Information Systems Security Architect (CISSA)

By the end of this training, you will have expanded and consolidated your technical understanding and practical experience of working in information security architecture to successfully govern and ensure your organisation’s enterprise operates securely.

Senior practitioner-level cyber security professionals who wish to understand how to manage all aspects of an organisation’s information security architecture effectively. Example roles might include:

• Systems Architects
• Chief Technology Officers
• Systems and Network Designers
• Business Analysts
• Chief Security Officers
• IT/Cyber security practitioners with responsibilities in security architecture

• Utilise cyber security architecture concepts and reference models.
• Scope cloud technologies and cloud security.
• Determine an organisation’s evaluation and validation requirements in relation to cyber security risk management.
• Know how to use resiliency and redundancy to mitigate cyber security risks.
• Establish cyber security systems engineering principles and standards used by an organisation.
• Implement secure configuration management techniques.
• Understand engineering concepts as applied to computer architecture and associated computer hardware/software.
• Instigate best practice measures or indicators of system performance and availability.
• Consider industry standard continuous monitoring technologies and tools.
• Determine suitable cyber security controls related to the use, processing, storage, and transmission of data.
• Develop and apply user credential management systems.
• Network architecture concepts including topology, protocols, and components.
• Understand operational design.
• Review tactics, techniques, and procedures of the threat actors relevant to an organisation.
• Integrate the organisation’s goals and objectives into the system architecture in IT and ICS/OT environments.
• Set up physical or logical sub-networks that separate trusted and untrusted networks.
• Determine the security control requirements of information systems and networks.
• Use design modelling.
• Identify gaps in technical capabilities.
• Audit firewalls, routers, and intrusion detection systems.
• Identify a network anomaly.
• Write clear and concise technical documentation.
• Create and maintain cyber security policies aligned with the organisation’s privacy objectives.
• Assess the application of cryptographic standards.

Ideally, five or more years practical experience in an information security role and have undertaken CISSP training and approved by (ISC)² as CISSP certified.

Knowledge of:

• Cyber security defense and vulnerability assessment tools and their capabilities.
• Encryption algorithms, their relative strengths and weaknesses and appropriate selection criteria.
• Cyber security aspects of business continuity and disaster recovery planning and including testing.
• An organisation’s enterprise cyber security architecture.
• Installation, integration, and optimization of system components.
• Network access, identity, and access management.
• New technologies and solutions from a cyber security perspective.
• Policy-based and risk adaptive access controls.
• System and application security threats and vulnerabilities.
• Key security management concepts.
• All aspects of system lifecycle management.
• Systems testing and evaluation methods.
• Capabilities and functionality of technologies for organizing and managing information.
• Cyber security policies, procedures, and regulations.
• Network systems management principles, models, methods, and tools.
• Cloud-based knowledge management technologies and concepts applicable to security, governance, procurement, and administration.
• Organisational process improvement concepts and process maturity models.
• Cyber security architecture concepts and reference models.
• Service management concepts for networks and related standards.
• Application firewall concepts and functions.
• Confidentiality, integrity, and availability requirements.
• Cloud service models and how those models can limit incident response.
• Payment Card Industry Data Security Standards (PCI-DSS).
• Data security standards relating to the sector the organisation operates in.
• Security management.
• Potential vulnerabilities in all network equipment and how it is used.
• Countermeasure design for identified security risks.
• Intrusion detection and prevention system tools and applications.
• Network design processes, including security objectives, operational objectives, and trade-offs.
• Public sources detailing common application security risks and mitigations.
• Cloud technologies and cloud security.
• Multi-level security systems and cross domain solutions.
• System protection planning measures.
• N-tiered topologies.
• Architectural concepts and patterns.
• Integrating the organisation’s goals and objectives into the system architecture.
• An organisation’s cyber security-relevant evaluation and validation criteria.
• System fault tolerance methodologies.
• Demilitarized zones.
• Software development models.
• Network architecture concepts including topology, protocols, and components.

Skills in:

• Applying and incorporating information technologies into proposed solutions.
• Applying core cyber security principles.
• Designing countermeasures to identified security risks.
• Designing the integration of hardware and software solutions.
• Determining the normal operational state for security systems and how that state is affected by change.
• Evaluating the adequacy of security designs.
• Conducting cyber security audits or reviews of technical systems.
• Applying security models.
• Assessing security controls based on cyber security principles and tenets.
• Effectively preparing and presenting briefings in a clear and concise manner.
• Applying cyber security and privacy principles to organisational requirements.
• Identifying cyber security and privacy issues relating to connections with internal and external Third parties and their supply chain.
• Design modeling and building use cases.
• Writing test plans.
• Designing multi-level and cross domain security solutions.
• Using design methods.
• Translating operational requirements into protection needs.
• Designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
• Continually identifying new technologies and their potential impact on cyber security requirements.
• Using critical thinking to recognize organisational challenges and relationships.
• Identifying measures or indicators of system performance and the actions needed to improve or correct performance as necessary.
• Applying appropriate cyber security controls.
• Identifying test and evaluation infrastructure requirements.
• Assessing cyber security systems designs.
• Identifying cyber security issues that may have an impact on the organisation’s objectives.
• Accessing information relating to current internal and external cyber security resources and their current utilization and priorities.

This training can be tailored to an industry or for a defined audience, with various durations. Example topics typically include:

Domain 1: Architect for Governance, Compliance and Risk Management

• Determine legal, regulatory, organizational and industry requirements
• Manage Risk

Domain 2: Security Architecture Modelling

• Identify security architecture approach
• Verify and validate design (e.g., Functional Acceptance Testing (FAT), regression)
• Analyze complex virtualized IT logical network architecture

Domain 3: Infrastructure Security Architecture

• Develop infrastructure security requirements
• Design Defense-in-depth architecture
• Secure shared services (e.g., wireless, e-mail, Voice over Internet Protocol (VoIP), Unified Communications (UC), Domain Name System (DNS), Network Time Protocol (NTP))
• Integrate technical security controls
• Design and integrate infrastructure monitoring
• Design infrastructure cryptographic solutions
• Design secure network and communication infrastructure (e.g., Virtual Private Network (VPN), Internet Protocol Security (IPsec), Transport Layer Security (TLS))
• Evaluate physical and environmental security requirements
• Analysis of Conceptional Technical Architecture

Domain 4: Identity and Access Management (IAM) Architecture

• Design identity management and lifecycle
• Design access control management and lifecycle
• Design identity and access solutions
• Design Identity and Access Management Plan for Federated Portal Global Enterprise.

Domain 5: Architect for Application Security

• Integrate Software Development Life Cycle (SDLC) with application security architecture (e.g., Requirements Traceability Matrix (RTM), security architecture documentation, secure coding)
• Determine application security capability requirements and strategy (e.g., open source, Cloud Service Providers (CSP), Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) environments)
• Identify common proactive controls for applications (e.g., Open Web Application Security Project (OWASP))

Domain 6: Security Operations Architecture

• Gather security operations requirements (e.g., legal, compliance, organizational, and business requirements)
• Design information security monitoring (e.g., Security Information and Event Management (SIEM), insider threat, threat intelligence, user behaviour analytics, Incident Response (IR) procedures)
• Design an Operational Security Monitoring Architecture to support the Incident Response requirements in a Federated Environment.
• Design Business Continuity (BC) and resiliency solutions
• Validate Business Continuity Plan (BCP)/Disaster Recovery Plan (DRP) architecture
• Design Incident Response (IR) management
• Complex Architecture Challenge
• Case Study – System Security Capstone Exercise

Exam Preparation