| certifications | security - Paul Korzeniowski
Security Engineer vs Architect: What's the Difference?
Building software is similar to constructing a building. Individuals with related, but different skills are needed to conceptualize and then deliver the application. The system security architect works at a high level and creates a blueprint for how all corporate applications will function.
The system security engineer takes those plans and applies them to individual applications by using development tools to create the final product. In order for an application to run successfully, each individual needs to understand their own role as well as what their co-workers provide.
Let's take a look at what each of these roles entails, the crossover and differences, and why they are valuable to organizations.
Cybersecurity Attack Surface Expands
In the past, security centered on the network perimeter. Enterprises placed various products, such as firewalls and anti-virus solutions at the edge of the network — and tried to ward off intruders before they gained access corporate resources.
Times change, and hackers found ways to circumvent network checkpoints. Nowadays, attacks come at every level of the traditional seven layer application model from the bottom network portion to the top, the application layer.
And there are plenty of holes. Cybercrime cost businesses over $2 trillion in 2019, according to Juniper Research. Consequently, enterprises must put checks in multiple places to secure corporate information — and that requires cybersecurity pros.
Security Architecture Touchpoints
Because of the growing number of entry points, designing enterprise security solutions has become exceedingly complicated. In fact, large enterprises typically have one to two dozen different security products. The outsiders look for the weakest point in the security chain, so these products must work cohesively and comprehensively.
So, thought and foresight are needed to close up all of the possible holes. Organizations create security frameworks, blueprints that outline what potential security breach might occur in each possible entry point. Next, they put tools in place to protect that potential gateway.
For example, previously corporations left information that was sitting in data center storage systems unencrypted. But if a hacker bypassed security checks and wormed their way into the system, they gained access to the corporate jewels, all of its confidential information. As a result nowadays, organizations have tools that encrypt information even when it is at rest.
To secure information and data, organizations need technicians with a wide range of skills. Two jobs, security architect and security engineer, are in high demand. Indeed.com lists about 21,000 open positions in the U.S. for the former and 78,000 for latter.
Here is what each position, which typically requires at least half a dozen and often 10 years or more of experience, entails.
What Does a Security Architect Do?
A security architect works at a high level. They design frameworks that ward the bad guys off at every possible entry point. They examine all of the system elements and make sure that they work together to prevent intrusions. Security architects create policies, standards, procedures, and documentation designed to work across all departments and for all applications. In essence, they design the entire building.
As a result, they need to have working knowledge about many different system components: information security programs, IT operations, and identity and access management. They also are responsible for organizations' security training and awareness, IT general compliance controls and reports, incident response, disaster recovery, data privacy, and and system risk.
The reality is that company information is under constant attack. A hacker probes a system somewhere every 39 seconds, according to a study at the University of Maryland. So, security frameworks need to not only put checks in place to ward off hackers, but also create procedures that determine how well those checks are working.
Security architects develop business processes that constantly investigate potential problems, find the root cause of security events, and mitigate the potential damage if a breach occurs.
Required Skills for Security Architects
These techies identify, proposes and initiate improvements to the organization's security posture. They possess deep understanding of security trends and strategies and identify security solutions that meet business objectives. The position requires special skills, including security certifications like:
- CompTIA Security+
- International Information System Security Certification Consortium (ISC)2 Certified Information Systems Security Professional (CISSP)
- Information Systems Audit and Control Association (ISACA) Certified Information Security Manager (CISM)
- Cisco Certified Network Associate (CCNA)
- Global Information Assurance Certification (GIAC) Security GSEC
In order for a security framework to be effective, everyone in the organization needs to understand it and take steps to ensure that they do not make a careless mistake and become the weak link that opens the door to an intruder.
So, security architects must work with coworkers to educate staff and create corporate awareness about cybersecurity dangers and prevention. Their responsibilities include:
- Manage cross-functional cybersecurity and compliance projects.
- Articulate complex technical security issues into business terms and share that information with stakeholders in different departments.
- Work closely with internal auditing, legal and the IT teams to understand regulatory requirements and put systems in place to ensure compliance.
- Provide management with up-to-date information on different threats and security vulnerabilities that organizations may face and ensure solutions are in place to mitigate those risks.
What Does a Security Engineer Do?
Security engineers implement the plans. In essence, they are the builders. They work with the applications and development tools, link all of the various components, and get companys' business applications running. Their experience with security products must be deep — and they are paid accordingly.
The bulk of their days are spent working on individual application deployment and troubleshooting issues. Their responsibilities typically includes working with a wide range of solutions and having practical, hands-on experience in many areas:
- Operating systems like Linux and Microsoft Windows
- Cloud platforms like Amazon Web Services, Microsoft Azure, and Google Cloud Platform
- Programming and scripting languages such as Java, Python, Perl
- Security tools like Kali, Nessus, Netsparker, openVAS, BurpSuite, and Metaspolit.
- Mobile systems like Apple iPhone and Google Android, as well mobile secure design principles such as Open Web Application Security Project (OWASP)
- Compliance is a major concern nowadays, especially as governments become more proactive in ensuring that individuals' personal information is not compromised. Security engineers need familiarity with technology risk management related frameworks, such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, CSA, SOC 2.
Security engineers cannot ignore the big picture. They must understand the data protection basics, including securing cloud services, especially Amazon Web Services data security, and network and system infrastructure design principles.
They analyze cybersecurity, intelligence and information technology policies and search for gaps. Also, they must know how to conduct penetration testing and reverse engineer software when necessary.
Required Skills for Security Engineers
Some of the most desired skills for security engineers include operational vulnerability analysis, incident response and analysis, pen testing, real-time network analysis, and digital forensics. Security engineers often participate in hackathons, cybersecurity competitions, and security exercises to hone those skills.
And of course, there's certifications that help develop and validate needed skills. Popular certs for security engineers include:
- Cisco Certified Network Associate (CCNA)
- ISC2 Certified Secure Software Lifecycle Professional
- ISC2 Certified Information Systems Security Professional (CISSP)
- Cloud Security Alliance (CSA) Certified Cloud Security Professional (CCSP).
- Offensive Security Certified Professional (OSCP)
- International Council of E-Commerce Consultants, also known as EC-Council, Certified Ethical Hacker (CEH)
Facing a widening threat footpoint, corporations are investing more than ever in cybersecurity. Security architects provide the big-picture framework needed to ward off intruders. Security engineers work at the various entry points making sure that they only admit authorized individuals.
To qualify for these jobs, IT professionals need a broad understanding about the enterprise security landscape as well as deep knowledge about various security solutions. Together, these two roles create an infrastructure that protects confidential corporate and customer information.