Systems Developer

Systems Developer Work Role ID: 632 (NIST: SP-SYS-002) Workforce Element: IT (Cyberspace)

Designs, develops, tests, and evaluates information systems throughout the systems development lifecycle.


Qualification Matrix

  BasicIntermediateAdvancedNotes
Foundational Qualification OptionsEducation A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRCA BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRCTBDFor additional information pertaining to ABET: www.abet.org or CAE: www.caecommunity.org
Foundational Qualification OptionsOR OR OR
Foundational Qualification OptionsDoD/Military TrainingTBDTBDTBDSee TAB C (DCWF Training Repository) below for additional course information.
Foundational Qualification OptionsCommercial TrainingTBDTBDTBD
Foundational Qualification OptionsOR OR OR
Foundational Qualification OptionsPersonnel CertificationCNDGCLD or GSEC or CSSLPFITSP-D or GCSA or GISF or SSCPSee TAB B (Certification Index) below for certification vendor information. Courses at higher proficiency levels qualify lower levels.
Foundational Qualification AlternativeExperienceConditional AlternativeConditional AlternativeConditional AlternativeRefer to Section 3 of the DoD 8140 Manual for more information.
Residential QualificationOn-the-Job QualificationAlways RequiredAlways RequiredAlways RequiredIndividuals must demonstrate capability to perform their duties in their resident environment.
Residential QualificationEnvironment-Specific RequirementsComponent DiscretionComponent DiscretionComponent Discretion
Annual Maintenance Continuous Professional Development Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
38

Knowledge of organization’s enterprise information security architecture system.

Knowledge
64

Knowledge of information security systems engineering principles.

Knowledge
70

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
109

Knowledge of secure configuration management techniques.

Knowledge
118

Knowledge of software development models (e.g., Waterfall Model, Spiral Model).

Knowledge
119

Knowledge of software engineering.

Knowledge
130

Knowledge of systems testing and evaluation methods.

Knowledge
144

Knowledge of the systems engineering process.

Knowledge
530A

Develop detailed design documentation for component and interface specifications to support system design and development.

Task
659A

Implement designs for new or existing system(s).

Task
1000A

Ensure design and development activities are properly documented (providing a functional description of implementation) and updated as necessary.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
3642

Knowledge of various types of computer architectures.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge
6935

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

Knowledge
6938

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge

Additional KSATs

KSAT ID Description KSAT
8A

Knowledge of access authentication methods.

Knowledge
25B

Knowledge of encryption algorithms.

Knowledge
27A

Knowledge of cryptology.

Knowledge
34

Knowledge of database systems.

Knowledge
42

Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware.

Knowledge
43A

Knowledge of embedded systems.

Knowledge
46

Knowledge of fault tolerance.

Knowledge
51

Knowledge of how system components are installed, integrated, and optimized.

Knowledge
52

Knowledge of human-computer interaction principles.

Knowledge
63A

Knowledge of information systems and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
65A

Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
75

Knowledge of mathematics, including logarithms, trigonometry, linear algebra, calculus, and statistics.

Knowledge
78

Knowledge of microprocessors.

Knowledge
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
82A

Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs.

Knowledge
90

Knowledge of operating systems.

Knowledge
92

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
94

Knowledge of parallel and distributed computing concepts.

Knowledge
98

Knowledge of policy-based and risk adaptive access controls.

Knowledge
100

Knowledge of Privacy Impact Assessments.

Knowledge
101

Knowledge of process engineering concepts.

Knowledge
110A

Knowledge of security management.

Knowledge
121

Knowledge of structured analysis principles and methods.

Knowledge
124B

Knowledge of system design tools, methods, and techniques.

Knowledge
126

Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.

Knowledge
129A

Knowledge of system life cycle management principles.

Knowledge
133

Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers).

Knowledge
173A

Skill in integrating and applying policies that meet system security objectives.

Skill
173B

Skill in creating policies that enable systems to meet performance objectives (e.g. traffic routing, SLA’s, CPU specifications).

Skill
177A

Knowledge of countermeasure design for identified security risks.

Knowledge
177

Skill in designing countermeasures to identified security risks.

Skill
179

Skill in designing security controls based on cybersecurity principles and tenets.

Skill
180

Skill in designing the integration of hardware and software solutions.

Skill
181A

Skill in detecting host and network based intrusions via intrusion detection technologies.

Skill
181B

Knowledge of how detection technologies are used to detect host and network-based intrusions.

Knowledge
191A

Knowledge of development and application of security system access controls.

Knowledge
197

Skill in discerning the protection needs (i.e., security controls) of information systems and networks.

Skill
199

Skill in evaluating the adequacy of security designs.

Skill
224A

Skill in the use of design modeling (e.g., unified modeling language).

Skill
238A

Skill in writing code in a currently supported programming language (e.g., Java, C++).

Skill
416A

Analyze design constraints, analyze trade-offs and security design, and consider lifecycle support.

Task
431A

Build, assess, and modify product prototypes using working models or theoretical models.

Task
494

Design and develop cybersecurity or cybersecurity-enabled products.

Task
500B

Design hardware, operating systems, or software applications to adequately address requirements.

Task
501

Design or integrate appropriate data backup capabilities into overall system designs, and ensure appropriate technical and procedural processes exist for secure system backups and protected storage of backup data.

Task
503A

Design to security requirements to ensure requirements are met for all systems and/or applications.

Task
516A

Develop testing and validation procedures and documentation.

Task
527

Develop architectures or system components consistent with technical specifications.

Task
531

Develop Disaster Recovery and Continuity of Operations plans for systems under development and ensure testing prior to systems entering a production environment.

Task
542A

Develop risk mitigation strategies and cybersecurity countermeasures to address cost, performance, and security risks and to resolve vulnerabilities and recommend security changes to system or system components as needed.

Task
542A

Develop mitigation strategies to address cost, schedule, performance, and security risks.

Task
602

Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration.

Task
626A

Identify components or elements, allocate comprehensive functional components to include security functions, and describe the relationships between the elements.

Task
630

Identify and direct the remediation of technical problems encountered during testing and implementation of new systems (e.g., identify and find work-arounds for communication protocols that are not interoperable).

Task
632

Identify and prioritize essential system functions or sub-systems required to support essential capabilities or business functions for restoration or recovery after a system failure or during a system recovery event based on overall system requirements for continuity and availability.

Task
648

Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system and ensure recommended products are in compliance with organization’s evaluation and validation requirements.

Task
766A

Perform security reviews and identify security gaps in architecture.

Task
770

Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

Task
803

Provide guidelines for implementing developed systems to customers or installation teams.

Task
808B

Provide input to implementation plans, standard operating procedures, maintenance documentation, and maintenance training materials

Task
809

Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

Task
850

Store, retrieve, and manipulate data for analysis of system capabilities and requirements.

Task
856A

Provide support to test and evaluation activities.

Task
860A

Trace system requirements to design components and perform gap analysis.

Task
874

Utilize models and simulations to analyze or predict system performance under different operating conditions.

Task
877A

Verify stability, interoperability, portability, and/or scalability of system architecture.

Task
904A

Knowledge of interpreted and compiled computer languages.

Knowledge
998A

Analyze user needs and requirements to plan and conduct system development.

Task
999C

Collaborate with cybersecurity professionals to implement cybersecurity into designs to meet specific operational needs and environmental factors (e.g., access controls, automate d applications, networked operations, high integrity and availability requirements, multilevel security/processing of multiple classification levels, and processing Sensitive Compartmented Information).

Task
999A

Develop designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations.

Task
1002B

Skill in conducting reviews of technical systems.

Skill
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1037

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1073A

Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Skill
1073B

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Knowledge
1133

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1142

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Knowledge
1152A

Implement and integrate systems engineering methodologies into development environment.

Task
2354

Employ configuration management processes.

Task
3153

Knowledge of circuit analysis.

Knowledge
3307

Knowledge of cybersecurity-enabled software products.

Knowledge
3687

Skill in applying security controls.

Skill
5110

Conduct a market analysis to identify, assess, and recommend commercial, GOTS, and open source products for use within a system and ensure recommended products are in compliance with organization’s evaluation and validation requirements.

Task
5190

Design and develop system administration and management functionality for privileged access users.

Task
5200A

Design, implement, assess, and evaluate secure interfaces between information systems, physical systems, and/or embedded technologies.

Task
5400

Incorporates risk-driven systems maintenance updates process to address system deficiencies (periodically and out of cycle).

Task
6945

Skill in migrating workloads to, from, and among the different cloud computing service models.

Skill