top of page

Secure System and Architecture Design


Secure System & Architecture Design

Secure System Architecture & Design is the designing of an IT system to meet its security requirements, balancing this with its functional requirements.

Working in Secure Architecture & Design, you're responsible for solving complex security problems by selecting the best available solutions from a range of technological components and structures. The decisions you make fundamentally determine whether an organisation can manage its data, information systems and communications networks securely. Your recommendations - on the choice of components, their configuration and the high-level structure in which they all sit -  guide the work of developers, implementers and operators of the systems and networks. You cost out designs as accurately as possible, since budget overruns can affect the timely delivery of the network installation.

While very technical, this role involves a substantial amount of co-operation with other specialists, including external suppliers. You understand the business context in which the technologies are used and the operations they support.

You confidently assert and prove the correctness of your recommendations while maintaining positive relationships with the other people. Sometimes, you

On the program learners will receive knowledge and skills relating to the following areas:

  • Cyber Security Management

  • Legal and Regulatory Environment

  • Governance

  • Common Standards and Frameworks

  • NIST Cyber Security Framework

  • ISO/IEC 27001

  • Risk Management

  • Enterprise Security Architecture

  • Technical Security Architecture

  • Secure Software Lifecycle

  • Authentication, Authorisation and Accountability

  • Operating Systems and Virtualisation

  • Distributed Systems Security

  • Web and Mobile Security

  • Cyber-Physical Systems Security

  • Software Security

  • Common Cryptography Application

  • Network Security

  • Hardware Security

  • Zero Trust

  • GDPR 

  • Data Protection 2018

don't have the knowledge or skill needed to solve a particular problem, so you consult with others, explaining the unresolved parts of the problem so they can provide ideas.

Although your primary responsibility is to ensure that new systems or changes to existing ones are secure, you also take account of higher, enterprise-level security requirements, and the broader requirements for any information processing system such as meeting user needs. You balance competing requirements and decide on the minimum level of security that's acceptable. In this, you typically apply risk management principles and consult with colleagues, including business managers, to take into account their views.

When systems are being built or changed, you usually review the work periodically to ensure that it conforms to the agreed design.

You document your recommendations for development teams clearly and, at least of the some of the time, present them to senior managers. This is especially important if the recommended solutions are expensive or might compromise a system’s ability to meet other important requirements, such as transaction speed.


Design documents such as LLDs (Low Level Design) and HLDs (High Level Design) must be produced, to ensure they're available for reference should they be needed by other teams.

Entry Level Program

Learners will receive...

  • Coming soon...

Practitioner Level Program

Learners will receive...

  • Coming soon...

bottom of page