π Certified in Cybersecurity (CC) Exam Prep β Domain 3: Cybersecurity Architecture and Engineering π
Compliance Analyst with 2+ years of hands-on experience driving risk assessments, regulatory compliance, and governance initiatives across GRC frameworks including ISO 27001, NIST SP 800-53, SOC 2, and GDPR. Adept at developing and enforcing security policies, conducting internal audits, maintaining risk registers, managing third-party compliance, and supporting ISO 27001 certification readiness. Strong understanding of cybersecurity best practices and risk mitigation strategies. Known for strengthening operational resilience through proactive governance and cross-functional collaboration. Actively seeking opportunities in Compliance, GRC (Governance, Risk & Compliance), or Cybersecurity Analyst roles.
As I gear up for my ISC2 certification, I've been delving deep into Domain 3: Cybersecurity Architecture and Engineering. Here's a sneak peek into what I've been exploring:
π Unlocking Key Concepts:
- Access Control Models: From owner-controlled access to system-wide policies, I'm mastering the art of controlling who can access what.
- Defense in Depth: Layering up my security game with multiple control mechanisms.
- Principle of Least Privilege: Ensuring the right level of access to minimize risks.
- Logical & Physical Controls: Blending virtual and physical access controls for a rock-solid security setup.
π Goals of the Domain:
1. Choosing the perfect access control model for every situation.
2. Implementing concepts like segregation of duties and two-person integrity.
3. Keeping a tight grip on insider threats and maintaining the CIA Triad (Confidentiality, Integrity, Availability) through privileged access management (PAM).
This domain has opened my eyes to the importance of a holistic cybersecurity approach, where people and systems work in sync to safeguard valuable information.
#CyberSecurity #ISC2 #CertifiedInCybersecurity #NextLevelSecurity #PAMPower #UnleashTheCyberHero #InfoSecGuru
