| 8A |
Knowledge of access authentication methods. |
Knowledge |
| 21 |
Knowledge of computer algorithms. |
Knowledge |
| 25 |
Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]). |
Knowledge |
| 27A |
Knowledge of cryptology. |
Knowledge |
| 34 |
Knowledge of database systems. |
Knowledge |
| 42 |
Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware. |
Knowledge |
| 43A |
Knowledge of embedded systems. |
Knowledge |
| 46 |
Knowledge of fault tolerance. |
Knowledge |
| 51 |
Knowledge of how system components are installed, integrated, and optimized. |
Knowledge |
| 52 |
Knowledge of human-computer interaction principles. |
Knowledge |
| 65A |
Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression). |
Knowledge |
| 72 |
Knowledge of local area and wide area networking principles and concepts including bandwidth management. |
Knowledge |
| 75 |
Knowledge of mathematics, including logarithms, trigonometry, linear algebra, calculus, and statistics. |
Knowledge |
| 78 |
Knowledge of microprocessors. |
Knowledge |
| 79 |
Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]). |
Knowledge |
| 81A |
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
Knowledge |
| 82A |
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs. |
Knowledge |
| 90 |
Knowledge of operating systems. |
Knowledge |
| 92 |
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
| 94 |
Knowledge of parallel and distributed computing concepts. |
Knowledge |
| 98 |
Knowledge of policy-based and risk adaptive access controls. |
Knowledge |
| 100 |
Knowledge of Privacy Impact Assessments. |
Knowledge |
| 101 |
Knowledge of process engineering concepts. |
Knowledge |
| 110A |
Knowledge of security management. |
Knowledge |
| 121 |
Knowledge of structured analysis principles and methods. |
Knowledge |
| 126 |
Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design. |
Knowledge |
| 133 |
Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers). |
Knowledge |
| 173 |
Skill in creating policies that reflect system security objectives. |
Skill |
| 173A |
Skill in integrating and applying policies that meet system security objectives. |
Skill |
| 173B |
Skill in creating policies that enable systems to meet performance objectives (e.g. traffic routing, SLA’s, CPU specifications). |
Skill |
| 177 |
Skill in designing countermeasures to identified security risks. |
Skill |
| 177A |
Knowledge of countermeasure design for identified security risks. |
Knowledge |
| 179 |
Skill in designing security controls based on cybersecurity principles and tenets. |
Skill |
| 180 |
Skill in designing the integration of hardware and software solutions. |
Skill |
| 181A |
Skill in detecting host and network based intrusions via intrusion detection technologies. |
Skill |
| 197 |
Skill in discerning the protection needs (i.e., security controls) of information systems and networks. |
Skill |
| 199 |
Skill in evaluating the adequacy of security designs. |
Skill |
| 224A |
Skill in the use of design modeling (e.g., unified modeling language). |
Skill |
| 238A |
Skill in writing code in a currently supported programming language (e.g., Java, C++). |
Skill |
| 416 |
Analyze design constraints, analyze trade-offs and detailed system and security design, and consider lifecycle support. |
Task |
| 431 |
Build, test, and modify product prototypes using working models or theoretical models. |
Task |
| 494 |
Design and develop cybersecurity or cybersecurity-enabled products. |
Task |
| 501 |
Design or integrate appropriate data backup capabilities into overall system designs, and ensure appropriate technical and procedural processes exist for secure system backups and protected storage of backup data. |
Task |
| 503A |
Design to security requirements to ensure requirements are met for all systems and/or applications. |
Task |
| 516 |
Develop and direct system testing and validation procedures and documentation. |
Task |
| 527 |
Develop architectures or system components consistent with technical specifications. |
Task |
| 531 |
Develop Disaster Recovery and Continuity of Operations plans for systems under development and ensure testing prior to systems entering a production environment. |
Task |
| 542A |
Develop mitigation strategies to address cost, schedule, performance, and security risks. |
Task |
| 626A |
Identify components or elements, allocate comprehensive functional components to include security functions, and describe the relationships between the elements. |
Task |
| 630 |
Identify and direct the remediation of technical problems encountered during testing and implementation of new systems (e.g., identify and find work-arounds for communication protocols that are not interoperable). |
Task |
| 632 |
Identify and prioritize essential system functions or sub-systems required to support essential capabilities or business functions for restoration or recovery after a system failure or during a system recovery event based on overall system requirements for continuity and availability. |
Task |
| 648 |
Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system and ensure recommended products are in compliance with organization’s evaluation and validation requirements. |
Task |
| 766A |
Perform security reviews and identify security gaps in architecture. |
Task |
| 770 |
Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. |
Task |
| 803 |
Provide guidelines for implementing developed systems to customers or installation teams. |
Task |
| 808B |
Provide input to implementation plans, standard operating procedures, maintenance documentation, and maintenance training materials |
Task |
| 809 |
Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). |
Task |
| 850 |
Store, retrieve, and manipulate data for analysis of system capabilities and requirements. |
Task |
| 856A |
Provide support to test and evaluation activities. |
Task |
| 860A |
Trace system requirements to design components and perform gap analysis. |
Task |
| 874 |
Utilize models and simulations to analyze or predict system performance under different operating conditions. |
Task |
| 877A |
Verify stability, interoperability, portability, and/or scalability of system architecture. |
Task |
| 904 |
Knowledge of interpreted and compiled computer languages. |
Knowledge |
| 998A |
Analyze user needs and requirements to plan and conduct system development. |
Task |
| 999A |
Develop designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations. |
Task |
| 1002 |
Skill in conducting audits or reviews of technical systems. |
Skill |
| 1034C |
Knowledge of Personal Health Information (PHI) data security standards. |
Knowledge |
| 1034B |
Knowledge of Payment Card Industry (PCI) data security standards. |
Knowledge |
| 1034A |
Knowledge of Personally Identifiable Information (PII) data security standards. |
Knowledge |
| 1037 |
Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures. |
Knowledge |
| 1038 |
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability. |
Knowledge |
| 1073A |
Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
Skill |
| 1073 |
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
Knowledge |
| 1133 |
Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
| 1141A |
Knowledge of an organization’s information classification program and procedures for information compromise. |
Knowledge |
| 1142 |
Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model). |
Knowledge |
| 1152 |
Implement and integrate system development life cycle (SDLC) methodologies (e.g., IBM Rational Unified Process) into development environment. |
Task |
| 2354 |
Employ configuration management processes. |
Task |
| 3153 |
Knowledge of circuit analysis. |
Knowledge |
| 3307 |
Knowledge of cybersecurity-enabled software products. |
Knowledge |
| 3687 |
Skill in applying security controls. |
Skill |
| 5110 |
Conduct a market analysis to identify, assess, and recommend commercial, GOTS, and open source products for use within a system and ensure recommended products are in compliance with organization’s evaluation and validation requirements. |
Task |
| 5190 |
Design and develop system administration and management functionality for privileged access users. |
Task |
| 5200 |
Design, implement, test, and evaluate secure interfaces between information systems, physical systems, and/or embedded technologies. |
Task |
| 5400 |
Incorporates risk-driven systems maintenance updates process to address system deficiencies (periodically and out of cycle). |
Task |
