Research and Development Specialist

Work Role ID: 661  |  Workforce Element: Cyber IT

What does this role do? Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.

CORE KSATs
KSAT ID Description KSAT
22 * Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge
88 Knowledge of new and emerging information technology (IT) and cybersecurity technologies. Knowledge
108 * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge
129 Knowledge of system life cycle management principles, including software security and usability. Knowledge
144A Skill in applying the systems engineering process. Skill
925 Research current technology to understand capabilities of required system or network. Task
927A Research and evaluate available technologies and standards to meet customer requirements. Task
934 Identify cyber capabilities strategies for custom hardware and software development based on mission requirements. Task
1076 Collaborate with stakeholders to identify and/or develop appropriate solutions technology. Task
1157 * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. Knowledge
1158 * Knowledge of cybersecurity principles. Knowledge
1159 * Knowledge of cyber threats and vulnerabilities. Knowledge
2420 Follow software and systems engineering life cycle standards and processes. Task
6900 * Knowledge of specific operational impacts of cybersecurity lapses. Knowledge
ADDITIONAL KSATs
KSAT ID Description KSAT
4 Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Ability
10 Knowledge of application vulnerabilities. Knowledge
15A Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. Knowledge
27 Knowledge of cryptography and cryptographic key management concepts. Knowledge
42A Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software. Knowledge
95A Knowledge of penetration testing principles, tools, and techniques. Knowledge
155 Skill in applying and incorporating information technologies into proposed solutions. Skill
172 Skill in creating and utilizing mathematical or statistical models. Skill
180A Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages. Skill
294A Knowledge of hacking methodologies. Knowledge
321A Knowledge of industry technologies and how differences affect exploitation/vulnerabilities. Knowledge
383 Skill in using scientific rules and methods to solve problems. Skill
520 Review and validate data mining and data warehousing programs, processes, and requirements. Task
905A Skill in applying secure coding techniques. Skill
1037 Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures. Knowledge
1038 Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability. Knowledge
1040A Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure. Knowledge
1044A Knowledge of forensic footprint identification. Knowledge
1052A Knowledge of mobile communications architecture. Knowledge
1054 Knowledge of hardware reverse engineering techniques. Knowledge
1055 Knowledge of middleware (e.g., enterprise service bus and message queuing). Knowledge
1056 Knowledge of operations security. Knowledge
1059 Knowledge of networking protocols. Knowledge
1062 Knowledge of software reverse engineering techniques. Knowledge
1063A Knowledge of operating system structures and internals (e.g., process management, directory structure, installed applications). Knowledge
1064 Knowledge of Extensible Markup Language (XML) schemas. Knowledge
1067A Knowledge of network analysis tools used to identify software communications vulnerabilities. Knowledge
1072 Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Knowledge
1077 Design and develop new tools/technologies as related to cybersecurity. Task
1078A Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases. Task
1079A Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities. Task
1080A Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities. Task
1135 Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing). Knowledge
1142A Knowledge of industry standard security models. Knowledge
1147A Develop data management capabilities (e.g., cloud based, centralized cryptographic key management) to include support to the mobile workforce. Task
2388 Evaluate network infrastructure vulnerabilities to enhance capabilities being developed. Task
3068 Ability to prepare and present briefings. Ability
3069 Ability to produce technical documentation. Ability
3192 Knowledge of covert communication techniques. Knowledge