Security Architect Job Description
Security Architect Duties & Responsibilities
To write an effective security architect job description, begin by listing detailed duties, responsibilities and expectations. We have included security architect job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Architect Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Architect
List any licenses or certifications required by the position: CISSP, GIAC, SANS, CISM, ISO, PKI, CISA, DSS, PCI, IEC
Education for Security Architect
Typically a job would require a certain level of education.
Employers hiring for the security architect job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Education, Technical, Information Security, Information Systems, Information Technology, Business, Computer Engineering, Math
Skills for Security Architect
Desired skills for security architect include:
Desired experience for security architect includes:
Security Architect Examples
Security Architect Job Description
- Monitor each phase of software development process and attest to successful completion of each security requirement and activity throughout the development lifecycle
- Attest to compliance (or non-compliance) with security and privacy requirements in the Product Development Process and during related stage gate reviews
- Advise in and support training efforts for product Security Champions and Security Advocates
- Partner with product Security Champions to conduct product security assessments and threat models
- Consultation in product strategies for programs as an advisor on product cyber security risks
- Advise product security champions and development team members on proper implementation of the Software Security Development Lifecycle policy and how it applies to their product and threat model
- Participate in program increment / sprint reviews to keep up to date product develops and how it may relate or impact organizational risk / security
- Perform detailed Quality Assurance (QA) review of web-based applications
- Assist product security champions in completion of product specific Incident Response Plans
- Serve intermittently as a member of the Global Product Security Incident Response Team (GPS-IRT)
- Experience in conducting Information Security, IT Security, Audit assessments
- In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services
- Experience in testing tools (Eg
- Strong SaaS/Application/Network security knowledge and experience
- Five or more years of progressive experience in computing and information security
- Experience with designing and implementing cybersecurity technologies to monitor and protect enterprise environments
Security Architect Job Description
- Design and implement security architecture advisory practices for the execution of projects, programs and corporate/business initiatives
- Creation of principles based on strategy and from these principles, detailed technical requirements that enterprise architects, infrastructure engineers, and application developers can follow to ensure that systems and applications are appropriately protected
- Demonstrate effective leadership and subject matter expertise in security architecture to support our partners in technology and business
- Provide information security architecture leadership and consulting to business units for the development of solutions to manage information security risk, and also ensure that security capabilities are included in all aspects of our technology architecture
- Reviewing new technologies and products for compliance implications
- Provide Level 5 engineering support for security technologies, focusing on the design, 3rd party integration, internal landscape fitness evaluation, advanced troubleshooting, and best-practice management consultation
- Provide leadership of matrix teams in developing Security Reference Architecture
- Initiate and support the discussions with stakeholders from IT, Audit, Regulatory Compliance, and other business units to identify & consolidate requirements
- Guide and review the development of operational processes & procedures and KB articles of security technologies
- Participate and assume leadership as appropriate in regular cadences with other infrastructure & application architects
- Expert knowledge of best practices and experience with security engineering tasks, techniques
- Knowledgeable on the current landscape of security products available in the market current technology trends and security vulnerabilities
- Experience with Python, Java and/or C++
- Experience on SELinux is preferred
- 10+ years of experience in software development with 5+ years working with security products & technologies
- Experience with different Infrastructure as a Service platforms
Security Architect Job Description
- Ensure all IT solutions align with enterprise security architecture and comply with security policies, frameworks and standards
- Engage with project teams to provide security input into solution designs
- Keep up-to-date with security threats and technologies, and maintain relationship with security vendors and market analysts
- Assist the IT Risk and Security team in information security governance tasks
- Partners with the ACT to develop Client security strategies and solutions that align with and provide balance between business priorities and technology solutions
- Brings best of class industry expertise in the security, compliance and risk management domains to the Account
- Communicates technological and security issues to diverse audiences, including technical, architecture and senior management personnel
- Develops solutions to conform with HPE and Client security directives, requirements and risk objectives and goals
- Supports delivery excellence in Information Risk Management operations to safeguard contract commitments and ensure ongoing client satisfaction with HPE security services
- Develops and maintains strong relationships with key decision-makers and influencers
- Strong technical foundation in information, systems and network security space
- Ability to draft and present good quality design documentation
- Operational experience in security (monitoring, analysis, prioritization)
- Experience in software security principals
- Track record of large-scale global delivery in security design, and the building and deployment of security infrastructures
- 3+ years experience with commercial and open source security applications and technologies
Security Architect Job Description
- Serves as a subject matter expert on application security matters, working closely with Engineering in an AGILE environment
- Assist in daily security operations
- Works with internal and client teams to investigate, document, report, and mitigate threats and vulnerabilities inside the client’s environment
- Monitors networks, systems, and logs to identify and address security-related events
- Develops, implements, documents, and maintains security policies, practices and procedures
- Stays current on the latest security issues and emerging threats
- Participate in requirements definition, selection, and implementation of security technologies
- Ensures that security architecture and design, plans, controls, standards, and policy/procedures conform to industry best-practices and are aligned with the client’s operational standards
- Develops and communicates security reporting to support the initiation and effectiveness of security projects
- Participates in vulnerability assessment activities
- Experience conducting research, writing publications, or delivering presentations at conferences a strong plus
- Previous experience as an Application, Network, or Security Architect a strong plus
- Educational requirements – BS/BA required, MS/MBA desired
- Minimum of 3 years directly related in Software/Cyber Security
- One of the following certifications highly preferred – CSSLP, GSSP-.NET, CISSP, or related
- In depth knowledge of Networks, Security Appliances
Security Architect Job Description
- Develops, communicates, maintains, and enforces the overall security architecture (applications, data, and technical infrastructure) of the project
- Creates or contributes to Design, Architecture and Reference documents for review / acceptance at the appropriate technical governance body(ies)
- Provides overall design principles and guidance for software and hardware integration, performance design, reliability design, manageability design and security design
- Creates working prototype solutions to demonstrate concepts
- Advise project management and the client on the security architecture options, their impacts and decisions
- Analyzing new business requirements from an IT application architecture perspective to ensure solutions meet standards for reliability, scalability, and availability
- Collaborate across the engineering and operations organization to advice on secure architecture/design, attack surface area reduction, least privileged design, threat mitigations, and security best practices
- Build and execute on-premise and Cloud hardening checklist
- Advises and analyzes the current environment to detect critical security deficiencies and ensures fixes are implemented in-line with policies
- Ensures regulatory compliance, if applicable
- Demonstrated experience enterprise security architecture design and implementation for a financial services organization or other organizations with similar information security needs and requirements
- Extensive knowledge of IT, enterprise architecture, software development life cycle, and information security platforms and applications
- Knowledge of best practices and standards for enterprise security architecture specifically in the field of Identity & Access Management, Enterprise Content Management, Collaboration Tools, Service-Oriented Architecture, Cloud, Mobility, Data Analytics, and Web 2.0 related services
- Experience providing guidance for data protection based on data sensitivity and associated business risk
- Industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), and Information Systems Security Management Professional (ISSMP)
- Ability to collaborate with senior management stakeholders to identify requirements and drive compliance with approved standards