Re: Security Architect job description?

[Ravi Kumar <ravi.kumar () BC EDU>]

Hi Lora,

I had Security Manager description which I prepared, this should help you to get started:

Manages the implementation of corporate policies, programs, and procedures to cost-effectively protect information 
systems assets from intentional or inadvertent modification, disclosure or destruction.

     * Develops, maintains, and enforces corporate information security standards and guidelines encompassing data and 
intellectual security.
    * Develops and maintains systems within an enterprise security environment.
    * Manages and coordinates compliance for required industry audits by helping to identify issues, anticipate and 
solve problems, and provide customer service to internal and external customers based on your ability to prioritize and 
initiate solutions. 
    * Good multi-platform knowledge. Experience in UNIX, Windows, Linux, and IP intranet/Internet security environments 
including: firewalls, intrusion detection, incident response, policy writing, vulnerability testing, operating system 
hardening, regulatory compliance, and data classification.
    * Experience architecting and implementing security solutions, policies, and technologies relating to transactional 
web sites is a plus.
    * Experience in data administration and security methods with Oracle, SQL Server, or similar environments plus 
experience in various database design techniques.
    * Solid knowledge of Sarbanes Oxley compliance, corporate security and network policies and procedures, and 
experience in a compliance management leadership role.
    * Prior business and system presentation practices to all levels of the organization 
    * Proactively protects the integrity, confidentiality, and availability of information in the custody of, or 
processed by, the company, providing reports to superiors regarding the effectiveness of network and data security and 
making recommendations for the adoption of new procedures and technologies as required.

* Working knowledge of ISO 17799 Security Standards and SAS 70 auditing techniques.

* Experience linking legal and regulatory statutes with corporate policies.

    * Demonstrated competency in strategic thinking with strong abilities in relationship management
    * Demonstrated competency in developing effective solutions to diverse and complex business problems
    * 
- Certified Information Systems Security Professional (CISSP)


Thanks.
Ravi
-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Fulton, 
Lora
Sent: Thursday, April 15, 2010 1:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security Architect job description?

We're reviewing/updating/creating some of our job descriptions and are looking for any samples/examples you may have 
for Security Architects.

Thanks in advance for your assistance!

-Lora 

Lora Fulton
Security Analyst, Information Services & Technology
Boston University
T (617)353-8293
F (617)353-6260
lfulton () bu edu
www.bu.edu/tech/