I never ever saw in my career a J2EE architect doing penetration testing for a firms network infrastructure. Any ideas guys?
An architect must have knowledge of security and networking technologies. He/she should be able to sufficiently discuss these aspects and
delegate the responsibilites to the appropriate individuals and/or departments.
His/her focus should be on overall architectural design and
managing the technical implemenation. This includes managing groups of systems engineers, software engineers, testers, and junior programmers. If "penetration testing" is required, someone on his/her team should be able to execute the task. The architect himself/herself does not execute the task.