Any incite on becoming a security architect

austinfx · January 2017

I am looking into becoming a security architect, and any tips or good things to know would be helpful. I am a senior in high school at the moment and ever since the sixth grade I've loved everything about computers. I have been doing a hefty amount of research and everything I've read has been pretty outdated but still helpful in some ways. From what I've researched almost all entry level jobs are requiring at least a bachelors degree in computer science or a related field. Say I were to go ahead and spend four years getting a bachelors in computer science as well as an internship with some company so I have work experience; then go ahead and grab security+ certification along with CEH. Going through all of that I've read does pay off, but then I read to find out the bachelor's degree really won't get you much if you just go ahead and aim for certification as well as an CISSP. I honestly don't know the best route to take to land a solid paying job. I've talked to guys that are fresh out of college that work in silicon valley and majored in computer science; they make 200k. Then talked to an IT guy who never went to college, and is working at a CISSP that earns him some good cash. Where to I really need to start in order to work my way to becoming a security architect, and what is truly needed to get me there? Any info or job incite, tips, mentoring you can give me would be much appreciated.

TheFORCE · January 2017

Those guys that make 200K fresh out of of college did you ask them only how much they make or did you ask them what they do in order to make it? Those guys are probably programmers or developers writing code. Reading your paragraph, are you looking for a path for a solid paying job or are you looking for a path to becoming a security architect? College degree is a good start, having just the degree though is not enough, you want to excel and be the top of your class or even the top of your college in that degree. Then comes your entry level certificates coupled with your internship will get you some experience that you can build on getting better roles. And the cycles then repeats.

Just remember, you wont become a security architect in your first 3-4 years of your career. Security architects are usually senior IT professionals with many years of experience, but hey you never know what you can do if you focus.

636-555-3226 · January 2017

I've never met someone right out of college making 200k. I hesitate to call BS, but that one guy might be a unicorn who invented some awesome new thing for Google or something. I wouldn't pin your hopes on it happening to you.

~$ echo TheForce - a good security architect is someone who has a LOT of experience in IT and Security. You're getting that job when you're 40, not when you're 25. You might be able to find some random small company to give you that job if times are tough (which they admittedly are), but it's a big job for a new guy.

EnderWiggin · January 2017

Getting the bachelors degree would be a good start to building foundational knowledge. The internship would be the best thing for you in terms of landing a job after graduation, and universities typically have ways of helping students find and land internships. Security+ and CEH are good entry-level certs to work on during summer breaks, and they will help you with HR filters. So four years from now, you'd be coming into the job market with a BS, Sec+, CEH, and a few years' worth of internship experience. That'll land you a Junior Security Analyst type of job, and from there, you work your way up. A decade from then you could be at your goal of Security Architect.

Danielm7 · January 2017

636-555-3226 wrote: »

I've never met someone right out of college making 200k. I hesitate to call BS, but that one guy might be a unicorn who invented some awesome new thing for Google or something. I wouldn't pin your hopes on it happening to you.

~$ echo TheForce - a good security architect is someone who has a LOT of experience in IT and Security. You're getting that job when you're 40, not when you're 25. You might be able to find some random small company to give you that job if times are tough (which they admittedly are), but it's a big job for a new guy.

Agree on both points. Some people get huge paydays working in the bay area in developer jobs, but look at their cost of living before you really get jealous, it doesn't always balance out. About the security architect, we hired one a little over a year ago, I think the candidates had, on average, 20+ years of IT experience. It's a fine long term plan but a million things could change between now and then.

Sweece · January 2017

EnderWiggin wrote: »

Getting the bachelors degree would be a good start to building foundational knowledge. The internship would be the best thing for you in terms of landing a job after graduation, and universities typically have ways of helping students find and land internships. Security+ and CEH are good entry-level certs to work on during summer breaks, and they will help you with HR filters. So four years from now, you'd be coming into the job market with a BS, Sec+, CEH, and a few years' worth of internship experience. That'll land you a Junior Security Analyst type of job, and from there, you work your way up. A decade from then you could be at your goal of Security Architect.

This.

I'm just about to graduate with my Bachelor's in Computer Science and I can tell you right now that this is exactly the path that you need to take. Just like you, I aspire to climb the security ladder as well and hopefully become a security architect one day. Of course, you have to work your way up.

1. Do the best you can in your CS classes.
2. Make as many connections as you can to land you an internship.
3. Get an internship FOCUSED IN SECURITY! This is important. A typical help desk job will not help you much at all and could possible get you stuck in the IT support loophole. Companies want to see specializations, and in your case it's security.
4. Get your certs BEFORE you graduate.
5. Apply for entry-level jobs (security analyst, junior security engineer, etc) and work your way up to architect.

I was fortunate enough to get an internship in Network Security during my Junior year of college and it was the best thing that happened to me. I got hands on experience in the security field and I'm just about to finish up my Security+ cert. I can't stress this enough, internships will get you in the door. That is key, and that's what got me an interview for an Information Security Analyst job right out of school. You can do it! Just act now.

kiki162 · January 2017

LOL, those guys making $200K fresh out of college, ask them how their social life is. I'll bet you they don't have one! Your whole statement is funny because I thought I could do something similar when I got out of HS, and this was in the late 90's. Lets look at it this way, if you were to magically get a really good paying job in IT right after high school, you have to look at it like this, you have no formal education, and if you get through a few years at a "potential" job, how is that job experience going to market you for future jobs?? I can tell you that getting a degree will pay off for you. It shows that you took the time to pursue college, and have some education to back you up. I would look at researching some of these colleges out there, as some of them may be easier for you than others.

If you ever remember anything when it comes to "IT"...remember this, never stop learning. This field will require that of you, even if you get a few certifications that you really don't use, or let expire down the road. First, get yourself that BS degree, and soak yourself into every possible thing you can to learn and grow. Next, establish a CORE area within IT for yourself, and then you can expand from there. So for example, you could start as a sysadmin, which will provide you with a better understand what it takes to be a security architect.

austinfx · January 2017

All of these responses are really beneficial, and way more than I ever thought I was going to receive. Thank you all so much; every single comment allowed me to look at things from different angles. I didn't ask those guys what their lives were like but when I met them, I was at golds gym. They had time to head there, which probably would be the only place for their night. I do need to research colleges that could possibly be easier but I also want to have good connections there I can meet. If there are any colleges you guys recommend that would help as well. I live in the bay area but have been looking at colleges here and NY. What kind of internships are there where it's not at a help desk, aren't most of security internships at help desk? What exactly should I be looking for is my question, and which ones should I stay away from? Also for my certificates, should I be working on the entry level certificates only before I graduate; or also pursue an associate CISSP or other certificate? Should I just wait for that kind of certificate later on? Also for Sweece, did getting that internship help with getting a network+ certificate, as well as more connections? What all certificates should I focus on getting before I graduate college? I know Security+ but are there any others that are must have for a great job landing out of college?

Thanks everyone, I appreciate it greatly

soccarplayer29 · January 2017

Sounds like you're in a location where there are tons of opportunities.

Education:
I'd recommend going to college in state unless you can afford out of state tuition. No need to go several times more in debt for the same education.

Internships:
If you were to go to a solid CS/IT program in California then those universities likely have recruiting connections with local businesses for internships and graduate hires. That seems to align with your career goals.

Certs:
I assume your college curriculum involves some networking so I would also recommend a solid understanding of network that pairs with your course schedule (look at CCENT/CCNA/Net+). If you're focuses on ambitiously focused on security then I'd suggest Sec+ first. You may also want to consider CEH and the CompTIA Cyber security analyst. I would not pursue the CISSP until having after graduation and a few years of experience.

Overall: A bachelors, network cert, sec+, and valuable internships coming out of college will prepare you for your career.

Mitechniq · January 2017

As a person that just recently got promoted to Security Architect, I wanted to chime in on my experience and my personal achievement.

I have been in the IT industry officially for ten years. I started off as a Linux Administrator and eventually became a 'Jack of All Trades' working on Oracle databases, Cisco network equipment, and VMware. In fact, I have always been a hosh posh of certifications and educational background. I can spend a month learning MongoDB and the next MPLS. It is the nature of my technical personality. My pay and title have always been a struggle for me compared to specialized co-workers I know. They always had senior roles, for example, a Sr Cisco Engineer made 30-40k more than me but do not ever ask him about Linux or VMware; he never cared to learn anything outside his role, (again this is my personal experience and not intended to be a general comment towards all Specialized careers).

Several years ago my manager started to pitch my expanded knowledge of multiple security domains and I began to sit on projects that needed someone who could 'architect' a full-scale project. Ahhh! My 'JOAT' position was now starting to pay off.

In this role, I get pitched by Sr. Management several technologies in the expectation that I know or have done some research on the subject. I spend my mornings before the day starts, reading articles, whitepapers and forums on any up-and-coming security trend or IT market movement. I take the time to write notes on at least one new application a week. This week it is Okta and how it can be useful for our Single-Sign-On solution the VP of our company would like to tackle.

What I have noticed from my Sr. Architects is they have other certifications like TOGAF, ITIL, and PMP which I once before had no desire in tackling. I am still learning this role as a prime example, last week one of the VP's wanted me to look at a possible solution. I asked one of our Sr. Architects if I should ask for requirements, he laughed and said 'you are the architect, you take his business statement and develop requirements for the engineers to fulfill.'

I use this quote as my inspiration and proper one for all IT Architects: "I dare you to push yourself until everything you didn't know, becomes your specialty."

scaredoftests · January 2017

Sorry, but it is insight you want, not incite. You better not do that on a resume, you will never get calls.

austinfx · January 2017

scaredoftests wrote: »

Sorry, but it is insight you want, not incite. You better not do that on a resume, you will never get calls.

Thanks man, I appreciate your correction. It was very early in the morning when I wrote this thread, and I had no sleep; please forgive any grammatical mistakes or misspellings.

scaredoftests · January 2017

Understood, just don't do it again.

Any incite on becoming a security architect

Comments