* Knowledge of computer networking concepts and protocols, and network security methodologies.

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

* Knowledge of cybersecurity principles.

* Knowledge of cyber threats and vulnerabilities.

* Knowledge of specific operational impacts of cybersecurity lapses.

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge of computer programming principles such as object-oriented design.

Knowledge of cryptography and cryptographic key management concepts.

Knowledge of organization’s evaluation and validation requirements.

Knowledge of cybersecurity principles and methods that apply to software development.

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge of low-level computer languages (e.g., assembly languages).

Knowledge of penetration testing principles, tools, and techniques.

Knowledge of programming language structures and logic.

Knowledge of software debugging principles.

Knowledge of software development models (e.g., Waterfall Model, Spiral Model).

Knowledge of software engineering.

Skill in conducting software debugging.

Skill in developing applications that can log and handle errors, exceptions, and application faults and logging.

Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).

Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).

Analyze information to determine, recommend, and plan the development of a new application or modification of an existing application.

Analyze user needs and software requirements to determine feasibility of design within time and cost constraints.

Apply coding and testing standards, apply security testing tools including “‘fuzzing” static-analysis code scanning tools, and conduct code reviews.

Design, develop, and modify software systems, using scientific analysis and mathematical models to predict and measure outcome and consequences of design.

Develop software system testing and validation procedures, programming, and documentation.

Develop new or identify existing awareness and training materials that are appropriate for intended audiences.

Develop secure code and error handling.

Identify and direct the remediation of technical problems encountered during testing and implementation of new systems (e.g., identify and find work-arounds for communication protocols that are not interoperable).

Identify security issues around steady state operation and management of software and incorporate security measures that must be taken when a product reaches its end of life.

Modify and maintain existing software to correct errors, to adapt it to new hardware, or to upgrade interfaces and improve performance.

Perform integrated quality assurance testing for security functionality and resiliency attack.

Perform secure programming and identify potential flaws in codes to mitigate vulnerabilities.

Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

Prepare detailed workflow charts and diagrams that describe input, output, and logical operation, and convert them into a series of instructions coded in a computer language.

Address security implications in the software acceptance phase including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.

Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.

Knowledge of interpreted and compiled computer languages.

Knowledge of secure coding techniques.

Apply cybersecurity functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities.

Design countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities in system and elements.

Skill in using code analysis tools.

Knowledge of root cause analysis techniques.

Knowledge of supply chain risk management standards, processes, and practices.

Skill in performing root cause analysis.

Skill in secure test plan design (e. g. unit, integration, system, acceptance).

Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed.

Knowledge of operations security.

Knowledge of software reverse engineering techniques.

Ability to develop secure software according to secure software deployment methodologies, tools, and practices.

Collaborate with stakeholders to identify and/or develop appropriate solutions technology.

Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).

Enable applications with public keying by leveraging existing public key infrastructure (PKI) libraries and incorporating certificate management and encryption functionalities when appropriate.

Identify and leverage the enterprise-wide version control system while designing and developing secure applications.

Direct software programming and development of documentation.

Facilitate the sharing of “best practices” and “lessons learned” throughout the cyber operations community.

Maintain situational awareness of cyber-related intelligence requirements and associated tasking.

Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Knowledge of basic programming concepts (e.g., levels, structures, compiled vs. interpreted languages).

Knowledge of both internal and external customers and partner organizations, including information needs, objectives, structure, capabilities, etc.

Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.

Knowledge of organizational and partner authorities, responsibilities, and contributions to achieving objectives.

Ability to program in at least one assembly languages.

Ability to use common networking protocols.

Ability to use data structures.

Ability to use reference documentation for C, Python, assembly, and other international technical standards and specifications (IEEE, ISO, IETF, etc.).

Ability to analyze, modify, develop, debug and document software and applications in C programming language.

Ability to analyze, modify, develop, debug and document software and applications in Python programming language.

Ability to analyze, modify, develop, debug and document software and applications utilizing standard, non-standard, specialized, serialization and/or unique network communication protocols.

Ability to interpret customer requirements and evaluate resource and system constraints to create solution design specifications.

Knowledge of cyber adversary threat tier taxonomy (2014 National Intelligence Estimate [NIE]), DIA/NSA Standard Cyber Threat Model, etc.).

Knowledge of cyber mission force equipment taxonomy (Platform-Access-Payloads/Toolset), capability development process and repository.

Knowledge of data serialization formats (e.g. XML, JSON, etc.).

Knowledge of embedded systems

Knowledge of modern software development methodologies (e.g. Continuous Integration (CI), Continuous Delivery (CD), Test Driven Development (TDD), etc.).

Knowledge of principles, methodologies, and tools used to improve quality of software (e.g. regression testing, test coverage, code review, pair programming, etc.).

Knowledge of relevant mission processes including version control processes, release processes, documentation requirements, and testing requirements.

Knowledge of sources and locations (public and classified) of capability development TTPs and tradecraft information/intelligence used by the US Gov and others.

Knowledge of sources and locations of cyber capability registries and repositories (e.g. Joint Cyber Tactics Manual (JCTM), Cyber Capability Registry (CCR), Agency and service repositories, etc.).

Knowledge of task and project management tools used for software development (e.g. Jira, Confluence, Trac, MediaWiki, etc.).

Knowledge of terms and concepts of operating system fundamentals (e.g. virtualization, paging, file systems, I/O, memory management, process abstraction, etc.).

Knowledge of the concepts and terminology of datastructures and associated algorithms (e.g., search, sort, traverse, insert, delete).

Knowledge of the supported organization’s approval process for operational use of a capability.

Knowledge of the use and application of static and dynamic program analysis.

Knowledge of your organizations project management, timeline estimation, and software engineering philosophy (e.g. CI/CD, TDD, etc.).

Skill in conducting “open source” research.

Knowledge of techniques to harden capabilities to prevent attacks and forensics.

Utilize different programming languages to write code, open files, read files, and write output to different files.

Analyze and document applications using assembly languages.

Analyze countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities in system and elements.

Analyze, modify, develop, debug, and document software and applications using assembly languages.

Analyze, modify, develop, debug, and document software and applications utilizing standard, non-standard, specialized, and/or unique communication protocols.

Analyze, modify, develop, debug, and document software and applications which run in kernel space.

Analyze, modify, develop, debug, and document software and applications which run in user space.

Apply cryptography primitives to protect the confidentiality and integrity of sensitive data.

Apply software engineering best practices to enable sustainability and extensibility (Agile, TDD, CI/CD, etc.) to include containerization and virtualization technologies.

Architect design documents that describe input, output, and logical operation.

Conduct hardware and/or software static and dynamic analysis to reverse engineer malicious or benign systems.

Create or enhance cyberspace capabilities to compromise, deny, degrade, disrupt, destroy, or manipulate automated information systems.

Create or enhance cyberspace solutions to enable surveillance and reconnaissance of automated information systems.

Describe the most likely cause of an error and recommend a list of possible solutions given the description of error or system crash.

Design and develop data storage requirements, database structure, process flow, systematic procedures, algorithms, data analysis, and file structures.

Design and develop user interfaces (e.g. web pages, GUIs, CLIs, Console Interfaces)

Design and direct software development efforts to detect and disrupt nation-state cyber threat actors.

Develop content for cyber capabilities.

Develop, modify, and utilize automation technologies to enable employment of capabilities as efficiently as possible (e.g. TDD, CI/CD, etc.)

Document and communicate tradecraft, best practices, TTPs, training, briefings, presentations, papers, studies, lessons learned, etc. to both technical and non-technical audiences.

Enhance capability design strategies and tactics by synthesizing information, processes, and techniques in the areas of malicious software, vulnerabilities, reverse engineering, secure software engineering, and exploitation.

Enter work into Task and project management tools used for software development (e.g. Jira, Confluence, Trac, MediaWiki, etc.)

Generate proper supporting documentation of cyber capability.

Implement project management, software engineering philosophies, modern capability development methodologies (Agile, TDD, CI/CD, etc), at the team level.

Locate and utilize technical specifications and industry standards (e.g. Internet Engineering Task Force (IETF), IEEE, IEC, International Standards Organization (ISO)).

Make use of compiler attributes and platform-specific features.

Perform code review and analysis to inform OPSEC analysis and application (attribution, sanitization, etc.)

Perform requirements analysis to identify workable tasks needed to organize collaborative software and documentation development.

Perform static and dynamic analysis in order to find errors and flaws.

Produce artifacts to inform risk analysis, acceptance testing, and legal review.

Reference capability repositories and other sources to identify existing capabilities which fully/partially meet customer requirements (with or without modification).

Utilize data structures to organize, sort, and manipulate elements of information

Utilize secure coding techniques during development of software and applications

Utilize tools to decompile, disassembe, analzye, and reverse engineer compiled binaries.