Research and Development Specialist

Work Role ID: 661 | Workforce Element: Cyber IT

What does this role do? Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.

CORE KSATs

KSAT ID	Description	KSAT
22	* Knowledge of computer networking concepts and protocols, and network security methodologies.	Knowledge
88	Knowledge of new and emerging information technology (IT) and cybersecurity technologies.	Knowledge
108	* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).	Knowledge
129	Knowledge of system life cycle management principles, including software security and usability.	Knowledge
144A	Skill in applying the systems engineering process.	Skill
925	Research current technology to understand capabilities of required system or network.	Task
927A	Research and evaluate available technologies and standards to meet customer requirements.	Task
934	Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.	Task
1076	Collaborate with stakeholders to identify and/or develop appropriate solutions technology.	Task
1157	* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.	Knowledge
1158	* Knowledge of cybersecurity principles.	Knowledge
1159	* Knowledge of cyber threats and vulnerabilities.	Knowledge
2420	Follow software and systems engineering life cycle standards and processes.	Task
6900	* Knowledge of specific operational impacts of cybersecurity lapses.	Knowledge

ADDITIONAL KSATs

KSAT ID	Description	KSAT
4	Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.	Ability
10	Knowledge of application vulnerabilities.	Knowledge
15A	Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.	Knowledge
27	Knowledge of cryptography and cryptographic key management concepts.	Knowledge
42A	Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software.	Knowledge
95A	Knowledge of penetration testing principles, tools, and techniques.	Knowledge
155	Skill in applying and incorporating information technologies into proposed solutions.	Skill
172	Skill in creating and utilizing mathematical or statistical models.	Skill
180A	Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.	Skill
294A	Knowledge of hacking methodologies.	Knowledge
321A	Knowledge of industry technologies and how differences affect exploitation/vulnerabilities.	Knowledge
383	Skill in using scientific rules and methods to solve problems.	Skill
520	Review and validate data mining and data warehousing programs, processes, and requirements.	Task
905A	Skill in applying secure coding techniques.	Skill
1037	Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.	Knowledge
1038	Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.	Knowledge
1040A	Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure.	Knowledge
1044A	Knowledge of forensic footprint identification.	Knowledge
1052A	Knowledge of mobile communications architecture.	Knowledge
1054	Knowledge of hardware reverse engineering techniques.	Knowledge
1055	Knowledge of middleware (e.g., enterprise service bus and message queuing).	Knowledge
1056	Knowledge of operations security.	Knowledge
1059	Knowledge of networking protocols.	Knowledge
1062	Knowledge of software reverse engineering techniques.	Knowledge
1063A	Knowledge of operating system structures and internals (e.g., process management, directory structure, installed applications).	Knowledge
1064	Knowledge of Extensible Markup Language (XML) schemas.	Knowledge
1067A	Knowledge of network analysis tools used to identify software communications vulnerabilities.	Knowledge
1072	Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).	Knowledge
1077	Design and develop new tools/technologies as related to cybersecurity.	Task
1078A	Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.	Task
1079A	Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.	Task
1080A	Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities.	Task
1135	Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).	Knowledge
1142A	Knowledge of industry standard security models.	Knowledge
1147A	Develop data management capabilities (e.g., cloud based, centralized cryptographic key management) to include support to the mobile workforce.	Task
2388	Evaluate network infrastructure vulnerabilities to enhance capabilities being developed.	Task
3068	Ability to prepare and present briefings.	Ability
3069	Ability to produce technical documentation.	Ability
3192	Knowledge of covert communication techniques.	Knowledge