Application Security Architect
Application security architects work with development and computer architecture teams to build computer security applications. Their job tasks might include testing programs for security weaknesses, performing vulnerability scans, and providing security guidance to software development teams.
Software developers, including application security architects, work at least 40 hours a week if not more. Depending on their specific job duties, developers may work as part of a team, independently, or through telecommunication. Such individuals work in an office setting, with few physical demands associated with the career.
|Degree Level||Employers prefer candidates who have a bachelor's degree|
|Degree Field||Computer science, but some employers seek candidates with knowledge of software engineering practices|
|Experience||5+ years of experience working in application security and 7-10 years of overall experience working in IT|
|Licensure or Certification||Voluntary; several available|
|Key Skills||Application architecture and software development skills; ability to conduct software security testing using tools like WebInspect and Fortify; ability to conduct protocol, application and malware analysis; ability to debug systems; familiarity with authentication schemes; knowledge of HTTP protocol; experience with ethical hacking and penetration testing, networking protocols, and computer architecture|
|Median Salary (2015)*||$98,260 yearly (for all applications software developers)|
Source: Job postings found in November 2012 on Monster.com, Open Web Application Security Project, National Veterans Association, *U.S. Department of Labor Statistics
Steps to Getting Into This Career
Step 1: Earn a Bachelor's Degree
Possessing a bachelor's degree is not a universal requirement to work as an application security architect. However, some employers seek candidates with a bachelor's degree in computer science or who have experience in software engineering.
Computer science bachelor's degree programs include courses in operating systems, data structures, computer programming, application programming, and programming languages. These 4-year programs might also allow students to concentrate their studies in areas like programming languages, software programming, or computer architecture.
Alternatively, a bachelor's degree in software engineering could also lead to a career as an application security architect. The curricula of these 4-year programs focus on the reliability, quality, analysis, and usability of software programs. Classes in them may cover statistics in software engineering, operating systems concepts, software architecture and design, and software project planning, as well as management and requirements engineering.
To get the most out of your program, consider work as an intern. Computer science students may be able to complete an internship during their studies. Working as an intern with a local computer company introduces students to the common job tasks performed by information technology professionals. Additionally, the networking opportunities these internships provide may make it easier to find a job after graduation.
Step 2: Begin Working in Information Technology
The job postings showed that most employers prefer candidates with several years of experience working in information technology and application security. One potential career pathway for recent graduates is to work as software engineers. According to the U.S. Bureau of Labor Statistics (BLS), most software engineers have a bachelor's degree in computer science or a related subject. The BLS also stated that these engineers usually do not need experience to begin working in the field. Because this career involves working with engineering software applications, a skill most employers of application security architects seek, it may be a good stepping stone for aspiring security architects.
Step 3: Become Certified
Most employers seek to hire application security architects who are certified. The Certified Information Systems Security Professional is offered by the International Information Systems Security Certification Consortium, Inc. To be eligible for this credential, an individual must possess experience working in information systems security. Earning the credential requires passing an exam. The Certified Ethical Hacker credential is also sought by employers. Earning this credential requires completing a course and passing an exam.
Step 4: Obtain an Application Security Architect Job
After gaining several years of information technology work experience, individuals may be eligible to move into a position as an application security architect. Job tasks performed by these architects include testing applications for vulnerabilities and reporting any discovered vulnerabilities, designing application security programs, and creating metrics to test programs.
Step 5: Consider Advancing to Management
With time spent in IT and designing and testing security applications, an individual can advance to the position of computer and information systems manager. Employers general prefer an applicant to have a graduate degree in addition to experience.
To recap, with a bachelor's degree and several years of experience in application security and IT, application security architects can earn about $98,000 a year to test programs for security weaknesses, perform vulnerability scans, and provide security guidance to software development teams.