Drag

Security

Location : ,

Job Description

Security Architect

They need to be local and willing to convert perm

Notes for Architect:

Need to know these methodologies:

TOGAF, PASTA, STRIDE

 

Security architect –

  • Architect has broad experience – big picture approach – every domain in sec
  • Network
  • IAM
  • SecOps
  • Incident response
  • Asset management
  • Lock management
  • Threat modeling
  • Enterprise architecture and threat modeling
  • “have you done threat models” “what methodology have you used”
  • What are the frameworks: Stride, pasta,
  • Describe to me – acronyms : PASTA, STRIDE, TOGAF
  • Deep dive tactic spoofing
  • CISSP – gold standard, reps the broad knowledge
  • Identify lack of security controls
  • Security reviews (currently informal not following a threat model)
  • They are formalized – building team of architects
  • Resumes looking for threat modeling and sec architect in title or in their JD
  • TOGAF mention
  • Impressed when people list have risk assessment similar to threat modeling