Security architecture vs engineering?

DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
in IT Jobs / Degrees
I have done alot of security work in my career and can't decide which role would best fit. I see alot of security engineering positions that are looking for guys with just NIST, ISO and other policy type/ vuln exp.

This type if role would fit my exp perfect, but I also keep seeing a role called security architecture.

Almost the same type credentials in some of the job descriptions.

Does anyone have any detailed description that would distinguish between the two, or are they one in the same?

Also, would CISSPISSAP/EP get me in the right frame of mind for one of these jobs?
· Share on FacebookShare on Twitter

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    One companies architect is another's engineer. Judge the positions by the duties not the title.
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    ^^ Exactly, titles don't mean anything between companies. You'll find helpdesk engineers, I've worked with architects who only do policy and others who are super technical. Figure out what sort of role you want to fill and go for that, the title shouldn't be the defining characteristic.
    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    What I've generally seen is the architects design the implementations and the engineers are the ones who implement it. But as networker said, some companies will slap either label on either responsibility.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
    Interesting.

    Anyone have any exp filling one of these roles?

    What was your take?

    Right now I do securiry implementation and heavy C&A/ policy work so I think one of these roles would fit well.
    · Share on FacebookShare on Twitter
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Everybody uses different words for different things even if they might be the same. I concur with JoJo re: architects design the program and the engineers are the hands-on people actually installing, tuning, and rolling out the systems. After the architects say what to do and the engineers install it all, the security administrators run the systems and notify the analysts when something looks off. if you're doing implementation then at least in my mind that's engineering, but believe me, most job openings i see are written by people who don't know much about security, so they're all over the board.
    · Share on FacebookShare on Twitter
  • DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
    Ha ha sounds like I am actually already in an engineering position according to the responses.

    The government labels everything different.

    Although I am a sys ADM, my official title is information systems security officer.
    · Share on FacebookShare on Twitter
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    And architects gets paid MUCH more than engineers. I want to be an architect when I grow up. Or I want to get paid like one.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

    · Share on FacebookShare on Twitter
Sign In or Register to comment.