Security Architecture (Solutions Architect, Associate Security Analyst, Cyber Risk Analyst, Security Engineer)
Design security architectures and controls; either embedding of security principles into the design of architectures to mitigate the risks posed by new technologies and business practices, or the actual design and specification of implementable security components, along with the accompanying control measures, to meet defined business security needs.
Proficiency Level
Level 1 (Follow)
N/A
Level 2 (Assist)
N/A
Level 3 (Apply)
- nterpret relevant security policies and risk profiles into secure architectural solutions that mitigate the risks and conform to legislation.
- Present security architecture solutions as a view within broader IT architectures.
- Relate security architectures to business needs and risks.
- Work with recognised security architecture.
- Devise standard solutions that address requirements delivering specific security functionality whether for a business solution or for a product.
- Minimise the risk to an asset or product through “standard” security architecture practices.
- Deliver the security architecture that supports the risk management strategy using current security technologies and techniques.
- Maintain awareness of the security advantages and vulnerabilities of common products and technologies.
- Design secure systems and define security specifications of components, integrating appropriate security controls.
Level 4 (Ensure)
- Establish organisational guidelines and principles for the design of security architecture and controls, and drive the enhancement of organisation-wide security systems.
- Minimise the risk to an asset or product through the use of “standard” security technologies and products.
- Design and develop processes for maintaining the security of an asset or product through its full life cycle.
- Maintain awareness of the security advantages and vulnerabilities of common products and technologies.
- Design robust and fault-tolerant security mechanisms and components appropriate to the perceived risks.
- Select the appropriate security products, components and technologies to meet a security requirement.
- Select the most appropriate information interchange protocols that meet the security requirements.
Level 5 (Strategise)
- Design a security blueprint and direct the design of a robust and coherent security architecture, based on a suite of security solutions and key design principles.