Network Security Professionals Need to brush up on Security related to XML, Web Services, and Service-Oriented Architecture (SOA)

I have the opportunity to talk to personnel companies on occasion and their seems to be a growing need for Network Security Professionals with a background in XML, Web Services and Service-Oriented Architecture.  A good barometer of demand for a particular job is to search the internet, better yet monster.com.  I do this on a regular basis to see if demand for a particular subject or job title is growing.

Last year I did a search for SOA on Monster.com and got 8 hits/1 page.  Today if I do the same search on SOA I get 879 hits/18 pages (more than 10 times).  So you can see the growth of jobs in this area over the last year.  If you did the same search a year ago for SOA Security Architect there would have been no such job description, today you are starting to get a few results, and over the next year I expect this to grow even more.

This is good news however the down side is that few learning institutions are teaching XML, Web Services and SOA in relationship to the network security. 

So what are the requirements for a SOA Security Architect.  Here is an example of some of the qualifications needed for such a position (from DICE).

--------------------------------------------------

Title:                         LEAD SOA Security Architect - TS or above clearance

Skills:                        SOA, Security, WSDL, Web Services,

Date:                         4-14-2006

Location:                   Reston, VA

Area code:                703

Tax term:                  FULLTIME

Pay rate:                   $90-130K

Length:                     permanent

Position ID:              B-13-Dice

Dice ID:                    matrixx

Job description:

Description:

Would you like to join a team doing state-of-the-art SOA / Web-Services Design and Development for next generation infrastructure components?


We have an opportunity for a LEAD SECURITY ARCHITECT to be the key security technology expert to ensure that a reliable, available, scaleable and secure application architecture is delivered to the client.

You will be the Security subject matter expert for architecting, designing, and
constructing comprehensive secure solutions at both the system and enterprise level.



Requirements:

• Experience with security, software and SOA architecture with architecting and implementing solutions using web services.
• Experience with or knowledge of messaging security, identity management, distributed policies, and trust while maintaining interoperability.
• Experience in working with Secure Sockets Layer, Secure Multi-Purpose Internet Mail Extensions, Security Assertion Markup Language (SAML), Simple Object access Protocol (SOAP), Web Services Security (WSS), Extensible Markup Language (XML), XML Signature, XML Encryption, Web Services Description Language (WSDL), XACML (eXtensible Access Control Markup Language, and familiarity with some of the newer specifications such as WS-Federation and WS-SecureConversation.
• Experience working with Identity Management COTS tools.
• Experience working with open source tools and standards organizations, such as OASIS (the Organization for the Advancement of Structured Information Standards) and the W3C (the World Wide Web Consortium) is a plus.

**** You need to have an active DoD Top Secret or TS/SCI Security Clearance ****

Travel required:       none

Telecommute:           no

--------------------------------------------------

While there are relatively small numbers on jobs available today, I expect that this will grow drastically over the next year as IT Departments move to deploy SOA within and beyond the firewall.  For many networking professionals they live in their own little world and don't understand what the IT Departments are up to until it comes time to deploy. 

Now is the time to get involved and understand what the next wave is all about.


___________________________________________________

>> Back to Main Page

Gary E. Smith
SOA Security Architect