225A
Skill
Skill in the use of penetration testing tools and techniques, including specialized tools for non-traditional systems and networks (e.g., control systems).
Core KSAT for the following Work Roles
Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Additional KSAT for the following Work Roles
Selects/Deploys/Maintains the set of Continuous Integration/Continuous Deployment (CI/CD) tools and processes used by the development team and/or maintains the deployed software product and ensures observability and security across the lifecycle.