Handmade Network»Forums»Career Advice
Taz
10 posts
Application Security architect?

Hi all,

I am getting the feeling what I would like to do, or the position I would ultimately want might not be something that would be practical or available? So hear me out please.

So I strongly believe we need to start designing systems to be performant and secure off the bat, now for security you also need the system to be reliable (chaos engineering needed here as well). I so often see that people will neglect those areas, and only once the application is up and running we sit with something that is slow, and ultimately to fix the performance issues, a redesign might be needed. Same for the security holes.

So my question is, what type of role would look at this? An architect with a focus on performance and security? Something like a CASE (Certified Application Security Engineer). Or would it be better to maybe go into SRE? Or do you become a specialist in something like application security. I am not looking to do pentests, but I would want those against my system.

I have some natural ability to always somehow ending up exposing the weak points of a system, or finding the flaws, naturally I end up fixing those, so I get blamed for just breaking everything. Performance optimization is fun for me, and designing solutions that are meant to perform well is challenging. Then making sure a system is secure while still being fast, is something I would really like to achieve.

So thoughts on where I should maybe focus? I have seen the diaries of architects and no thanks, they never get time for actual code, or do sit down and design systems.

Simon Anciaux
1241 posts
Application Security architect?

I don't have any knowledge about that, but maybe you can try to find someone working in security (e.g. at Google, Valve, Epic...) and ask them ?

https://security.googleblog.com/

https://www.valvesoftware.com/en/people