library

Learn all the basics of IT Management: budgeting, staff motivation, business planning and more with this unique eBook bundle.

Learn more >

The IT Service Catalog Management Toolkit

Bridge the IT-business gap once and for all! A well documented IT services catalog is the conduit for IT services to the rest of the company.

Learn more >

Hot Topics

Browse

Resource Centers

Browse

Security Software Solutions

Security software and strategies to protect valuable company information and insure compliance with global, federal, and state regulations.

Featured Whitepapers

Millennial Meltdown: Balancing Innovation with Productivity and Security

Application Grid

Learn more about this middleware layer that pools and dynamically provisions infrastruction application delivery resources to lower costs and improve efficiency.

Featured Whitepapers

Application Grid: The Ideal Platform for IT Consolidation

Decision Management

Applications, management tools and industry advice on how to optimize your data for better business decisions.

Featured Whitepapers

The 11 Secrets of Business Rules Success

Applications for Mid-size Businesses

Applications that mid-sized businesses can use to improve operational efficiency, accelerate growth, and maintain profitability.

Featured Whitepapers

Leveling the Field: Powerful Software Solutions for Midsize Companies

White Papers, Events, and Resources

Comprehensive SMB Data Protection — Simplifying the D2D2T Paradigm

This white paper looks at the problems confronting IT managers in the SMB segment, describes a number of data protection technologies, and suggests data protection strategies that are particularly suited for small and medium business.

Oracle Database 11g for Data Warehousing and Business Intelligence

Want to learn how to get more from your data warehousing investment? This white paper discusses the key features and technologies by which this innovative business intelligence and data warehouse system can integrate information, perform fast queries, and scale to very large data volumes, all with best-of-breed data analytics.