JOB DESCRIPTION

Job Description (JD)

Nama ProgramKESELAMATAN SIBER [K622-001-SS:2026]
Kod CUK622-001-SS:2026-C05
CompetencyCore
Tajuk CUCyber Security Data Security
Penerangan CUExpert Element Overview:
Cyber Security Data Security describes the expert in architecting, governing, and optimising enterprise-wide data
protection strategies, frameworks, and architectures across IT and OT environments. This includes designing scalable
data governance models, defining technical standards, integrating privacy-by-design principles, and ensuring secure
storage, transmission, and lifecycle management of organisational data. The Senior Skills Expert coordinates multidomain compliance activities, oversees enterprise risk evaluation, strengthens audit assurance, and aligns data
protection capabilities with regulatory, operational, and cyber-physical requirements. This expert plays a pivotal role
in connecting governance, engineering, and operations teams to enhance organisational resilience and ensure consistent
protection of mission-critical data assets.
Tempoh Latihan0
Objektif Pembelajaran1. The person who is expert in this activity should capable to
i) Design data protection frameworks and architectures;
ii) Oversee compliance and enterprise data security risks;
iii) Strengthen audits, governance assurance, and external reporting;
2. The outcome of this domain is able to
i) Design and govern enterprise-wide data protection models, architectural controls, and compliance frameworks
that align with legal, operational, and risk requirements, including OT-specific standards such as IEC 62443
and NIST SP 800-82.
ii) Oversee multi-domain data security risks, validate assessment outcomes, coordinate enterprise incident
responses, and strengthen compliance performance across IT and OT environments.
iii) Evaluate audit findings, validate control effectiveness, and maintain continuous audit readiness through
structured documentation, governance oversight, and cross-functional coordination.
iv) Enhance organisational capability by integrating secure architectures, improving governance practices, and
aligning data security maturity with evolving cyber-physical threats, regulatory expectations, and enterprise
strategy
3. Professional certifications related to this domain expertise include, but are not limited to:
i) Certified Information Systems Security Professional (CISSP)
ii) ISO/IEC 27001 Lead Implementer / Lead Auditor
iii) Certified Information Privacy Professional (CIPP)
iv) Certified Information Privacy Manager (CIPM)
v) Certified Information Security Manager (CISM)
vi) Certified Information Systems Auditor (CISA)
vii) GIAC Security Essentials (GSEC)
viii) Certified Data Privacy Solutions Engineer (CDPSE)
ix) Global Industrial Cyber Security Professional (GICSP) – for Operational Technologies (OT)
x) ISA/IEC 62443 Cybersecurity Certificates
xi) Certified SCADA Security Architect (CSSA)
xii) Certified ICS Security Professional (ICSSP)
xiii) CompTIA Security+ / Network+ with OT Modules
xiv) Certified Data Security Analyst (CDSA)
xv) Certified Data Protection Officer (CDPO)
Pra-SyaratK622-001-SE:2026