As discussed in our last blog, How to Become a Security Architect -1
Security Architect is a person who plans, designs, and reviews the security requirements of any organization.
So Security Architect ensures the requirements necessary to protect the organization’s mission and business processes are addressed in models, segment and solution architectures, and the resulting systems supporting those missions and business processes.
We also discussed the Tasks taken care by any Security Architects
In this article, we will discuss the Knowledge requirements to be a Security analyst.
- Security analyst must have below mentioned knowledge:
- Computer networking concepts and protocols and network security methodologies.
- Risk management processes (e.g., methods for assessing and mitigating risk).
- Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Cybersecurity and privacy principles.
- Cyber threats and vulnerabilities.
- Specific operational impacts of cybersecurity lapses.
- Authentication, authorization, and access control methods.
- Applicable business processes and operations of customer organizations.
- Application vulnerabilities.
- Communication methods, principles, and concepts that support the network infrastructure.
- Capabilities and applications of network equipment, including routers, switches, bridges, servers, transmission media, and related hardware.
- Capabilities and requirements analysis.
- Cyber defense and vulnerability assessment tools and their capabilities.
- Computer algorithms.
- Encryption algorithms
- Cryptography and cryptographic key management concepts
- Database systems.
- Business continuity and disaster recovery continuity of operations plans.
- Organization’s enterprise information security architecture.
- Electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
- Installation, integration, and optimization of system components.
- Human-computer interaction principles.
- Security Assessment and Authorization process.
- Industry-standard and organizationally accepted analysis principles and methods.
- Cybersecurity and privacy principles and organizational requirements (relevant to
- Confidentiality, integrity, availability, authentication, non-repudiation).
- Network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
- Network hardware devices and functions.
- New and emerging information technology (IT) and cybersecurity technologies.
- Operating systems.
- How traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
- Parallel and distributed computing concepts.
- Remote access technology concepts.
- Key concepts in security management (e.g., Release Management, Patch Management).
- Software engineering.
- Systems testing and evaluation methods.
- Technology integration processes.
- Telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
- The systems engineering process.
- Critical infrastructure systems with information communication technology that were designed without system security considerations.
- Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
- Organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
- Service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
- The application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
- Confidentiality, integrity, and availability requirements.
- cybersecurity-enabled software products.
- The Risk Management Framework Assessment Methodology.
- Various types of computer architectures.
- Multi-Level security systems and cross-domain solutions.
- Personally Identifiable Information (PII) data security standards.
- Payment Card Industry (PCI) data security standards.
- Personal Health Information (PHI) data security standards.
- Program protection planning (e.g., information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
- Configuration management techniques.
- Current and emerging data encryption (e.g., Column and Tablespace Encryption, file and disk encryption) security features in databases (e.g., built-in cryptographic key management features).
- An organization’s information classification program and procedures for information compromise.
- the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.) demilitarized zones.
With this much knowledge, we can say a person is ready to become a Security Architect, designing a secure IT architecture for the overall organization
The Security Architect course also gives complete knowledge in a well-structured and at a single
location with particular emphasis on Security Architect Interview preparation