Job Description (JD)
| Nama Program | KESELAMATAN SIBER [K622-001-SC:2026] |
|---|---|
| Kod CU | K622-001-SC:2026-C01 |
| Competency | Core |
| Tajuk CU | Cyber security strategic engineering & integrated architecture |
| Penerangan CU | Cyber security strategic engineering & integrated architecture describes the expert in designing, integrating, and orchestrating multi-domain cyber security architectures across IT, OT, cloud, data, identity, network, and emerging technology ecosystems. This expert applies deep technical mastery to engineer resilient systems, unify security controls, and establish cross-domain architectural standards that enable secure, scalable and interoperable cyber infrastructures. 1. The person who is expert in this activity should capable to i) Multi-domain cyber security strategic architecture & integration; ii) Advanced risk, exposure & resilience engineering; iii) Enterprise security engineering & technology orchestration; iv) Cross-domain threat, incident & forensic strategy & governance; and v) Multi-sector innovation, advisory & technical facilitation. 2. The outcome of this domain is able to i) Design, integrate, and harmonise multi-domain cyber security architectures across IT, OT, cloud, data, identity, and network environments, enabling secure-by-design implementation and cross-system interoperability that supports scalable enterprise and sectoral infrastructures. ii) Conduct advanced risk modelling, exposure analysis, and resilience engineering, including simulation of adversarial techniques and engineering of defensive controls, to strengthen organisational and cross-industry cyber robustness. iii) Orchestrate security engineering technologies and automation, integrating tools, platforms, and defensive mechanisms across complex ecosystems to optimise performance, strengthen operational posture and ensure consistent enforcement of security controls. iv) Lead cross-domain threat, incident, and forensic strategies, including threat intelligence fusion, incident containment, forensic readiness, and post-incident technical analysis to enable rapid recovery and informed risk-based decisions across sectors. v) Drive multi-sector innovation, technical advisory, and facilitation, synthesising insights across disciplines and industries to produce high-impact strategic solutions, strengthen collaborative ecosystems, and support longterm cyber security transformation grounded in professional ethics. 3. Professional certifications related to this domain expertise include, but are not limited to: i) Certified Chief Information Security Officer (CCISO). ii) Certified in the Governance of Enterprise IT (CGEIT). iii) Certified Information Security Manager (CISM). iv) Certified in Risk and Information Systems Control (CRISC). v) Certified in Governance, Risk and Compliance (CGRC). vi) Certified Compliance and Ethics Professional (CCEP). vii) Certified Information Systems Auditor (CISA). viii) Certification in Risk Management Assurance (CRMA). ix) Certified Information Systems Security Professional (CISSP). x) ISO/IEC 27001 Lead Implementer. xi) GRC Professional Certification (GRCP). xii) Risk Management Professional (PMI-RMP). |
| Tempoh Latihan | 0 |
| Objektif Pembelajaran | tidak berkaitan |
| Pra-Syarat | tidak berkaitan |

