. In accordance with us being Cyber Work,
I want to talk a little bit about your work
life here. What do you do as a security architect
for Motorola? Can you sort of walk me through
your average day of tasks and assignments?
For people who are like, “I’ve never heard
of what a security architect is,” what exactly
do you do as a security architect?
[29:23] PB: Right. As part of security architect,
I play several roles within the same day for
my organization. If I have to give you a high
level hierarchy, I would say my roles range
from tactical and strategic. As tactical,
for example, an example of a security setup
that I'm working on right now is we’re bringing
up a new instance of a next-generation firewall
in the cloud environment. This would reside
on a virtual machine skill set let’s say.
Then we are now in the process of updating
so we are also in a process of onboarding
new applications on this firewall. We have
to set up all the routing and logging and
routing procedures within the cloud environment.
You can see how the network knowledge comes
into the picture of the cloud. The latest
cloud technology comes into the picture. You
can know the firewall as well.
Then once you've been through – You got
the logs coming into the next-gen firewall,
you also have to route the logs to go in your
SIM instance where they will be ingested and
processed and indexed. So then we also have,
for example, the elastic sort of stack coming
into the picture where you’re ingesting
the logs produced by the firewall ultimately.
In the firewall, if you want advanced features,
you're doing SSL decryption. So a lot of technologies
come into play, and so my tactical work would
include sitting down and not just designing
this architecture. Putting it down on paper.
Okay, well, this is what the flow is going
to look like. This is where we’ll collect
logs. This is where the log is going to go.
But also, we believe in walking. We call it
walk the walk as well. You can’t just design
the blueprint and then give it to somebody
else to implement. You have to dense it down
and try to implement it. When you try to implement
it, you come across these little issues that
you never thought about when you were designing
at a higher level. So then you don’t just
leave it to the DevOps engineers. You actually
realize the struggle they go through when
they’re implementing something that you
designed at a higher level. That’s –
[31:49] CS: You’re seeing the flaws before
they do.
[31:52] PB: That’s right, yeah. We work
side-by-side with DevOps engineers at this
point. We have designed the blueprint but
we also will take the tools and then we’ll
start hammering away on this build. That kind
of work can get really tactical. On the other
hand, I also play a strategic role where – This
is more of the design component, so this is
more architecture. Within the constraints
of our environments and the technology that
is available today, what is the best series
of solutions to a problem we’re facing?
When you implement this and when you’re
thinking about this, what is the long-term
impacts of the solution you are proposing
because you can’t just think about what’s
going to happen today, but you also have to
think strategically about what's going to
happen in a year or two years from now, right?
For example, you’re trying to direct the
huge volume of firewall logs. Then on an event
hubs instance, that will buckle under pressure
at some point, right? Not right now maybe
but somewhere down the line is you’re onboarding
more application. So you have to think about
the long-term impacts of your solution as
well. It's important not to get pigeonholed
when considering the solution to a problem,
and so think not just of your team and the
problem at hand, but how would the solution
affect other teams and the organization as
a whole. That's more for a strategic role.
Some of the other examples would be like I
also get involved in purchase decisions, considering
the purchase of future technologies. There’s
business teams that will get involved in these
discussions as well. But while they might
be considering pricing and other things, you
still have to keep focus on the technology.
Is there really quality technology there?
Then you have to identify those elements as
well so that everything goes smoothly somewhere
down the line. Those are some of the tasks
that I do as part of security architecture.
New episodes of Cyber Work are available every
Monday at 1pm central, and don't forget to
claim your free month of Infosec Skills! Sign
up using the code 'cyberwork' and you'll get
unlimited access to hundreds of courses, hands-on
labs, certification practice exams, skills
assessments and more. Use code 'cyberwork'
for Infosec Skills.
