Job Description (JD)
| Nama Program | KESELAMATAN SIBER [K622-001-SS:2026] |
|---|---|
| Kod CU | K622-001-SS:2026-C07 |
| Competency | Core |
| Tajuk CU | Cyber Security Monitoring & Incident Management |
| Penerangan CU | Expert Element Overview: Cyber Security Monitoring & Incident Management describes the expert in architecting enterprise monitoring capabilities, strengthening threat intelligence functions, and elevating organisational incident response maturity across IT and OT environments. This includes designing monitoring architectures, developing hunting frameworks, integrating intelligence pipelines, and coordinating advanced detection and response mechanisms. The Senior Skills Expert enhances organisational readiness by evaluating incident effectiveness, guiding coordinated response actions, conducting post incident analysis, and driving continuous improvement. This expert connects monitoring operations, engineering teams, governance groups, and executive stakeholders to ensure cohesive, scalable, and resilient cyber defence across the enterprise. |
| Tempoh Latihan | 0 |
| Objektif Pembelajaran | 1. The person who is expert in this activity should capable to i) Design security monitoring architecture and program maturity; ii) Strengthen threat intelligence capabilities and enterprise hunting operations; iii) Enhance monitoring effectiveness and enterprise incident response capabilities; iv) Deliver reporting and continuous improvement; 2. The outcome of this domain is able to i) Architect scalable monitoring capabilities, threat intelligence platforms, and response playbooks aligned with organisational maturity needs. ii) Strengthen enterprise detection capability by analysing advanced threats, conducting structured hunting campaigns, and identifying monitoring gaps. iii) Enhance organisational incident readiness by evaluating detection performance, coordinating cross functional responses, and ensuring effective containment. iv) Maintain audit readiness, regulatory reporting, and performance tracking to guide governance and operational decision making. v) Advance organisational cyber defence maturity through lessons learned, team upskilling, and integration of new technologies and intelligence sources. 3. Professional certifications related to this domain expertise include, but are not limited to: i) GIAC Certified Incident Handler (GCIH), Global Information Assurance Certification (GIAC) ii) GIAC Cyber Incident Leader (GCIL), SANS Institute iii) Certified SOC Analyst (CSA), EC-Council iv) Cybersecurity Analyst (CySA+), CompTIA v) GIAC Cyber Threat Intelligence (GCTI), Global Information Assurance Certification (GIAC) vi) SANS Threat Hunting & Incident Response Certifications, SANS Institute vii) Certified Security Operation Centre Analyst (CSOC) |
| Pra-Syarat | K622-001-SE:2026 |

