Tech Degree Pathway · ICT50220

Diploma of Information TechnologyCyber Security Specialisation

A practitioner-led program built around real platforms — SIEMs, cloud-native security, identity, IR playbooks and secure-by-default architecture. Complete all five Group G units and your testamur carries the Cyber Security specialisation.

12–18 monthsNext intake · 01-Apr-2026RTO 22158 · ATMCHybrid delivery

20

Total units

980

Nominal hours

6

Core units

14

Electives

Program at a glance

A diploma you actually use on day one

A practitioner-first curriculum. Every unit comes with the platforms you'll touch and the outcomes you'll be able to deliver on day one of the job.

6 units · the foundation every graduate needs

Core Units

6 units · 230 hrs

Group G · earns the testamur specialisation

Cyber Security Specialisation

5 units · 180 hrs

5 units · 330 nominal hours

Cloud Security

5 units · 330 hrs

4 units · 240 nominal hours

Network, Application Security & Risk

4 units · 240 hrs

6 units · the foundation every graduate needs

Core Units

Ethics, leadership, client management and strategic ICT — the universal skills that wrap around every specialisation.

6 units · 230 hrs
#1 · BSBCRT51230 hrs

Originate and Develop Concepts

Generate, evaluate and refine new ideas for products, services and workflows. Move from raw concept to a structured, testable proposal.

What you'll learn

IdeationConcept DesignCritical Thinking
#2 · BSBXCS40240 hrs

Promote Workplace Cyber Security Awareness and Best Practices

Drive a security-first culture. Plan awareness campaigns, deliver training, and embed best practices across teams.

What you'll learn

Security AwarenessPolicy CommunicationTraining Delivery
#3 · BSBXTW40150 hrs

Lead and Facilitate a Team

Lead small teams through projects: set goals, run stand-ups, resolve conflict, and report progress to stakeholders.

What you'll learn

Team LeadershipFacilitationStakeholder Reporting
#4 · ICTICT51750 hrs

Match ICT Needs with the Strategic Direction of the Organisation

Translate business strategy into ICT requirements. Conduct gap analysis and propose technology roadmaps aligned to organisational goals.

What you'll learn

Strategic AlignmentGap AnalysisICT Roadmapping
#5 · ICTICT53240 hrs

Apply IP, Ethics and Privacy in ICT Environments

Navigate IP rights, privacy law, and ethical frameworks in technology workplaces. Handle data lawfully under the Privacy Act and APPs.

What you'll learn

Privacy LawEthicsIP Management
#6 · ICTSAS52720 hrs

Manage Client Problems

Run a structured incident & support workflow — triage, escalate, document, and close out client issues against SLAs.

What you'll learn

ITIL TriageSLA ManagementRoot Cause Analysis

Group G · earns the testamur specialisation

Cyber Security Specialisation

Five units that turn you into a defender — threat intelligence, critical-infrastructure protection, security architecture, incident response and disaster recovery.

5 units · 180 hrs
#7 · ICTCYS40740 hrs

Gather, Analyse and Interpret Threat Data

Hunt for threats: collect IOCs, correlate signals across logs, and produce actionable threat intelligence reports.

What you'll learn

Threat HuntingSIEM AnalysisIOC Correlation
#8 · ICTCYS61040 hrs

Protect Critical Infrastructure for Organisations

Defend systems classified as critical infrastructure under the SOCI Act. Build risk registers, controls and obligations reporting.

What you'll learn

Risk AssessmentCritical Asset ProtectionCompliance
#9 · ICTCYS61340 hrs

Utilise Design Methodologies for Security Architecture

Design secure-by-default architectures. Apply SABSA / Zero-Trust principles and document architecture decisions.

What you'll learn

Security ArchitectureZero TrustThreat Modelling
#10 · ICTSAS52430 hrs

Develop, Implement and Evaluate an Incident Response Plan

Author end-to-end IR plans: playbooks for ransomware, BEC, data exfil. Run tabletop exercises and post-incident reviews.

What you'll learn

Incident ResponsePlaybook DesignTabletop Exercises
#11 · ICTSAS52630 hrs

Review and Update Disaster Recovery and Contingency Plans

Build and rehearse DR / BCP plans. Set RTO/RPO targets, test failover, and align with business continuity strategy.

What you'll learn

Business ContinuityDisaster RecoveryRTO/RPO Planning

5 units · 330 nominal hours

Cloud Security

Identity, detection, data protection, incident response and pipelines — everything you need to operate securely on AWS, Azure or GCP.

5 units · 330 hrs
#12 · ICTCLD50960 hrs

Manage Cloud Identity and Access

Implement IAM at scale: roles, policies, MFA, SSO and federated identity across major cloud providers.

What you'll learn

IAM DesignSSO/MFALeast Privilege
#13 · ICTCLD51060 hrs

Manage Cloud Threat Detection Systems

Stand up cloud-native detection: log pipelines, alert rules, and 24/7 monitoring for cloud workloads.

What you'll learn

Cloud SIEMAlert EngineeringDetection-as-Code
#14 · ICTCLD51160 hrs

Protect Cloud Infrastructure and Data

Harden cloud infra: encryption, network segmentation, data classification, key management and DLP.

What you'll learn

Cloud HardeningEncryptionData Loss Prevention
#15 · ICTCLD51280 hrs

Respond to Cloud Security Incidents

Lead cloud incident response: forensic acquisition from snapshots, containment in IaC, and lessons-learned reports.

What you'll learn

Cloud ForensicsContainmentIaC Remediation
#16 · ICTCLD51570 hrs

Build and Deploy Cloud-Based Applications Using CI and CD Pipelines

Ship secure software with automated pipelines: build, test, scan, and deploy across environments.

What you'll learn

CI/CDDevSecOpsContainer Security

4 units · 240 nominal hours

Network, Application Security & Risk

Lock down the network edge, ship secure software in agile cycles, and manage enterprise risk end-to-end.

4 units · 240 hrs
#17 · ICTNWK54680 hrs

Manage Network Security

Run a hardened network: segmentation, IDS/IPS, secure remote access, and ongoing vulnerability management.

What you'll learn

Network HardeningIDS/IPS OpsVuln Management
#18 · ICTNWK54460 hrs

Design and Implement a Security Perimeter for ICT Networks

Design layered perimeter defences: firewalls, DMZs, ZTNA gateways and inspection at the edge.

What you'll learn

Perimeter DesignFirewall PolicyZTNA
#19 · ICTPRG55740 hrs

Develop Applications Using Agile Methods

Ship features in short cycles: user stories, sprints, code reviews and continuous delivery.

What you'll learn

Agile/ScrumSprint PlanningCode Review
#20 · BSBOPS50460 hrs

Manage Business Risk

Identify, assess and treat enterprise risks. Build risk registers and present treatment options to leadership.

What you'll learn

Enterprise RiskRisk TreatmentReporting

Platforms & tooling

The stack you'll ship with

Every tool below is touched in at least one unit — from SIEMs and cloud-native security to ticketing, IaC and code-quality platforms.

AWS DetectiveAWS GuardDutyAWS IAMAWS KMSAzure Defender for CloudAzure Entra IDAzure Key VaultAzure Site RecoveryBCP TemplatesCloudflare Zero TrustCloudTrailConfluenceCortex XSOARDockerdraw.ioFigmaFortinet FortiGateGitGitHubGitHub ActionsGoogle Cloud IAMGoogle Workspace AdminHashiCorp VaultISO 27001 controlsISO 31000JiraJira Service ManagementKnowBe4KubernetesLucidchartMicrosoft DefenderMicrosoft SentinelMicrosoft Threat Modeling ToolMiroMISPMITRE ATT&CKNIST CSFNotionOktaOneTrustPalo AltopfSensePower BIPrivacy Impact Assessment TemplatesRisk Register TemplatesSABSAServiceNowSlackSnortSnykSplunkTabletop TemplatesTenable NessusTerraformTheHiveVeeamVirusTotalVS CodeWazuhWiresharkZendesk

61 platforms across 20 units · 980 nominal hours