225A

225A (NIST ID: n/a)

Skill

Skill in the use of penetration testing tools and techniques, including specialized tools for non-traditional systems and networks (e.g., control systems).

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

Vulnerability Assessment Analyst (Core) ID: 541 (NIST ID: PR-VA-001) Workforce Element: Cybersecurity

Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Additional KSAT for the following Work Roles

DevSecOps Specialist (Additional) ID: 627 (NIST ID: N/A) Workforce Element: Software Engineering

Selects/Deploys/Maintains the set of Continuous Integration/Continuous Deployment (CI/CD) tools and processes used by the development team and/or maintains the deployed software product and ensures observability and security across the lifecycle.