of June 30, 2025 No. 329/Tax Code
About approval of the professional standard "Activities in the field of Cyber Security"
According to Item 5 of article 5 of the Law of the Republic of Kazakhstan "About professional qualifications", PRIKAZYVAYU:
1. Approve the enclosed professional standard "Activities in the field of Cyber Security".
2. To provide to committee of information security of the Ministry of digital development, innovations and aerospace industry of the Republic of Kazakhstan in the procedure established by the legislation of the Republic of Kazakhstan:
1) within five calendar days after signing of this order the direction it in the Kazakh and Russian languages in the Republican state company on the right of economic maintaining "Institute of the legislation and legal information of the Republic of Kazakhstan" the Ministries of Justice of the Republic of Kazakhstan for official publication and inclusion in Reference control bank of regulatory legal acts of the Republic of Kazakhstan;
2) placement of this order on Internet resource of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan after its official publication.
3. To impose control of execution of this order on the supervising vice-minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan.
4. This order becomes effective after ten calendar days after day of its first official publication.
Minister of digital development, innovations and aerospace industry of the Republic of Kazakhstan
Zh. Madiyev
|
It is approved Ministry of Labour and Social Protection of the population of the Republic of Kazakhstan |
|
Approved by the Order of the Minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of June 30, 2025 , No. 329/Tax Code
1. Scope of the professional standard: The professional standard "Activities in the field of Cyber Security" is developed according to article 5 of the Law of the Republic of Kazakhstan "About professional qualifications" and can be applied when forming requirements to the job seeker to employment, forming of educational programs, including personnel trainings at the companies, recognitions of professional qualification of workers and graduates of the organizations of education, and also to the solution of wide range of tasks in the field of personnel management in the organizations and at the companies.
2. In this professional standard the following terms and determinations are applied:
1) the Industry Framework of Qualifications (IFQ) – component (subsystem) of national system of qualifications, the framework structure of the differentiated skill levels recognized in industry
2) the Type of labor activity – part of professional group, the set of professions created by complete set of labor functions and competences, necessary for their accomplishment
3) Labour function (function) – enrollment of the interconnected actions directed to the solution of one or several tasks of process of work
4) the Professional task (task) – normative idea of the actions connected with realization of labor function and achievement of necessary result in certain professional group or subgroup
5) the Profession – the occupation performed by physical person and requiring certain qualification for its accomplishment
6) the Position – the functional place in system of organizational and administrative hierarchy of the organization, official position of the worker
7) Occupation – set of the works which are carried out on workplace, bringing in earnings or the income, characterized by high extent of coincidence of the carried-out main objectives and obligations
8) Knowledge – information, regulations used in individual and professional activity
9) Ability – capability physically and (or) intellectually to perform separate single operations within professional task;
10) Competence – capability to apply the skills allowing to carry out one or several professional tasks constituting labor function;
11) Qualification – official recognition of value in the form of the diploma, the certificate, confirmatory availability at person of the competences conforming to requirements to accomplishment of labor functions within specific type of professional activity (the requirements of the professional standard or requirements which developed as a result of practice) created in the course of education, training or labor activity (in-plant training, the granting right to implementation of labor activity
3. In this professional standard the following reducings are applied:
1) IPsec – Internet Protocol Security
2) NGFW – Next-Generation Firewall
3) DLP – Data Loss Prevention
4) IDS – Intrusion Detection System
5) ICT – Information and communication technologies
6) IT – Information technologies;
7) IS – Information systems
8) ON – the Software
9) ORK – Industry frame of qualification;
10) PS – Professional standard
11) ESKD – Uniform system of design documentation
12) ESTD – Single system of technological documentation
13) ESPD – Single system of program documentation
14) ETKS – Single wage rate book of works and professions of workers
15) OKED – General qualifier of types of economic activity
16) the PASS – Software and hardware
17) DB – Databases
18) MSKO – International standard classification of education
19) the NPA – regulatory legal acts
20) the specifications and technical documentation – the specifications and technical documentation
21) TZI – technical information security
22) PEMIN – collateral electromagnetic radiations and aimings
23) TKUI – technical channels of information leakage
24) IB – information security
25) DBMS – Database management system
26) OS – Operating system
27) the Stack is set of technologies, tools and components which are used together for creation of the software or management of IT infrastructure
28) SVT – computer aids
4. Name of the professional standard: Activities in the field of cyber security
5. Code of the professional standard: J056
6. Instruction of section, the Section, group, class and subclass agrees OKED:
J Information and communication
62 Computer programming, the consulting and other accompanying services
62.0 Computer programming, the consulting and other accompanying services
62.09 Other types of activity in the field of information technologies and information systems
62.09.9 Other types of activity in the field of information technologies and information systems which are not included in other groups
7. Short description of the professional standard: Safety of information in computer systems and networks in living conditions of threats of their information security
8. List of cards of professions:
2) the Specialist criminalist on digital technologies - the 6th ORK level
3) the Specialist in safety issues (ICT) - the 7th ORK level
7) the Security specialist of services - the 6th ORK level
8) The auditor on information security - the 6th ORK level
9) the Encoder of data - the 6th ORK level
10) the Auditor on information security - the 7th ORK level
11) the Specialist in information security - the 7th ORK level
12) the Specialist in information security - the 6th ORK level
13) the Information protection engineer - the 6th ORK level
14) the Information protection engineer - the 7th ORK level
15) the Security specialist of services - the 7th ORK level
16) the Encoder of data - the 7th ORK level
17) the Specialist criminalist on digital technologies - the 7th ORK level
18) the Administrator on information security - the 7th ORK level
19) the Specialist in information security - the 7th ORK level
20) the Specialist in safety issues (ICT) - the 6th ORK level
21) the Specialist in information security - the 6th ORK level
|
10. Profession card "Specialist criminalist on digital technologies": | |||
|
Group code: |
2524-0 | ||
|
Code of the name of occupation: |
2524-0-008 | ||
|
Name of profession: |
The specialist criminalist on digital technologies | ||
|
Skill level on ORK: |
6 | ||
|
qualification subtotal on ORK: |
- | ||
|
Skill level on ETKC, KC, etc. standard qualification characteristics: |
|||
|
Level of professional education: |
Education level: the higher education (bachelor degree, specialist programme, internship) |
Specialty: Information security |
Qualification: - |
|
Requirements to work experience: |
|||
|
Connection with informal and formal education: |
Additional professional courses of advanced training in the field of cyber security | ||
|
Other possible names of profession: |
|||
|
Main objective of activities: |
The analysis and investigation of events in which appear computer information as subject to encroachments, the computer as the crime execution tool, and also any digital proofs | ||
|
Description of labor functions | |||
|
List of labor functions: |
Obligatory labor functions: |
1. Investigation of computer crimes 2. Criminalistic examination of digital devices and equipment | |
|
Additional labor functions: |
|||
|
Labor function 1: Investigation of computer crimes |
|||
|
Skill 1: Primary response to computer crimes |
Abilities: 1. Determine sources and origins of incidents; 2. Estimate consequences of the revealed incidents; 3. Identify penetrations into corporate network; 4. Eliminate all established methods of access for malefactors to network of the organization; 5. Analyze structure of origins and circumstance of event; 6. Determine the reason and conditions of change of the software; 7. Mark out properties and signs of information allowing to establish its accessory to certain source; 8. Reveal discrepancies to the available information to its arrangement in system. | ||
|
Knowledge: 1. Main types of computer crimes; 2. Methods of access for malefactors to network of the organization; 3. The main safety hazards of information and the violator's model in IS of the organization; 4. Principles of creation and functioning of systems and networks of information transfer; 5. the national standard in the sphere of ensuring information security; 6. Technical channels of "leakage" of information; 7. Regulatory legal acts in the field of information security; 8. Reference model of interaction of open systems; 9. Main methods of the organization and carrying out maintenance of technical means of informatization; 10. Organizational measures for information security; 11. Regulations of accounting of the revealed incidents; 12. Formats of storage of information in the analyzed computer system; 13. The main formats of files used in computer systems; 14. Procedure for fixing and documentation of traces of computer crimes, offenses and incidents; 15. Penal legislation of the Republic of Kazakhstan; 16. The legislation in the area administrative offenses of the Republic of Kazakhstan. | |||
|
Possibility of recognition of skill: |
It is not required | ||
|
Skill 2: Planning of measures for prevention of breakings and unauthorized access |
Abilities: 1. Develop measures for prevention and timely detection of breakings; 2. Run for search of ulikovy information on computers; 3. Reveal methods and means of counter criminalistics: disk enciphering, remote storage of information full; 4. Perform collection of evidential base and its registration / storage; 5. Model real attack to the organization with taking measures to minimization of damage. | ||
|
Knowledge: 1. Principles of creation and functioning of systems and networks of information transfer; 2. Reference model of interaction of open systems; 3. The national standard in the sphere of information security; 4. The main safety hazards of information and the violator's model in IS of the organization; 5. Methods and means of counter criminalistics; 6. The principles of creation of means of information protection from "leakage" on technical channels; 7. Regulatory legal acts in the field of information security; 8. The main cryptographic methods, algorithms, protocols used for information security in IS; 9. Methods of concealment of ulikovy data from detection; 10. Documentation of information on investigation. | |||
|
Possibility of recognition of skill: |
It is not required | ||
|
Labor function 2: Criminalistic examination of digital devices and equipment |
|||
|
Skill 1: Criminalistic examination of computers |
Abilities: 1. Investigate incidents of information security; 2. Fix incident time; 3. Carry out primary diagnostics of the computer device; 4. Work with hardware locks of record and duplicators of data carriers; 5. Work with distribution kits for the criminalistic analysis; 6. Make removal of image (the identical copy) of the hard drive (NMZhD) and other data carriers, including removal of image from the Section or the certain sector of the hard drive; 7. Make processing of the created images of disks; 8. Perform data collection from hard drives; 9. Perform the analysis of the files found on hard drives; 10. Make extraction of data from files; 11. Make research of dump of random access memory; 12. Run for search of artifacts on the hard drive and the periphery; 13. Work with system ravines and magazines of operating systems and application programs; 14. Recover remote data; 15. Perform collection of evidential base and its registration / storage; 16. Conduct researches on availability of PEMIN in means of SVT. | ||
|
Knowledge: 1. File systems; 2. Operating systems; 3. Basic principles of information security and methods of work of remedies; 4. Tools of computer criminalistics; 5. Device of hard drives and other stores; 6. Architecture and user interfaces of operating systems; 7. Architecture, device and functioning of computing systems; 8. Tools for work with file system, including recovery of data; 9. The main cryptographic methods, algorithms, protocols used for ensuring information security; 10. Methods of interception of information on TKUI; 11. Technique of research of funds of SVT for availability of PEMIN; 12. Technique of carrying out researches of funds of SVT for availability of not declared technical capabilities. | |||
|
Possibility of recognition of skill: |
It is not required | ||
|
Skill 2: Criminalistic examination of network devices |
Abilities: 1. Make the analysis of network stack and browsers; 2. Make the analysis of email-messages and establish accessory of the e-mail address; 3. Work with tools for creation of dump of network traffic; 4. Perform interception and research of network traffic; 5. Perform research of log of web servers; 6. Establish accessory and arrangement of the IP address; 7. Establish accessory of domain name. | ||
|
Knowledge: 1. Principles of creation and functioning of systems and networks of information transfer; 2. Reference model of interaction of open systems; 3. Methods and protocols of identification, authentication and authorization in computer networks; 4. Basic principles of carrying out network criminalistics; 6. Data sources for carrying out network criminalistics and their research; 7. Features of tools for creation of dump of network traffic. | |||
|
Possibility of recognition of skill: |
It is not required | ||
|
Skill 3: Criminalistic examination of mobile devices |
Abilities: 1. Perform identification of the device of mobile communication; 2. Perform cloning of all data from the digital device, the peripheral equipment and stores of information; 3. Perform receipt of information from mobile phones; 4. Perform receipt of information from the SIM card; 5. Perform receipt of information from the built-in and external memory card; 6. Exercise control of mailings, cable and other messages; 8. Work with program and hardware tools for access to data of the mobile phone. | ||
|
Knowledge: 1. Principles and devices of mobile communication; 2. Hardware-software tools for access to data of the mobile phone; 3. The main cryptographic methods, algorithms, protocols used for ensuring information security; 4. Mobile operating systems; 5. File systems of mobile devices. | |||
|
Possibility of recognition of skill: |
It is not required | ||
|
Requirements to personal competences: |
Responsibility Resistance to stress Ability to work in team Analytical thinking Critical thinking | ||
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.