Systems Analysis

Studies an organization’s current computer systems and procedures, and designs information systems solutions to help the organization operate more securely, efficiently, and effectively. Brings business and information technology (IT) together by understanding the needs and limitations of both.
Responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
3A | Skill in recognizing vulnerabilities in security systems. |
Skill |
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
25 | Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]). |
Knowledge |
43A | Knowledge of embedded systems. |
Knowledge |
51 | Knowledge of how system components are installed, integrated, and optimized. |
Knowledge |
63 | Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
Knowledge |
70 | Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). |
Knowledge |
79 | Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]). |
Knowledge |
82A | Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs. |
Knowledge |
90 | Knowledge of operating systems. |
Knowledge |
92 | Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
109A | Knowledge of configuration management techniques. |
Knowledge |
110A | Knowledge of security management. |
Knowledge |
111 | Knowledge of security system design tools, methods, and techniques. |
Knowledge |
119 | Knowledge of software engineering. |
Knowledge |
130A | Knowledge of systems security testing and evaluation methods. |
Knowledge |
133 | Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers). |
Knowledge |
160A | Skill in assessing security systems designs. |
Skill |
177B | Knowledge of countermeasures for identified security risks. |
Knowledge |
179A | Skill in assessing security controls based on cybersecurity principles and tenets. |
Skill |
180 | Skill in designing the integration of hardware and software solutions. |
Skill |
183 | Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
Skill |
191 | Skill in developing and applying security system access controls. |
Skill |
199 | Skill in evaluating the adequacy of security designs. |
Skill |
420 | Apply security policies to meet security objectives of the system. |
Task |
525A | Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements. |
Task |
559A | Analyze and report organizational security posture trends. |
Task |
559B | Analyze and report system security posture trends. |
Task |
571 | Ensure all systems security operations and maintenance activities are properly documented and updated as necessary. |
Task |
576 | Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. |
Task |
593A | Assess adequate access controls based on principles of least privilege and need-to-know. |
Task |
653A | Implement security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed. |
Task |
661A | Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation. |
Task |
708A | Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative. |
Task |
729A | Verify minimum security requirements are in place for all applications. |
Task |
782 | Plan and recommend modifications or adjustments based on exercise results or system environment. |
Task |
795 | Properly document all systems security implementation, operations and maintenance activities and update as necessary. |
Task |
806A | Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. |
Task |
876 | Verify and update security documentation reflecting the application/system security design features. |
Task |
922A | Knowledge of how to use network analysis tools to identify vulnerabilities. |
Knowledge |
1034A | Knowledge of Personally Identifiable Information (PII) data security standards. |
Knowledge |
1034C | Knowledge of Personal Health Information (PHI) data security standards. |
Knowledge |
1037A | Knowledge of information technology (IT) risk management policies, requirements, and procedures. |
Knowledge |
1040A | Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure. |
Knowledge |
1141A | Knowledge of an organization’s information classification program and procedures for information compromise. |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
2054 | Assess the effectiveness of security controls. |
Task |
3642 | Knowledge of various types of computer architectures. |
Knowledge |
5050 | Assess all the configuration management (change configuration/release management) processes. |
Task |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
21 | Knowledge of computer algorithms. |
Knowledge |
27A | Knowledge of cryptology. |
Knowledge |
34 | Knowledge of database systems. |
Knowledge |
52 | Knowledge of human-computer interaction principles. |
Knowledge |
58 | Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins. |
Knowledge |
75B | Knowledge of statistics. |
Knowledge |
94 | Knowledge of parallel and distributed computing concepts. |
Knowledge |
144 | Knowledge of the systems engineering process. |
Knowledge |
238A | Skill in writing code in a currently supported programming language (e.g., Java, C++). |
Skill |
419 | Apply security policies to applications that interface with one another, such as Business-to-Business (B2B) applications. |
Task |
421 | Apply service oriented security architecture principles to meet organization’s confidentiality, integrity, and availability requirements. |
Task |
572 | Ensure application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment. |
Task |
616A | Ensure the execution of disaster recovery and continuity of operations. |
Task |
660 | Implement specific cybersecurity countermeasures for systems and/or applications. |
Task |
670A | Ensure the integration and implementation of Cross-Domain Solutions (CDS) in a secure environment. |
Task |
671 | Integrate automated capabilities for updating or patching system software where practical and develop processes and procedures for manual updating and patching of system software based on current and projected patch timeline requirements for the operational environment of the system. |
Task |
717A | Assess and monitor cybersecurity related to system implementation and testing practices. |
Task |
754 | Perform cybersecurity testing of developed applications and/or systems. |
Task |
765 | Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. |
Task |
806 | Provide cybersecurity guidance to leadership. |
Task |
809 | Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). |
Task |
880A | Work with stakeholders to resolve computer security incidents and vulnerability compliance. |
Task |
938A | Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans. |
Task |
1034B | Knowledge of Payment Card Industry (PCI) data security standards. |
Knowledge |
1039B | Knowledge of how to evaluate the trustworthiness of the supplier and/or product. |
Knowledge |
1072 | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
Knowledge |
1073 | Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
Knowledge |
1132A | Knowledge of information technology (IT) service catalogues. |
Knowledge |
1133 | Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
1138A | Knowledge of developing and applying user credential management system. |
Knowledge |
1139A | Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption. |
Knowledge |
1142 | Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model). |
Knowledge |
3030 | Ability to conduct vulnerability scans and recognize vulnerabilities in security systems. |
Ability |
6240 | Knowledge of critical protocols (e.g., IPSEC, AES, GRE, IKE). |
Knowledge |