Security Architects require the work from security engineers allowing the two to form a partnership. Although security architects devise the strategy, plan, and blueprint for the security architecture, security engineers play a huge role in assisting with the design but are the team that deploys security components and systems.  It is the responsibility of the security architect to engage with the security engineering team when needed and to communicate the strategy and plan.

​

Security engineers, also called network or information security engineers, create and execute cybersecurity solutions to protect an organization’s digital information.

 

Most security engineers come from an IT background, these security-focused engineers are responsible for protecting a company’s networks and computer systems to safeguard sensitive information from cyberattacks. Working alongside security architects in the design, and implementation, they play a monumental role in keeping organizations safe and secure. Security architects set the vision for security systems, and engineers figure out how to put it into practice.

 

Typical tasks include:

• Understand Your System Architecture

• Identifying system vulnerabilities

• Conducting security assessments

• Harden the infrastructure and software

• Responding to security threats and network intrusions

• Planning network security upgrades

• Testing hardware and software

• Monitoring network traffic patterns

• Coordinating team incident responses

• Performing threat modeling

 

Security engineering must start early in the deployment process. In fact, each step in the deployment should be started early - work closely with the security architect to understand the security planning, securing the system, developing the system with security, and testing the system with security.

​

We propose you consider the following steps:

1. Work with the project's security architect team to understand the solution or system architecture.

2. Identify your security requirements including determining all security standards, laws, and/or regulations with which your system has to comply.

3. Implement your system with security features and controls enabled.

4. Ensure that all components and systems are integrated securely.

5. Develop and run end-to-end security tests.

 

ISAUnited encourages security engineers to join our community and begin to communicate and work together on security architecture design, processes, and models. Whether you want to participate and contribute to securing architecture or begin a career path to becoming a security architect.