Research & Development Specialist
Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Qualification Matrix
Basic | Intermediate | Advanced | Notes | ||
---|---|---|---|---|---|
Foundational Qualification Options | Education | A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC | A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC | TBD | For additional information pertaining to ABET: www.abet.org or CAE: www.caecommunity.org |
Foundational Qualification Options | OR | OR | OR | ||
Foundational Qualification Options | DoD/Military Training | TBD | TBD | TBD | See TAB C (DCWF Training Repository) below for additional course information. |
Foundational Qualification Options | Commercial Training | TBD | TBD | TBD | |
Foundational Qualification Options | OR | OR | OR | ||
Foundational Qualification Options | Personnel Certification | Security+ | GCLD or CCE or CASP+ or CEH | See TAB B (Certification Index) below for certification vendor information. Courses at higher proficiency levels qualify lower levels. | |
Foundational Qualification Alternative | Experience | Conditional Alternative | Conditional Alternative | Conditional Alternative | Refer to Section 3 of the DoD 8140 Manual for more information. |
Residential Qualification | On-the-Job Qualification | Always Required | Always Required | Always Required | Individuals must demonstrate capability to perform their duties in their resident environment. |
Residential Qualification | Environment-Specific Requirements | Component Discretion | Component Discretion | Component Discretion | |
Annual Maintenance | Continuous Professional Development | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. |
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
88 | Knowledge of new and emerging information technology (IT) and cybersecurity technologies. |
Knowledge |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
129 | Knowledge of system life cycle management principles, including software security and usability. |
Knowledge |
144A | Skill in applying the systems engineering process. |
Skill |
925 | Research current technology to understand capabilities of required system or network. |
Task |
927A | Research and evaluate available technologies and standards to meet customer requirements. |
Task |
934 | Identify cyber capabilities strategies for custom hardware and software development based on mission requirements. |
Task |
1076 | Collaborate with stakeholders to identify and/or develop appropriate solutions technology. |
Task |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
4 | Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. |
Ability |
10 | Knowledge of application vulnerabilities. |
Knowledge |
27 | Knowledge of cryptography and cryptographic key management concepts. |
Knowledge |
95A | Knowledge of penetration testing principles, tools, and techniques. |
Knowledge |
155 | Skill in applying and incorporating information technologies into proposed solutions. |
Skill |
172 | Skill in creating and utilizing mathematical or statistical models. |
Skill |
180A | Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages. |
Skill |
321A | Knowledge of industry technologies and how differences affect exploitation/vulnerabilities. |
Knowledge |
383 | Skill in using scientific rules and methods to solve problems. |
Skill |
1037 | Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures. |
Knowledge |
1038B | Knowledge of local specialized system requirements (e.g., critical infrastructure/control systems that may not use standard information technology [IT]) for safety, performance, and reliability). |
Knowledge |
1040A | Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure. |
Knowledge |
1056 | Knowledge of operations security. |
Knowledge |
1062 | Knowledge of software reverse engineering techniques. |
Knowledge |
1072 | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
Knowledge |
1077 | Design and develop new tools/technologies as related to cybersecurity. |
Task |
1078A | Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases. |
Task |
1079A | Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities. |
Task |
1125 | Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration. |
Knowledge |
1135 | Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing). |
Knowledge |
1142A | Knowledge of industry standard security models. |
Knowledge |
1147A | Develop data management capabilities (e.g., cloud based, centralized cryptographic key management) to include support to the mobile workforce. |
Task |
3068 | Ability to prepare and present briefings. |
Ability |
3069 | Ability to produce technical documentation. |
Ability |
6919 | Ability to determine the best cloud deployment model for the appropriate operating environment. |
Ability |
6942 | Skill in designing or implementing cloud computing deployment models. |
Skill |