I can’t tell you how many times I’ve been asked “How do you become a Security Architect?”. Well, let me tell you, it’s not nearly as difficult as you may think. For me, I literally fell into the security space. I didn’t have any formal training and I didn’t have a mentor to help me, so I had to learn on my own.
What does that tell you? Well, first off, I’m not a genius. Seriously (just ask my wife!). What I did was realize that I didn’t know that much and I made sure I was continuously asking questions. And that, folks, is the key to being an Architect, whether it’s a Security Architect or any other type of Architect. Asking questions.
What I learned was that there are 2 keys to becoming a Security Architect;
- Asking questions is core to being an Architect.
- Security is a process, not a technology.
Let’s look at how those two points help make a Security Architect. Let’s start with “asking questions”.
What’s the key to making sure you have the best possible solution? Making sure you gather the requirements and tracing those requirements throughout a project. If you don’t have the right requirements, regardless of whether you are designing a Project solution or putting together a Security Strategy, you won’t be successful.
And the key to gathering requirements is asking questions. It’s as simple as that.
Now let’s look at “Security is a process, not a technology”. If you think in terms of process rather than technology, you come to realize that you can standardize how to deliver security architecture. You end up templating how to do each activity. And by templating, you can keep getting better at what you do.
Now, let’s look at combining the two; asking questions and templating. That’s why I have a standardized template for Requirements Gathering. That way, I can make sure I never forget to ask a question.
Do I have a Computer Science degree specializing in Cyber Security? No. In fact, if I think of all the people that I have worked with in Cyber Security, very few have degrees relating to Security. Remember, we are talking technology. Most of this can be learned on the job and, quite honestly, if you have the proper Mentor, you can really grow in this role.
So, you want to be a Security Architect? Just start to ask questions and look for ways to template everything you do.
Hope this helps …