Menu Expand
Security Architect

Security Architect

Jon Collins

(2014)

Abstract

Security architects are responsible for maintaining the security of an organisation's computer systems as well as designing, developing and reviewing security architectures that fit business requirements, mitigate risk and conform to security policies. This book gives practical career guidance to those interested in the security architect role. It covers areas such as required skills, responsibilities, dependencies and career progression as well as relevant tools, standards and frameworks.
This book is a serious attempt to define a rapidly evolving role in an ever-changing sector and makes sure to include even those technologies still only on the fringes of adoption. Required reading, not just for security architects or those entering the role but also and perhaps more importantly for those responsible for hiring them.
Rik Ferguson
This book provides a very useful foundation and the real-world insight that an aspiring security architect needs in preparation for the long, often complex and challenging climb up the mountain that is IT security architecture delivery.
Dan Webster
Security architects are responsible for maintaining the security of an organisation's computer systems as well as designing, developing and reviewing security architectures that fit business requirements, mitigate risk and conform to security policies. They ensure that each unique set of security needs is addressed, that systems are protected and beneficial security change is implemented. The book provides practical, effective guidance for anyone looking to become a security architect or wanting to know more about what the role entails. It covers areas such as required skills, responsibilities, dependencies and career progression as well as relevant tools, standards and frameworks.
Very well written and a concise reference to the role of a security architect. It's handy enough to slip into the inside pocket of your jacket and even though it's only 134 pages it still manages to pack in all the essential information about the role. [...] If you truly believe that you merit the title of architect, then read this book - you may decide to reconsider such a lofty title when you don't match the role. Highly recommended.
Peter Daly
In his varied career, Jon Collins has acted as IT manager and software consultant, project manager, training manager, IT security expert and industry analyst. With over 25 years’ experience, he has developed a deep understanding of technology infrastructure and architecture, security and governance models, as well as hands-on experience of delivery in a variety of sectors.

Table of Contents

Section Title Page Action Price
Cover i
Advert Page ii
Copyright vi
CONTENTS ix
LIST OF FIGURES xi
AUTHOR’S NOTE xii
ACKNOWLEDGEMENTS xiii
ABBREVIATIONS xiv
GLOSSARY xvi
PREFACE xx
1 INTRODUCTION 1
THE ESSENCE OF SECURITY ARCHITECTURE 2
THE AIM OF THIS BOOK 4
CAVEATS 5
2 INFORMATION SECURITY ARCHITECTURE FUNDAMENTALS 7
INFORMATION SECURITY IN A CHANGING WORLD 7
OVERVIEW OF INFORMATION SECURITY CONCEPTS 11
THE ROLE OF IT AND ENTERPRISE ARCHITECTURE IN INFORMATION SECURITY 19
INTRODUCING INFORMATION SECURITY ARCHITECTURE 23
THE ROLE OF THE BUSINESS IN THE SECURITY ARCHITECTURE 27
3 INFORMATION SECURITY ARCHITECTURE ACTIVITIES 30
COLLATION 32
SCOPING 34
THREAT AND VULNERABILITY ASSESSMENT 40
ASSESSMENT OF EXISTING CONTROLS 43
DOMAIN DEFINITION 45
SPECIFICATION OF CONTROLS 50
EVALUATION OF OPTIONS 56
BUSINESS CASE 58
IMPLEMENTATION 60
MONITORING AND REVIEW 63
4 THE SECURITY ARCHITECT’S ROLE AND SKILL SET 64
SECURITY SKILLS 67
TECHNICAL SKILLS 83
BUSINESS SKILLS 96
5 STANDARDS, TOOLS AND TECHNIQUES 99
STANDARDS, GUIDELINES AND REGULATIONS 99
SECURITY TESTING TOOLS AND TECHNIQUES 104
SECURITY ARCHITECTURE OPERATIONS 109
6 CAREER PROGRESSION AND RELATED ROLES 115
CERTIFICATION AND CONTINUOUS PROFESSIONAL DEVELOPMENT 116
INTERFACE AND DEPENDENCIES 117
7 A DAY IN THE LIFE OF A SECURITY ARCHITECT 121
8 CONCLUSION 123
APPENDIX SECURITY ARCHITECTURE DOCUMENT REVIEW CHECKLIST 125
REFERENCES 127
FURTHER READING 129
INDEX 132
Advert Page 137
Back Cover 138