4

May 21, 2020
KSATs
4 (NIST ID: A0001)

Ability

Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSAT for the following Work Roles

DevSecOps Specialist (Core) ID: 627 (NIST ID: N/A) Workforce Element: Software Engineering

Selects/Deploys/Maintains the set of Continuous Integration/Continuous Deployment (CI/CD) tools and processes used by the development team and/or maintains the deployed software product and ensures observability and security across the lifecycle.

Additional KSAT for the following Work Roles

Research & Development Specialist (Additional) ID: 661 (NIST ID: SP-RD-001) Workforce Element: IT (Cyberspace)

Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Vulnerability Assessment Analyst (Additional) ID: 541 (NIST ID: PR-VA-001) Workforce Element: Cybersecurity

Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.