Enterprise Architect Job Profile

Discover more salary details for

What is an Enterprise Architect?

The Enterprise Architect develops and maintains business, systems, and information processes to support enterprise mission needs; develops IT rules and requirements that describe baseline and target architectures.

Professional Certifications:

Enterprise Architect must know:

  • computer networking concepts and protocols, and network security methodologies.
  • risk management processes (e.g., methods for assessing and mitigating risk).
  • laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • cybersecurity and privacy principles.
  • cyber threats and vulnerabilities.
  • specific operational impacts of cybersecurity lapses.
  • database systems.
  • organization’s enterprise information security architecture.
  • organization’s evaluation and validation requirements.
  • electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
  • installation, integration, and optimization of system components.
  • Security Assessment and Authorization process.
  • industry-standard and organizationally accepted analysis principles and methods.
  • cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • mathematics (e.g. logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis).
  • network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • operating systems.
  • how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • parallel and distributed computing concepts.
  • key concepts in security management (e.g., Release Management, Patch Management).
  • security system design tools, methods, and techniques.
  • software engineering.
  • systems testing and evaluation methods.
  • telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
  • the systems engineering process.
  • critical infrastructure systems with information communication technology that were designed without system security considerations.
  • network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
  • service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
  • circuit analysis.
  • confidentiality, integrity, and availability requirements.
  • cybersecurity-enabled software products.
  • the Risk Management Framework Assessment Methodology.
  • various types of computer architectures.
  • multi-level security systems and cross domain solutions.
  • program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
  • configuration management techniques.
  • N-tiered typologies (e.g. including server and client operating systems).
  • an organization’s information classification program and procedures for information compromise.
  • the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
  • integrating the organization’s goals and objectives into the architecture.
  • determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • embedded systems.
  • system fault tolerance methodologies.
  • Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
  • demilitarized zones.
  • network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.

Key skills of the Enterprise Architect include:

  • applying and incorporating information technologies into proposed solutions.
  • designing the integration of hardware and software solutions.
  • determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • design modeling and building use cases (e.g., unified modeling language).
  • writing code in a currently supported programming language (e.g., Java, C++).
  • the use of design methods.
  • apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.

Enterprise Architect must be able to:

  • apply the methods, standards, and approaches for describing, analyzing, and documenting an organization’s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
  • conduct vulnerability scans and recognize vulnerabilities in security systems.
  • apply an organization’s goals and objectives to develop and maintain architecture.
  • optimize systems to meet enterprise performance requirements.
  • execute technology integration processes.
  • build architectures and frameworks.
  • apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • identify critical infrastructure systems with information communication technology that were designed without system security considerations.
  • set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N


Tom_Cruiso
Restoring or exporting?
Views: 516 / February 20, 2019

Vikrant Saran
How to prepare for your Azure Certification
Views: 624 / February 20, 2019

sm0k3
Regular Expressions: Why do you need it in pentest and how to learn
Views: 1333 / February 19, 2019

widesidek
Benefits of virtualization
Views: 1433 / February 18, 2019
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel