936
Task
Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers).
Core KSAT for the following Work Roles
Responsible for analysis and development of systems/software security through the product lifecycle to include integration, testing, operations and maintenance.
Additional KSAT for the following Work Roles
Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.
Conducts evaluations of an IT program or its individual components, to determine compliance with published standards.
Manages the package of support functions required to field and maintain the readiness and operational capability of systems and components.
Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37).