TechTarget.com/searchsecurity

https://www.techtarget.com/searchsecurity/feature/How-to-become-a-cybersecurity-architect

How to become a cybersecurity architect

By Kyle Johnson

Are you interested in being the employee who helps their employer design its defensive strategy? If so, the role of cybersecurity architect might be for you.

Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. They develop strong security postures that not only safeguard data and networks, but do so without hindering employees' ability to access and manage assets and applications.

The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director of security architecture and vice president of cybersecurity operations at JPMorgan Chase & Co.

But it isn't a job you can walk right into -- it takes years of preparation and experience.

Whether you're new to cybersecurity and interested in becoming a cybersecurity architect, an existing IT pro looking to transition to the role, or an existing or entry-level cybersecurity pro who wants to expand to a cybersecurity architect career, Nichols wrote Cybersecurity Architect's Handbook for you. The book provides everything you need to understand the complexities of the cybersecurity architect role and how to achieve it.

If you're just starting out, Nichols, a 25-year cybersecurity veteran, recommended honing skills in early roles, such as a network or system admin. These positions provide the skills and knowledge to draw upon as you advance down a cybersecurity architect career path.

Nichols also recommended you master the following three foundational areas:

1. Networking, so if someone provides you with a port or service, you understand its significance.
2. Linux, since much of the internet is built on Linux and many security tools run some form of it.
3. Scripting languages, whether it's Bash, Python, PowerShell, etc. This enables you to potentially automate a common task or expand a system's capabilities.

These three areas cover "80 to 90% of the hard work," Nichols said. "Everything else builds upon them."

Effective communication is also critical, Nichols added. For example, understanding why the security team needs to implement specific controls and knowing how they could impact and frustrate the operational side of the house enable you, as cybersecurity architect, to foster a better relationship between the two teams.

The following excerpt from Chapter 7 of Cybersecurity Architect's Handbook provides a roadmap to becoming a cybersecurity architect. Read on to learn which paths can lead to the coveted cybersecurity architect role, including steps to get there, study schedule and training recommendations.

The journey

It is important to remember that the journey begins with the first step. In this case, it is deciding where to go. While it is possible to just travel along life with no direction or destination, this can lead to great excitement or utter stagnation. Like a boat that has no rudder or sail, you are left to tidal forces to take you from place to place. This can definitely provide adventure and excitement but also has the potential to leave you stranded in the middle of the ocean without resources and at the mercy of the destructive power of an ocean storm.

Your career can be as equally challenging, making the desired destination an important decision to make regardless of where you begin. Using Jeff Goldblum's character Ian Malcolm from Jurassic Park as an example, he explains chaos theory using drops of water. Ian takes a drop of water and places it on the hand of another character, and it flows down the hand in a specific direction. He then repeats what he did initially. When the water rolls off in another direction the second time, he explains, "It changed, because tiny variations, the orientation of the hairs on your hands, the amount of blood distending your vessels, imperfections in the skin... never repeat and vastly affect the outcome." These are decisions we make along our journey. While many may head for the same destination, the path we take can vary and is unique to each individual.

The journey from an entry-level position to a senior CSA is filled with crucial milestones. While rewarding, it requires strategic planning and avoidance of potential pitfalls to achieve career advancement. This guide serves as a roadmap highlighting core knowledge areas, necessary certifications, common job roles, and fundamental proficiencies at each stage of the cybersecurity career life cycle. It provides perspective on transitions between early technology jobs to mid-level security analyst roles, then specialist and engineer positions, and finally, the advanced architect level.

By understanding the incremental evolution required at each level, aspiring cybersecurity professionals can thoughtfully chart their career trajectories, set targeted goals, and ultimately attain leadership roles in this critical and ever-evolving field. Whether starting from IT support, software development, systems administration, or network engineering, this guide outlines domains to expand into, skills to hone, credentials to acquire, and pitfalls to sidestep at each step of the cybersecurity career journey.

The cybersecurity field offers a wide range of career growth opportunities, from entry-level roles to advanced architect positions. However, the path is not always linear and requires diligent planning, continuous skill-building, and avoiding potential pitfalls. This guide provides an overview of typical milestones and learning priorities at each stage, helping aspiring cybersecurity professionals chart out an optimal career progression strategy.

Before we begin the discussion on the various pathways from getting into cybersecurity to becoming a CSA, it would be helpful to have a more visual representation to understand the direction and steps:

Table 7.1 -- Pathway to becoming a CSA

Initial entry-level roles	Help desk support Software developer Network administrator
Key intermediate steps	Systems administrator Application security engineer Security engineer (focus areas such as firewalls, intrusion detection systems (IDSs)/intrusion prevention systems (IPSs), and so on)
Important certifications to obtain	CompTIA (A+, Network+, Security+) Cisco (Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP) Security) International Information System Security Certification Consortium (ISC2) Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP))
Critical skills to develop	Hands-on technical skills (networking, coding, systems, and so on) Communication and collaboration abilities Understanding of risk management frameworks
Years of experience before the architect role	Typically 7-10 years Deep expertise and well-rounded experience are key
Architect job responsibilities	Design and integrate security solutions Bridge technical capabilities and business needs Guide strategic roadmaps and governance

The preceding table provides a visual representation of items that will be discussed in this chapter.

Entry level -- starting in a technology field

For those just embarking on a technology career, early roles tend to focus on building core competencies such as networking, systems administration, and basic programming. It is crucial even at this stage to avoid overspecializing and to keep exploring adjacent domains. Continuously learning new skills, experimenting with projects outside work, and avoiding complacency are key. Certifications such as A+, Network+, and language-specific programming certs can help build credibility.

Obtaining critical certifications early validates core competencies. Study guides, practice tests, and online courses can prep for exams such as CompTIA A+, Network+, and Security+. Studying 10-15 hours weekly in the first two years to pass 3-4 foundational certs is recommended. Learning adjacent domains builds well-rounded abilities.

Example pathways

Transitioning from entry-level technology roles to a CSA requires meticulous planning, diversifying skills, and staying updated with industry trends. While the journey may start in different tech domains, the ultimate convergence is toward a robust understanding of cybersecurity principles. Here's a deep dive into some example pathways, accompanied by tailored study and training schedules to become a CSA, starting from an entry-level technology role:

• Starting in help desk support: Progress to a systems administrator role to gain networking and systems expertise. Pursue cybersecurity certifications such as Security+, CISSP, and Certified Ethical Hacker (CEH) in your free time. After 3-5 years, attempt to transition into an information security analyst job. From there, earn certs such as CCSP and advance to leading security engineering projects. After 7-10 years total, you can achieve a security architecture role.
• For help desk techs, self-study for certs such as CCNA. Avoid overspecializing too early:
  • Pathway:
    • Initial role: Help desk support
    • Intermediate steps: Progress to systems administrator | information security analyst |security engineer
    • Final destination: CSA
  • Study schedule:
    • Years 1-2: Focus on foundational IT concepts and obtain certifications such as A+.
    • Years 3-4: Dive into networking with certifications such as Network+ and start exploring cybersecurity concepts. Prepare for and earn the Security+ certification.
    • Years 5-6: Dedicate considerable time to advanced cybersecurity studies. Aim for the CISSP and CEH certifications.
  • Training:
    • Engage in hands-on labs and real-world scenarios.
    • Join online forums and communities focused on systems administration and cybersecurity.
    • Attend workshops and conferences.
  • Pitfalls:
    • Becoming confined to non-technical support roles.
    • Not acquiring enough practical security experience early.
• Starting as a software developer: Look for opportunities to gain experience in secure coding practices and designing secure architectures. Learn system administration basics on the side. After a few years, try to switch to an application security engineer role. Obtain advanced certs such as CompTIA Advanced Security Practitioner (CASP+) and gain expertise in auditing and pen testing. After 5+ years, you can aim for a lead architect job focusing on application and application programming interface (API) security.
• Creating a training plan focusing on next-career-step-tailored learning: Those aiming for security analyst roles can pursue intermediate certs such as Security+ and CISSP while working. Studying 1-2 hours on weeknights and 4-6 hours on weekends can prepare for exams in 6-12 months per cert:
  • Pathway:
    • Initial role: Software developer
    • Intermediate steps: Master secure coding | application security engineer | lead in application/API security
    • Final destination: As a developer, you are able to pivot to any role, so there is no specific final destination as with other career paths.
  • Study schedule:
    • Years 1-2: While mastering coding, start gaining foundational knowledge in cybersecurity. Explore certifications that focus on secure coding practices.
    • Years 3-4: Transition focus to designing secure architectures and delve into system administration basics. Seek the CASP+ certification.
    • Years 5-6: Deepen expertise in application security and work on advanced certifications such as CISSP.
  • Training:
    • Participate in coding bootcamps with a focus on security.
    • Engage in secure coding challenges and capture-the-flag (CTF) events.
    • Regularly attend workshops and seminars on secure application design and development.
  • Pitfalls:
    • Not acquiring a broad foundation in networking or infrastructure.
    • Letting coding skills become obsolete.
• Starting in network administration: Obtain vendor certs such as CCNA and gain firewall configuration skills. Volunteer for security-related initiatives and policy planning. After 2-3 years, look to transition into a security engineering role managing firewalls/VPNs. Study for advanced certs such as CCNP Security and CISSP while seeking opportunities to gain experience with cloud and identity management systems. After 6+ years and with diverse hands-on skills, you can attain an architect position.
• For network admins, take online programming courses on nights/weekends:
  • Pathway:
    • Initial role: Network administrator
    • Intermediate steps: Master network security | security engineer focusing on firewalls/VPNs | lead in network security architecture
    • Final destination: CSA with a specialization in network security
  • Study schedule:
    • Years 1-2: Get foundational networking certifications such as CCNA. Begin studying firewall configurations and security protocols.
    • Years 3-4: Deepen knowledge of network security. Obtain certifications such as CCNP Security and broaden your horizons into cloud security principles.
    • Years 5-6: Focus on comprehensive cybersecurity principles and aim for the CISSP certification.
  • Training:
    • Join specialized training programs for network security.
    • Participate in simulated network attack and defense exercises.
    • Attend industry conferences focused on network security trends and innovations.
  • Pitfalls:
    • Remaining restricted to purely network operations roles.
    • Not diversifying into comprehensive security architecture and policy formulation.

Irrespective of the starting point in technology, the journey to becoming a CSA demands a multifaceted approach. Emphasizing continuous learning, acquiring diverse technical skills, and securing practical experiences are pivotal. By following tailored pathways and avoiding common pitfalls, professionals can streamline their journey to senior cybersecurity roles, ensuring they are well prepared for the challenges and responsibilities they entail.

This has been mentioned previously in previous chapters; in fact, several labs were featured to prompt you to create a lab-based environment, but maintaining an updated home lab to tinker with new technologies prevents stagnation while adding demonstrated initiative. Set aside 4-6 weekends per year for refreshing lab systems and software. The key is balancing focused credentials, hands-on experimentation, adjacent knowledge, forward-looking skills, and leveraging employer resources to maximize foundational learning and avoid entry-level pitfalls.

Kyle Johnson is technology editor for TechTarget Security.

Lester Nichols brings over 25 years of cybersecurity and technology leadership experience to his role as author. Currently serving as director of security architecture and VP of cybersecurity operations at JPMorgan Chase & Co., he has previously held senior infrastructure and security positions in the government, financial services, healthcare and IT consulting sectors.