92

May 21, 2020
KSATs
92 (NIST ID: K0061)

Knowledge

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSAT for the following Work Roles

Cyber Defense Analyst (Core) ID: 511 (NIST ID: PR-DA-001) Workforce Element: Cybersecurity

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.
Information Systems Security Developer (Core) ID: 631 (NIST ID: SP-SYS-001) Workforce Element: Cybersecurity

Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.
Network Operations Specialist (Core) ID: 441 (NIST ID: OM-NET-001) Workforce Element: IT (Cyberspace)

Plans, implements, and operates network services/systems, to include hardware and virtual environments.
Systems Security Analyst (Core) ID: 461 (NIST ID: OM-AN-001) Workforce Element: Software Engineering

Responsible for analysis and development of systems/software security through the product lifecycle to include integration, testing, operations and maintenance.
Vulnerability Assessment Analyst (Core) ID: 541 (NIST ID: PR-VA-001) Workforce Element: Cybersecurity

Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Additional KSAT for the following Work Roles

Enterprise Architect (Additional) ID: 651 (NIST ID: SP-ARC-001) Workforce Element: IT (Cyberspace)

Develops and maintains business, systems, and information processes to support enterprise mission needs; develops information technology (IT) rules and requirements that describe baseline and target architectures.
Information Systems Security Manager (Additional) ID: 722 (NIST ID: OV-MG-001) Workforce Element: Cybersecurity

Responsible for the cybersecurity of a program, organization, system, or enclave.
Network Analyst (Additional) ID: 443 (NIST ID: N/A) Workforce Element: Cyberspace Effects

The Network Analyst will understand network traffic signatures and discover anomalies through network traffic and packet capture (PCAP) analysis. The Network Analyst will identify, assess, and mitigate intrusions into networks that are vital to cyberspace operations security. Network Analysts also use GUI or command-line based tools and assist in developing network mapping and signatures. Network Analysts will develop advanced network detection rules and alerts, queries and dashboards to gain a holistic view of the network.
Security Architect (Additional) ID: 652 (NIST ID: SP-ARC-002) Workforce Element: Cybersecurity

Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
Systems Developer (Additional) ID: 632 (NIST ID: SP-SYS-002) Workforce Element: IT (Cyberspace)

Designs, develops, tests, and evaluates information systems throughout the systems development lifecycle.
Systems Requirements Planner (Additional) ID: 641 (NIST ID: SP-RP-001) Workforce Element: IT (Cyberspace)

Consults with customers to evaluate functional requirements and translate functional requirements into technical solutions.