Security architects are broadly knowledgeable and highly valuable assets in the cybersecurity field. They secure the overall corporate environment with layered security by implementing defense-in-depth measures. When providing services, they make sure that all services to a customer are secured.
Dwayne Thaele, principal product manager for information security at Rimini Street, has extensive experience in security architecture, having gotten into the field “natively,” he says, as it developed in the 1990s.
At the time, he was working as a network engineer and manager and learned on the job how to build security architectures as the need became apparent with the growth of the Internet and networked capabilities. After years at Cisco, F5 Networks, Juniper Networks, and Dell, he joined Rimini Street in April 2022.
What security architects do every day
Thaele emphasizes that the role of a security architect varies depending on whether the person is on an internal security team or builds security architecture for clients. Either way, experts in this field have broad, deep knowledge they can apply to finding the best solution in any situation. Their job is to determine the necessary security controls to secure a given network architecture or solution architecture a corporation has in place or is considering adopting.
“We like to think of security as a layered model where there are distinguishable layers to protect things like data,” Thaele says. “A good security architect is well-versed in the different layers, and they have a lot of technical depth. They’ll understand the type of security mechanisms that have to be deployed at each one of those layers.”
Many security architects get involved in running threat models to ensure that the architecture is secure. They will run various types of attacks a bad actor may use and see how the solution performs against each one.
Customer-facing security architects will try to understand what a customer is looking to do, whether on premises or in the cloud. They will look at the overall architecture the company is using and try to identify where to best introduce security solutions. Once they’ve created a plan, they will run use cases and run threat models to understand what the proposed solution’s outcome will be. After the solution is in place, they’ll help with any needed changes or tweaks over time.
Many security architects also get involved in incident response and forensics. When a breach occurs, they can provide insight about how it happened and guidance on how to prevent it from happening again. To do this type of analysis, they look at analytics that various tools have collected, checking to see the types of alerts or alarms generated.
Security architects may also help formulate policies and procedures. They might create configuration guides, or they might work to understand foreign laws dealing with security and privacy regulations to make sure that the solutions they are architecting are in accordance with those laws.
“The key takeaway is that security architects need to be versed in many different areas of security to make sure that the layered security model is in effect,” says Thaele. “They play a really essential role.”
Security architects and the big picture
Security architects provide high value to their companies and clients through their knowledge of a broad range of security concerns and tools. Armed with this knowledge, they can look at the big picture to see what is needed in each layer for maximum protection.
Thaele gives the example of working for a company where Microsoft support had ended for the applications it was using, which meant the company was no longer getting security patches from Microsoft. Thaele had to come up with an alternative solution to ensure security, so he partnered with a security architect to develop three different solutions. The architect was critical in testing and validating the options, and they were able to choose the most effective one. The company not only used the solution to meet its own needs but also started offering it as a service to customers. Finding the best solution was only possible because the architect had a broad understanding of the options that might work and was able to configure and test them.
“A security architect’s real value is their extensive, broad experience across a lot of different products and technologies,” says Thaele. “It would be chaotic if you had to rely on five people for one solution. That’s where security architects add value — by knowing a lot about many things.”