Job Description (JD)
| Nama Program | OPERASI PERTAHANAN KESELAMATAN SIBER [J620-001-4:2025] |
|---|---|
| Kod CU | J620-001-4:2025-C06 |
| Competency | Core |
| Tajuk CU | Manage Security Events and Alerts. |
| Penerangan CU | Manage security events and alerts describes the competency in monitoring, analysing and responding to security notifications generated by systems and tools to detect and mitigate potential threats. It is performed by IT Security Analysts and conducted in on-premises data centres, cloud environments and organizational networks. This process is crucial to identifying and responding to security incidents promptly, minimizing potential damage, and maintaining the integrity and availability of systems. It is performed using tools like SIEM (Security Information and Event Management) systems, which collect and analyse logs from various sources. Analysts monitor events, investigate alerts, filter out false positives, prioritize critical issues and escalate or mitigate confirmed threats. Continuous monitoring and timely response ensure the organization’s security posture remains strong against evolving cyber threats. The person who is competent in this CU should be able to deploy security monitoring tools, monitor security events, investigate security alerts and respond to security incidents. The outcome of this CU is that security events and alerts are managed effectively, ensuring timely detection and mitigation of potential cybersecurity risks. |
| Tempoh Latihan | 60 |
| Objektif Pembelajaran | The learning outcomes of this competency are to enable the trainees to proactively monitor, detect, investigate, and respond to security events and incidents thereby strengthening organizational cybersecurity posture and reducing the risk of breaches. Upon completion of this competency unit, trainees should be able to: 1. Deploy security monitoring tools. 2. Monitor security events. 3. Investigate security alerts. 4. Respond to security incidents. |
| Pra-Syarat | Not Available. |