Your Next Move: Security architect

Register now

(This article is part of an IT Career News series called “Your Next Move.” Each article will include the responsibilities, qualifications, related job titles, salary range for the role, job prospects and how to get there.)

As you move up the cybersecurity career ladder, you can remain immersed in hands-on cybersecurity or move into more of a strategic role. If you’re looking for big-picture thinking and want to design security systems for an organization, a job as a security architect might be for you. Security architects collaborate with business leaders, engineers, developers and more to protect an organization from cyberthreats.

What Is a Security Architect?

A security architect develops and maintains the security of an organization’s network. The job may include the following responsibilities:

  • Provide guidance and leadership on cybersecurity policy
  • Collaborate with business leaders, developers, engineers and more to identify the organization’s business needs and make a plan for implementation
  • Research and design all security features for IT projects
  • Use cryptography to protect an organization’s data
  • Stay up to date on cybersecurity threats, tools and best practices

A security architect creates complex security structures to make sure the company’s computer systems remain safe. It’s a senior-level position generally, leading a team of security experts. In very large companies, there may be promotion opportunities such as chief security architect or senior security architect.

A security architect must have a thorough understanding and knowledge of the company’s technology and information systems in order to provide the appropriate level of security. A security architect also communicates with the chief information security officer (CISO) about any threats or problems that could occur.

Security Architect vs. Security Engineer

Although they work together closely, a security architect is generally more senior than a security engineer. Security architects set the vision for security systems, and engineers figure out how to put it into practice. Security engineers could move into security architecture roles if they want to transition from hands-on cybersecurity into policy and governance.

Security architects still need to keep their skills current so they fully understand the latest techniques and how to prevent the newest threats. Although it may no longer be their main responsibility, security architects should occasionally test their skills through wargames or capture the flag activities.

How to Become a Security Architect

Most companies hiring a security architect are looking for someone with a bachelor’s degree in computer science, cybersecurity, information technology or a related field. Some companies may require a master’s degree as well.

Security architect’s may have worked their way up to their position through jobs such as security administrator, network administrator and security analyst.

Certifications like CompTIA Network+, CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+) and CompTIA Advanced Security Practitioner (CASP) can help you along your way as you move up to a position as a security architect, Check out the CompTIA Career Roadmap to see what other certifications can help you become a security architect.

The Details

Security Architect Salary Range: The average salary for security architects is $129,000, according to Burning Glass Technologies Labor Insights.

Security Architect Job Outlook: When it comes to demand for cybersecurity jobs, security architects are on the low end, with nearly 7,000 job postings from January to September 2018, according to Burning Glass Technologies Labor Insights. Given the advanced level of the position, it's not surprising that there are fewer jobs available than for other jobs, like cybersecurity analyst.

Job Titles Related to Security Architect:

  • Information Architecture (IA) Architect
  • Information Security Architect
  • Cybersecurity Architect
  • IT Security Architect

(This post originally appeared on the CompTIA blog site, which can be viewed here).

For reprint and licensing requests for this article, click here.