What is an Enterprise Architect?
The Enterprise Architect develops and maintains business, systems, and information processes to support enterprise mission needs; develops IT rules and requirements that describe baseline and target architectures.
Professional Certifications:
Enterprise Architect must know:
- computer networking concepts and protocols, and network security methodologies.
- risk management processes (e.g., methods for assessing and mitigating risk).
- laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- cybersecurity and privacy principles.
- cyber threats and vulnerabilities.
- specific operational impacts of cybersecurity lapses.
- database systems.
- organization’s enterprise information security architecture.
- organization’s evaluation and validation requirements.
- electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
- installation, integration, and optimization of system components.
- Security Assessment and Authorization process.
- industry-standard and organizationally accepted analysis principles and methods.
- cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- mathematics (e.g. logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis).
- network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
- operating systems.
- how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
- parallel and distributed computing concepts.
- key concepts in security management (e.g., Release Management, Patch Management).
- security system design tools, methods, and techniques.
- software engineering.
- systems testing and evaluation methods.
- telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
- the systems engineering process.
- critical infrastructure systems with information communication technology that were designed without system security considerations.
- network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
- organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
- service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
- security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
- circuit analysis.
- confidentiality, integrity, and availability requirements.
- cybersecurity-enabled software products.
- the Risk Management Framework Assessment Methodology.
- various types of computer architectures.
- multi-level security systems and cross domain solutions.
- program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
- configuration management techniques.
- N-tiered typologies (e.g. including server and client operating systems).
- an organization’s information classification program and procedures for information compromise.
- the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
- integrating the organization’s goals and objectives into the architecture.
- determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- embedded systems.
- system fault tolerance methodologies.
- Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
- demilitarized zones.
- network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
- network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
- network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
Key skills of the Enterprise Architect include:
- applying and incorporating information technologies into proposed solutions.
- designing the integration of hardware and software solutions.
- determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- design modeling and building use cases (e.g., unified modeling language).
- writing code in a currently supported programming language (e.g., Java, C++).
- the use of design methods.
- apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
Enterprise Architect must be able to:
- apply the methods, standards, and approaches for describing, analyzing, and documenting an organization’s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
- conduct vulnerability scans and recognize vulnerabilities in security systems.
- apply an organization’s goals and objectives to develop and maintain architecture.
- optimize systems to meet enterprise performance requirements.
- execute technology integration processes.
- build architectures and frameworks.
- apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- identify critical infrastructure systems with information communication technology that were designed without system security considerations.
- set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.