* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge of remote access technology concepts.

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

* Knowledge of cybersecurity principles.

* Knowledge of cyber threats and vulnerabilities.

Knowledge of general SCADA system components.

Skill in determining installed patches on various operating systems and identifying patch signatures.

Apply updates, patches, and security technical implementation while maintaining control system performance and availability requirements.

Establish and maintain security configuration baseline for the control system(s), including field devices, IT components, interconnections, and interfaces.

Implement Risk Management Framework (RMF) Assessment requirements for control systems, and document/maintain records for them.

Maintain knowledge of the function and security of control system and IT technologies with which the control systems interface.

Maintain network segmentation to isolate control systems from business networks and other external connections as directed.

Perform asset management and maintain inventory of control system devices and components through physical inspection or logical scans.

Support risk assessments by reviewing and documenting the implementation status of security requirements of control systems.

Knowledge of control system technologies, such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, Distributed Control Systems (DCS) and Operational Technology (OT).

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge of control system environment risks, threats and vulnerabilities.

Knowledge of risk management processes specific to control systems.

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Skill in applying security and managing risk in resource-constrained systems and networks.

Skill in architecting compensating security controls to reduce risk for control systems and control system components that do not have adequate or compliant security capabilities.

Skill in securing control system communication protocols (e.g., IP/TCP, SSL/TLS, MODBUS/DNP3/PROFINET SCADA, GOOSE) and media used for field device control.

Skill in recognizing vulnerabilities in security systems.

Knowledge of embedded systems.

Knowledge of risk management processes and requirements per the Risk Management Framework (RMF).

Knowledge of current and emerging cyber technologies.

Knowledge of operating system command line/prompt.

Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

Knowledge of the Risk Management Framework Assessment Methodology.

Act as a liaison between facility operations/engineer teams and IT or network security teams to coordinate security activities.

Apply tailored organizational security policies and procedures for control system environments to maintain security, but also to ensure system availability.

Consult on control system security matters (e.g., risk assessment, configuration management) as needed.

Ensure configuration and collection of control system audit logs for monitoring and forensic analysis as appropriate.

Off-load and review control system audit logs and review for anomalies.

Participate in control system change management in conjunction with IT personnel and control system experts (e.g., system supplier).

Participate in control system incident and disaster response, including secure system recovery.

Knowledge of control system performance and availability requirements.

Knowledge of RMF assessment types (e.g., Assess & Authorize (A&A), Assess Only) and authorization boundaries (e.g., Closed Restricted Network (CRN), Stand-alone Information System (SIS)).

Knowledge of what “normal” control system operations for specific mission/business functions look like.

Skill in active and passive methods to safely gather information and conduct vulnerability and network analysis scans in control system environments.

Skill in identifying and investigating “abnormal” control system operations based on what specific mission/business functions look like.