Job Description

As a recognized Information and Cyber Security authority, the Information Security Architect collaborates on Information Security standards & controls and creates robust security architectures in support thereof and leads the realization of the security architecture into the target environments to secure the enterprise’s information assets. Extensive subject matter knowledge of Information Security and Cyber Security is essential.

Quick response

Required Knowledge

• K0027   Knowledge of organization's enterprise information security architecture.
• K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• K0227   Knowledge of various types of computer architectures.
• K0291   Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
• K0293   Knowledge of integrating the organization’s goals and objectives into the architecture.
• K0374   WITHDRAWN: Knowledge of basic structure, architecture, and design of modern digital and telephony networks. (See K0599)

Required Skills

• S0005   Skill in applying and incorporating information technologies into proposed solutions.
• S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• S0122   Skill in the use of design methods.
• S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• S0139   Skill in applying security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Required Abilities

• A0008  Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
• A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
• A0060  Ability to build architectures and frameworks.
• A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• A0061  Ability to design architectures and frameworks.