Prepare For Your Next Job – From Windows Server Security To Windows Azure Security

This post is triggered by the following tweet (emphasis is mine):

We are hiring - CSS is looking for a Windows Azure Security Architect. Location is North America. For info: https://bit.ly/hf5DKk Pls RT

I was intrigued on the spot – I wanted to know what skills required for such role. When I saw the required skills I was overwhelmed. Then I decided to compare this role to classic on-premise counterpart role – Windows Server Security Architect. It is amazing when you put the two one next to another.

Indeed, the cloud changes IT and the role of Security Architect a lot. Don’t you think?

Here are the job descriptions and what employers are willing to pay for – then and going forward…

Windows Server Security Engineer

Windows Azure Security Architect

Our client is looking for someone to be responsible for evaluation, maintenance, change and monitoring of the enterprise Windows server security architecture. Responsibilities will include: Design and implement security on the internal Windows server infrastructure. Audit existing security infrastructure and software Interpretation and analysis of Server/Active Directory Security Standards and Baselines Evaluate security advisories for their impact to the institution Review designs for new Windows security products and software implementations Required skills: MCSE with extensive knowledge of the Windows NT/XP/Windows 7/2000/2003/2008 platforms including detailed understanding of Operating System internals (e.g. – registry, services, etc.) Knowledge of Windows-specific protocols (e.g., NetBIOS, LDAP, Kerberos, TCP, RPC, WINS, DNS, etc.) Experience with common Windows infrastructure components (e.g., Active Directory, Exchange, IIS). In-depth knowledge of Active Directory components, structure, and security Strong problem solving and root cause analysis skills Build and maintain good working relationships with technical and business partners

Candidates should have experience in areas such as: SDLC methodologies or approaches (formal or informal) Strong .NET development background Real-world Windows Azure design and deployment experience: Azure SDK, AppFabric Software and architecture security practices – secure coding, best practices Enterprise-level consulting skills General capacity for understanding complex application architecture Related technology experience: Active Directory SQL Software use of encryption (e.g. MS-CAPI) Identity Federation (SAML, WS-*, ADFS) Identity Management

Related information

• ASP.NET Security Architecture Cheat Sheet For Very Busy Architects
• Windows Identity Foundation (WIF) and Azure AppFabric Access Control (ACS) Service Survival Guide
• Video: What’s Windows Azure AppFabric Access Control Service (ACS) v2?
• Video: What Windows Azure AppFabric Access Control Service (ACS) v2 Can Do For Me?
• Video: Windows Azure AppFabric Access Control Service (ACS) v2 Key Components and Architecture
• Video: Windows Azure AppFabric Access Control Service (ACS) v2 Prerequisites
• Windows Azure AppFabric Access Control Service 2.0 Documentation (preliminary)
• Windows Identity Foundation (WIF) Fast Track
• Windows Identity Foundation (WIF) Code Samples
• Windows Identity Foundation (WIF) SDK Help Overhaul
• Windows Identity Foundation (WIF) Questions & Answers