A Security Architect should possess confidence in his work, and needs to know his or her job better than anyone else. As we discussed in class a security architect will need to state their case for the equipment they feel the company will need. We talked about how companies tend to dislike spending a lot of money, and how we halt business in their eyes. Security Architechs need to be smooth, convincing talkers.  The Architects need to be able to explain the risk and certain vulnerabilities in which the company they work for should be aware and prepared for.

I think a person who will carry the title as "Security Architect" will have a well verse backgroud in all aspects of security. This includes digital, physical, personnel and other security areas. They should be network, equipment (physical and virtual) savvy and very well spoken. Be familiar with different network security tools and architecture in order to accomodate business goals. Furthermore, a security architect will have to be persuasive in selling there facts and how the impact of not having the security mechanisms in place could be very detrimental to a company or business.

Your absolutely right. Security Architects should use fact sheets of security infractions, intrusions, etc that have happened to other companies to help get their points across and drive home the fact that security is paramount. They need to see what the consequences have been for other companies and compare that to what could happen to them.

A security architect should possess necessary skills to effectively communicate his or her plans, emphasizing what's best for the company. If the company's mission or business plan does not mesh well with the security architect's plans, then there is a good chance it's not going to go through. It's part of a security architect's necessary skillset to be able to convince the senior management that these plans are good for the company and will bring a return on investment.

JeVone:

I would agree. But such comparisons could only be made in an apples to apples sense. For example, my current company is an internet-based phone company with a little over four hundred clients and about one hundred employees. The stability of our server and network is absolutely vital to the business itself. However, while that is the case, I would not guage that we at the same security risk as, lets say, Google. We don't have that much exposure and rarely anyone outside of our clients, and local competitors, is even aware of our existance. I do agree that making comparisons out of case studies is important for communicating the needs of the network to the business, but it should be done in a measured and well thought ot manner.

A security architect should have an indepth buisiness skill's foundation in information security and the soft skills to encourage innovation.  A strong foundation in information security will allow the security architect the ability to support the business goals by designing and appling the required governance to current system operations with little impact on daily operations.  Additionally, encouraging innovation within the company will allow all staff members the opportunity to provide quality feedback during each layer of security application.  A security architect must be able to communicate the big picture to management and each tenant of the business to be effective.