The Security Architect will identify vulnerabilities, evaluate the risks, and recommend a mitigation plan. The objective is to ensure the security risks are considered during the process of project implementation and development. Depending on the nature of the work required, the scope and depth of the review will vary and may include:
- Security analysis – identifies high-level threats
- Vulnerability assessment – identifies the security holes in the system or infrastructure
- Threat and risk assessment – provides recommendations to maximize the protection of confidentiality, integrity, and availability.