I've worked on security architectural disciplines and tasks within several of my past jobs, but without having "Security Architect" as a title. Some areas recognized as in the realm of the security architect specialty where I've delivered important results include:
- Threat modeling
- Design of Identity and Access Management based in Microsoft Active Directory
- Design and documentation of security policies, standards, and baseline requirements
- Design and documentation of network infrastructure
- Design and documentation of network security
- Alignment of security standards and specifications to Enterprise Architecture and business need
- Design of third-party risk management solutions
- Design of governance, risk, and compliance testing automation
- Alignment of security controls to multiple standards and compliance frameworks
- Consulting on industrial control system (ICS) design and interoperability
- Evaluation and recommendation of security tools and technologies
I have fairly good familiarity and understanding of TOGAF and SABSA architectural frameworks and have used these in my work at Jackson National Life Insurance.
Professional certifications supporting this work include: CISSP, CISM
No comments:
Post a Comment