Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 1135
Additional KSAT for the following Work Roles
Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.
Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
Executes software planning, requirements, risk management, design, development, architecture, modeling, estimation, configuration management, quality, security, and tests using software development methodologies, architectural structures, viewpoints, styles, design decisions, and frameworks across all lifecycle phases.
Responsible for analysis and development of systems/software security through the product lifecycle to include integration, testing, operations and maintenance.