The Saudi Cybersecurity Workforce Framework (SCyWF)
The SCyWF categorizes cybersecurity work in Saudi Arabia, defines the job roles within each category and sets the requirements for each job role in terms of tasks, knowledge, skills and abilities.
The SCyWF aims to serve as a reference model and a guideline for preparing, developing, recruiting, promoting and managing the cybersecurity workforce. It provides a common lexicon that improves communication and content development for talent management activities. It also helps in mapping learning outcomes of education and training programs to the knowledge, skills and abilities required for different cybersecurity job roles.
The SCyWF has five categories, twelve specialty areas and forty job roles. These are defined in a brief description summarizing the work performed in that specific category, specialty area or job role. Each job role is associated with a set of tasks to be performed within that job role and a list of knowledge, skills and abilities required to perform those tasks.
Organizations in Saudi Arabia are recommended to adopt this framework so they can align their cybersecurity workforce structures and activities with the national frameworks and guidelines. The content of this framework will be reviewed and updated periodically.
Last Update at: 16/05/2025 - 8:55pm Saudi time