Security architecture

What happens here?

Speciality areas:

  • Information Assurance Compliance
  • Software Assurance and Security Engineering
  • Systems Development
  • Systems Requirements Planning
  • Security Systems Architecture
  • Technology Research and development
  • Test and Evaluation

What are some example roles in the area?

  • Cyber Security Design Manager
  • Principal Security Specialist
  • Senior Security Specialist
  • Security Specialist
  • Technical Architect
  • Solution Architect

Solution architecture

As defined by the SFIA foundation: Solution architecture is the design and communication of high-level structures to enable and guide the design and development of integrated solutions that meet current and future business needs. In addition to technology components, solution architecture encompasses changes to service, process, organisation, and operating models.

Here are some ways you could build this skill, which applies to a range of cyber security roles.

Certifications

  • Certified in the Governance of Enterprise IT (CGEIT)
  • EC Council Certified Chief Information Security Officer (C|CISO)

Courses

  • COBIT 5
  • Information Technology Infrastructure Library (ITIL)
  • Information Technology Service Management (ITSM)
  • TOGAF
  • Information Systems Security Architecture Professional

Frameworks

  • ISO 27001 and ISO 27002
  • ISO 20000

Consultancy

As defined by the SFIA foundation: Consultancy is the provision of advice and recommendations, based on expertise and experience, to address client needs. May deal with one specialist subject area, or can be wide ranging and address strategic business issues. May also include support for the implementation of any agreed solutions.

Here are some ways you could build this skill, which applies to a range of cyber security roles.

Certifications

  • Certified Information Systems Auditor (CISA) Certification
  • Certified Information Systems Auditor (CISA) Certification
  • CISM Certified Information Security Manager
  • CISSP Certified Information Systems Security Professional
  • CISSP Certified Information Systems Security Professional
  • CRISC Certified in Risk and Information Systems Control

Courses

  • COBIT 5
  • Information Technology Infrastructure Library (ITIL)
  • Information Technology Service Management (ITSM)

Frameworks

  • ISO 27001 and ISO 27002
  • ISO 20000
  • ISO 31000

IT strategy and planning

As defined by the SFIA foundation: IT strategy and planning is the creation, iteration and maintenance of a strategy in order to align IT plans with business objectives and the development of plans to drive forward and execute that strategy. Working with stakeholders to communicate and embed strategic management via objectives, accountability and monitoring of progress.

Here are some ways you could build this skill, which applies to a range of cyber security roles.

Certifications

  • Certified Information Systems Auditor (CISA) Certification
  • Certified Information Systems Auditor (CISA) Certification
  • CISM Certified Information Security Manager
  • CISSP Certified Information Systems Security Professional
  • CISSP Certified Information Systems Security Professional
  • CRISC Certified in Risk and Information Systems Control
  • EC Council C|CISO

Courses

  • COBIT 5
  • Information Technology Infrastructure Library (ITIL)
  • Information Technology Service Management (ITSM)
  • CGEIT
  • TOFAF
  • CISSP – ISSAP
  • Sparx Systems Enterprise Architect
  • The Systems Modelling Language
  • Business Process Modelling Notation (BPMN)
  • The Unified Modelling Language (UML)
  • ArchiMate

Frameworks

  • ISO 27001 and ISO 27002
  • ISO 20000
  • ISO 31000


Last Reviewed: 05 March 2019