Job Description (JD)
| Nama Program | KESELAMATAN SIBER [K622-001-SS:2026] |
|---|---|
| Kod CU | K622-001-SS:2026-C05 |
| Competency | Core |
| Tajuk CU | Cyber Security Data Security |
| Penerangan CU | Expert Element Overview: Cyber Security Data Security describes the expert in architecting, governing, and optimising enterprise-wide data protection strategies, frameworks, and architectures across IT and OT environments. This includes designing scalable data governance models, defining technical standards, integrating privacy-by-design principles, and ensuring secure storage, transmission, and lifecycle management of organisational data. The Senior Skills Expert coordinates multidomain compliance activities, oversees enterprise risk evaluation, strengthens audit assurance, and aligns data protection capabilities with regulatory, operational, and cyber-physical requirements. This expert plays a pivotal role in connecting governance, engineering, and operations teams to enhance organisational resilience and ensure consistent protection of mission-critical data assets. |
| Tempoh Latihan | 0 |
| Objektif Pembelajaran | 1. The person who is expert in this activity should capable to i) Design data protection frameworks and architectures; ii) Oversee compliance and enterprise data security risks; iii) Strengthen audits, governance assurance, and external reporting; 2. The outcome of this domain is able to i) Design and govern enterprise-wide data protection models, architectural controls, and compliance frameworks that align with legal, operational, and risk requirements, including OT-specific standards such as IEC 62443 and NIST SP 800-82. ii) Oversee multi-domain data security risks, validate assessment outcomes, coordinate enterprise incident responses, and strengthen compliance performance across IT and OT environments. iii) Evaluate audit findings, validate control effectiveness, and maintain continuous audit readiness through structured documentation, governance oversight, and cross-functional coordination. iv) Enhance organisational capability by integrating secure architectures, improving governance practices, and aligning data security maturity with evolving cyber-physical threats, regulatory expectations, and enterprise strategy 3. Professional certifications related to this domain expertise include, but are not limited to: i) Certified Information Systems Security Professional (CISSP) ii) ISO/IEC 27001 Lead Implementer / Lead Auditor iii) Certified Information Privacy Professional (CIPP) iv) Certified Information Privacy Manager (CIPM) v) Certified Information Security Manager (CISM) vi) Certified Information Systems Auditor (CISA) vii) GIAC Security Essentials (GSEC) viii) Certified Data Privacy Solutions Engineer (CDPSE) ix) Global Industrial Cyber Security Professional (GICSP) – for Operational Technologies (OT) x) ISA/IEC 62443 Cybersecurity Certificates xi) Certified SCADA Security Architect (CSSA) xii) Certified ICS Security Professional (ICSSP) xiii) CompTIA Security+ / Network+ with OT Modules xiv) Certified Data Security Analyst (CDSA) xv) Certified Data Protection Officer (CDPO) |
| Pra-Syarat | K622-001-SE:2026 |

