Official Degree of the Specialization Program in Cybersecurity in Information Technology Environments.

Career Opportunities:

Security analyst

Attack analyst

Ethical hacker

Incident specialist

Database manager technician

Objectives:

• Identify the principles of the organization and cybersecurity protection regulations, planning the actions that must be taken in the workplace for the creation of the prevention and awareness plan.
• Audit compliance with the organization's prevention and awareness plan, defining the corrective actions that may be derived to include them in the organization's security plan.
• Detect cybersecurity incidents by implementing the necessary controls, tools and mechanisms for their monitoring and identification.
• Analyze and respond to cybersecurity incidents, identifying and applying the necessary measures for their mitigation, elimination, containment or recovery.
• Prepare risk analyses to identify assets, threats, vulnerabilities and security measures.
• Design and implement plans for technical security measures based on identified risks to guarantee the required level of security.
• Configure access control, person authentication and credential management systems to preserve data privacy.
• Configure the security of computer systems to minimize the chances of exposure to attacks.
• Configure network devices to meet security requirements.
• Manage the security of computer network systems by applying the security policies required to guarantee the necessary functionality with a controlled level of network risk.
• Apply verification standards required by applications to avoid security incidents.
• Automate software deployment plans respecting the requirements related to version control, roles, permissions and others to achieve a secure deployment.
• Apply forensic investigation techniques in systems and networks in the fields of non-volatile information storage, mobile devices, the Cloud and IoT (Internet of Things) systems, among others, for the preparation of forensic analyses.
• Analyze forensic reports identifying the results of the investigation to draw conclusions and make reports.
• Combine internal and external ethical hacking techniques to detect vulnerabilities in order to eliminate and mitigate the associated risks.
• Identify the scope of regulatory application within the organization, both internally and in relation to third parties, to define the roles and responsibilities of all parties.
• Review and update procedures in accordance with updated regulations and standards for correct regulatory compliance in terms of cybersecurity and personal data protection.
• Develop information manuals, using office automation and computer-aided design tools to prepare technical and administrative documentation.
• Analyze and use the resources and learning opportunities related to the scientific, technological and organizational evolution of the sector and information and communication technologies, to maintain the spirit of updating and adapting to new work and personal situations.
• Develop creativity and the spirit of innovation to respond to the challenges that arise in the processes and in the organization of work and personal life.
• Evaluate situations of occupational risk prevention and environmental protection, proposing and applying personal and collective prevention measures, in accordance with the applicable regulations in work processes, to guarantee safe environments.
• Identify and propose the necessary professional actions to respond to universal accessibility and "design for all".
• Identify and apply quality parameters in the work and activities carried out in the learning process, to assess the culture of evaluation and quality, and be able to supervise and improve quality procedures.

Evaluation:

The evaluation will be objective, it will attend to diversity, the tests corresponding to the final evaluations will always be taken face-to-face, and the teaching staff will inform the students of their main characteristics and the procedure, as well as the procedure to make any corresponding claims.

Each professional module of the specialization program will be evaluated in a single examination session for final evaluation at the end of the training activities. Each module will have a maximum of two examination sessions per academic year, and a total of four possible examination sessions.

Failure to pass a module in the two examination sessions of the academic year will mean that the student must enroll in the module(s) that they did not pass in order to have another two examination sessions.

In order to pass the specialization program, it is required to pass all the professional modules it contains. The specialization program passed will have a final grade obtained as a result of the arithmetic mean of all the professional modules included therein.

The professional modules included in the Big Data specialization program may not be subject to validation nor exemption.

Admission requirements:

In order to enroll in the Specialization Program in Cybersecurity in Information Technology Environments, it will be a requirement to have the degree of Senior Technical Officer corresponding to one of the following Advanced Training Programs linked to this degree:

• Administration of Computer Network Systems.
• Cross-platform Application Development.
• Web Applications Development.
• Telecommunications and Computer Systems.
• Industrial Mechatronics.