IT (Cyberspace)

IT (Cyberspace)

Personnel who design, build, configure, operate, and maintain IT, networks, and capabilities. This includes actions to prioritize implement, evaluate, and dispose of IT as well as information resource management; and the management, storage, transmission, and display of data and information.



Below are the associated Work Roles. Click the arrow to expand/collapse the Work Role information and view the associated Core and Additional KSATs (Knowledge, Skills, Abilties, and Tasks). Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role. Click on the other blue links to further explore the information.
Data Analyst Work Role ID: 422 (NIST: OM-DA-002) Category/Specialty Area: Operate & Maintain / Data Administration Workforce Element: IT (Cyberspace)

Examines data from multiple disparate sources with the goal of providing new insight. Designs and implements custom algorithms, flow processes and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
166

Skill in conducting queries and developing algorithms to analyze data structures.

Skill
201

Skill in generating queries and reports.

Skill
1120

Ability to interpret and incorporate data from multiple tool sources.

Ability
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
21

Knowledge of computer algorithms.

Knowledge
23

Knowledge of computer programming principles such as object-oriented design.

Knowledge
28

Knowledge of data administration and data standardization policies and standards.

Knowledge
31

Knowledge of data mining and data warehousing principles.

Knowledge
32

Knowledge of database management systems, query languages, table relationships, and views.

Knowledge
35

Knowledge of digital rights management.

Knowledge
44

Knowledge of enterprise messaging systems and associated software.

Knowledge
65A

Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).

Knowledge
74

Knowledge of low-level computer languages (e.g., assembly languages).

Knowledge
75A

Knowledge of mathematics, including logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis.

Knowledge
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
90

Knowledge of operating systems.

Knowledge
98

Knowledge of policy-based and risk adaptive access controls.

Knowledge
102

Knowledge of programming language structures and logic.

Knowledge
104

Knowledge of query languages such as SQL (structured query language).

Knowledge
120

Knowledge of sources, characteristics, and uses of the organization’s data assets.

Knowledge
135

Knowledge of the capabilities and functionality associated with various technologies for organizing and managing information (e.g., databases, bookmarking engines).

Knowledge
172

Skill in creating and utilizing mathematical or statistical models.

Skill
186

Skill in developing data dictionaries.

Skill
187

Skill in developing data models.

Skill
224A

Skill in the use of design modeling (e.g., unified modeling language).

Skill
238A

Skill in writing code in a currently supported programming language (e.g., Java, C++).

Skill
342

Knowledge of Unix command line (e.g., mkdir, mv, ls, passwd, grep).

Knowledge
400

Analyze and define data requirements and specifications.

Task
401

Analyze and plan for anticipated changes in data capacity requirements.

Task
520B

Develop and implement data mining and data warehousing programs.

Task
529

Develop data standards, policies, and procedures.

Task
702

Manage the compilation, cataloging, caching, distribution, and retrieval of data.

Task
796

Provide a managed flow of relevant information (via web-based portals or other means) based on a mission requirements.

Task
815

Provide recommendations on new database technologies and architectures.

Task
904

Knowledge of interpreted and compiled computer languages.

Knowledge
905

Knowledge of secure coding techniques.

Knowledge
910

Knowledge of database theory.

Knowledge
1088

Skill in using binary analysis tools (e.g., Hexedit, command code xxd, hexdump).

Skill
1091

Skill in one way hash functions (e.g., Secure Hash Algorithm [SHA], Message Digest Algorithm [MD5]).

Skill
1115

Skill in reading Hexadecimal data.

Skill
1116

Skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode).

Skill
1124

Knowledge of advanced data remediation security features in databases.

Knowledge
1128

Knowledge of Java-based database access application programming interface (API) (e.g., Java Database Connectivity [JDBC]).

Knowledge
3722

Skill in data mining techniques (e.g., searching file systems) and analysis.

Skill
5030

Analyze data sources to provide actionable recommendations.

Task
5080

Assess the validity of source data and subsequent findings.

Task
5100

Collect metrics and trending data.

Task
5120

Conduct hypothesis testing using statistical processes.

Task
5140

Confer with systems analysts, engineers, programmers and others to design application.

Task
5220

Develop and facilitate data-gathering methods.

Task
5270

Develop strategic insights from large data sets.

Task
5430

Present technical information to technical and non-technical audiences.

Task
5440

Present data in creative formats.

Task
5550

Program custom algorithms.

Task
5570

Provide actionable recommendations to critical stakeholders based on data analysis and findings.

Task
5640

Utilize technical documentation or resources to implement a new mathematical, data science, or computer science method.

Task
6050

Ability to build complex data structures and high-level programming languages.

Ability
6120

Ability to dissect a problem and examine the interrelationships between data that may appear unrelated.

Ability
6130

Ability to identify basic common coding flaws at a high level.

Ability
6180

Ability to use data visualization tools (e.g., Flare, HighCharts, AmCharts, D3.js, Processing, Google Visualization API, Tableau, Raphael.js).

Ability
6190

Effectively allocate storage capacity in the design of data management systems.

Task
6200

Knowledge of applications that can log errors, exceptions, and application faults and logging.

Knowledge
6300

Knowledge of how to utilize Hadoop, Java, Python, SQL, Hive, and PIG to explore data.

Knowledge
6311

Knowledge of machine learning theory and principles.

Knowledge
6470

Read, interpret, write, modify, and execute simple scripts (e.g., PERL, VBS) on Windows and UNIX systems (e.g., those that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data).

Task
6490

Skill in assessing the predictive power and subsequent generalizability of a model.

Skill
6520

Skill in data pre-processing (e.g., imputation, dimensionality reduction, normalization, transformation, extraction, filtering, smoothing).

Skill
6570

Skill in identifying hidden patterns or relationships.

Skill
6610

Skill in performing format conversions to create a standard representation of the data.

Skill
6620

Skill in performing sensitivity analysis.

Skill
6650

Skill in developing machine understandable semantic ontologies.

Skill
6651

Skill in Regression Analysis (e.g., Hierarchical Stepwise, Generalized Linear Model, Ordinary Least Squares, Tree-Based Methods, Logistic).

Skill
6690

Skill in transformation analytics (e.g., aggregation, enrichment, processing).

Skill
6710

Skill in using basic descriptive statistics and techniques (e.g., normality, model distribution, scatter plots).

Skill
6720

Skill in using data analysis tools (e.g., Excel, STATA SAS, SPSS).

Skill
6730

Skill in using data mapping tools.

Skill
6750

Skill in using outlier identification and removal techniques.

Skill
6760

Skill in writing scripts using R, Python, PIG, HIVE, SQL, etc.

Skill
6780

Utilize different programming languages to write code, open files, read files, and write output to different files.

Task
6790

Utilize opens source language such as R and apply quantitative techniques (e.g., descriptive and inferential statistics, sampling, experimental design, parametric and non-parametric tests of difference, ordinary least squares regression, general line).

Task
Database Administrator Work Role ID: 421 (NIST: OM-DA-001) Category/Specialty Area: Operate & Maintain / Data Administration Workforce Element: IT (Cyberspace)

Administers databases and/or data management systems that allow for the storage, query, and utilization of data.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
28

Knowledge of data administration and data standardization policies and standards.

Knowledge
29

Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.

Knowledge
32

Knowledge of database management systems, query languages, table relationships, and views.

Knowledge
104

Knowledge of query languages such as SQL (structured query language).

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
208

Skill in maintaining databases.

Skill
213

Skill in optimizing database performance.

Skill
400A

Implement data management standards, requirements, and specifications.

Task
401

Analyze and plan for anticipated changes in data capacity requirements.

Task
664A

Install and configure database management systems and software.

Task
684

Maintain database management systems software.

Task
712

Monitor and maintain databases to ensure optimal performance.

Task
740

Perform backup and recovery of databases to ensure data integrity.

Task
1154

Performs configuration management, problem management, capacity management, and financial management for databases and data management systems.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
31

Knowledge of data mining and data warehousing principles.

Knowledge
35

Knowledge of digital rights management.

Knowledge
44

Knowledge of enterprise messaging systems and associated software.

Knowledge
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
90

Knowledge of operating systems.

Knowledge
98

Knowledge of policy-based and risk adaptive access controls.

Knowledge
120

Knowledge of sources, characteristics, and uses of the organization’s data assets.

Knowledge
137

Knowledge of the characteristics of physical and virtual data storage media.

Knowledge
152

Skill in allocating storage capacity in the design of data management systems.

Skill
166

Skill in conducting queries and developing algorithms to analyze data structures.

Skill
201

Skill in generating queries and reports.

Skill
520A

Implement data mining and data warehousing applications.

Task
688

Maintain directory replication services that enable information to replicate automatically from rear servers to forward units via optimized routing.

Task
690

Maintain information exchanges through publish, subscribe, and alert functions that enable users to send and receive critical information as required.

Task
702

Manage the compilation, cataloging, caching, distribution, and retrieval of data.

Task
815

Provide recommendations on new database technologies and architectures.

Task
910

Knowledge of database theory.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1123A

Knowledge of current and emerging data encryption (e.g., Column and Tablespace Encryption, file and disk encryption) security features in databases, including built-in cryptographic key management features.

Knowledge
1124A

Knowledge of current and emerging data remediation security features in databases.

Knowledge
1128A

Knowledge of database access application programming interfaces (APIs) (e.g., Java Database Connectivity [JDBC]).

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1155

Supports incident management, service level management, change management, release management, continuity management, and availability management for databases and data management systems.

Task
2541

Maintain assured message delivery systems.

Task
Enterprise Architect Work Role ID: 651 (NIST: SP-ARC-001) Category/Specialty Area: Securely Provision / Systems Architecture Workforce Element: IT (Cyberspace)

Develops and maintains business, systems, and information processes to support enterprise mission needs; develops information technology (IT) rules and requirements that describe baseline and target architectures.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
38

Knowledge of organization’s enterprise information security architecture system.

Knowledge
68A

Ability to build architectures and frameworks.

Ability
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
82A

Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
141A

Knowledge of the enterprise information technology (IT) architectural concepts and patterns to include baseline and target architectures.

Knowledge
143A

Knowledge of integrating the organization’s goals and objectives into the architecture.

Knowledge
144

Knowledge of the systems engineering process.

Knowledge
413A

Analyze user needs and requirements to plan architecture.

Task
502A

Develop enterprise architecture or system components required to meet user needs.

Task
568

Employ secure configuration management processes.

Task
569A

Document and update as necessary all definition and architecture activities.

Task
579

Ensure acquired or developed system(s) and architecture(s) are consistent with organization’s cybersecurity architecture guidelines.

Task
780A

Plan implementation strategy to ensure enterprise components can be integrated and aligned.

Task
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
34

Knowledge of database systems.

Knowledge
40

Knowledge of organization’s evaluation and validation requirements.

Knowledge
42

Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware.

Knowledge
43A

Knowledge of embedded systems.

Knowledge
46A

Knowledge of system fault tolerance methodologies.

Knowledge
51

Knowledge of how system components are installed, integrated, and optimized.

Knowledge
53

Knowledge of the Security Assessment and Authorization process.

Knowledge
62

Knowledge of industry-standard and organizationally accepted analysis principles and methods.

Knowledge
63

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
65A

Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).

Knowledge
70A

Knowledge of cybersecurity methods, such as firewalls, demilitarized zones, and encryption.

Knowledge
75

Knowledge of mathematics, including logarithms, trigonometry, linear algebra, calculus, and statistics.

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
90

Knowledge of operating systems.

Knowledge
92

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
94

Knowledge of parallel and distributed computing concepts.

Knowledge
109A

Knowledge of configuration management techniques.

Knowledge
110

Knowledge of key concepts in security management (e.g., Release Management, Patch Management).

Knowledge
111

Knowledge of security system design tools, methods, and techniques.

Knowledge
113A

Knowledge of N-tiered typologies including server and client operating systems.

Knowledge
119

Knowledge of software engineering.

Knowledge
130

Knowledge of systems testing and evaluation methods.

Knowledge
132A

Ability to execute technology integration processes.

Ability
133

Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers).

Knowledge
155

Skill in applying and incorporating information technologies into proposed solutions.

Skill
180

Skill in designing the integration of hardware and software solutions.

Skill
183A

Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

Knowledge
183

Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

Skill
224

Skill in design modeling and building use cases (e.g., unified modeling language).

Skill
238A

Skill in writing code in a currently supported programming language (e.g., Java, C++).

Skill
483A

Captures and integrates essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.

Task
484

Define appropriate levels of system availability based on critical system functions and ensure system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.

Task
631

Identify and prioritize critical business functions in collaboration with organizational stakeholders.

Task
765A

Integrate results regarding the identification of gaps in security architecture.

Task
797

Provide advice on project costs, design concepts, or design changes.

Task
809

Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

Task
864A

Translate proposed capabilities into technical requirements.

Task
993A

Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization’s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).

Ability
994A

Document how the implementation of a new system or new interface between systems impacts the current and target environment including but not limited to security posture.

Task
996B

Integrate key management functions as related to cyberspace.

Task
1037B

Knowledge of program protection planning to include information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1073

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Knowledge
1130

Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).

Knowledge
1133

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1142

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Knowledge
2014

Analyze candidate architectures, allocate security services, and select security mechanisms.

Task
2248

Develop a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements.

Task
2390

Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.

Task
2887

Write detailed functional specifications that document the architecture development process.

Task
3030

Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.

Ability
3153

Knowledge of circuit analysis.

Knowledge
3246

Knowledge of confidentiality, integrity, and availability requirements.

Knowledge
3307

Knowledge of cybersecurity-enabled software products.

Knowledge
3353

Knowledge of the Risk Management Framework Assessment Methodology.

Knowledge
3642

Knowledge of various types of computer architectures.

Knowledge
6030

Ability to apply an organization’s goals and objectives to develop and maintain architecture.

Ability
6150

Ability to optimize systems to meet enterprise performance requirements.

Ability
6330

Knowledge of multi-level/security cross domain solutions.

Knowledge
6680

Skill in the use of design methods.

Skill
Knowledge Manager Work Role ID: 431 (NIST: OM-KM-001) Category/Specialty Area: Operate & Maintain / Knowledge Management Workforce Element: IT (Cyberspace)

Responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
134

Knowledge of the capabilities and functionality associated with various content creation technologies (e.g., wikis, social networking, blogs).

Knowledge
135

Knowledge of the capabilities and functionality associated with various technologies for organizing and managing information (e.g., databases, bookmarking engines).

Knowledge
136

Knowledge of the capabilities and functionality of various collaborative technologies (e.g., groupware, SharePoint).

Knowledge
394A

Manage the indexing/cataloguing, storage, and access of explicit organizational knowledge (e.g., hard copy documents, digital files).

Task
464

Construct access paths to suites of information (e.g., link pages) to facilitate access by end-users.

Task
910

Knowledge of database theory.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
5

Ability to match the appropriate knowledge repository technology for a given application or environment.

Ability
19

Knowledge of cyber defense and vulnerability assessment tools, including open source tools, and their capabilities.

Knowledge
163

Skill in conducting information searches.

Skill
164

Skill in conducting knowledge mapping (e.g., map of knowledge repositories).

Skill
223

Skill in the measuring and reporting of intellectual capital.

Skill
230

Skill in using knowledge management technologies.

Skill
338A

Knowledge of the principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing information.

Knowledge
505A

Design, build, implement, and maintain a knowledge management framework that provides end-users access to the organization’s intellectual capital.

Task
513

Develop an understanding of the needs and requirements of information end-users.

Task
721

Monitor and report the usage of knowledge management assets and resources.

Task
777

Plan and manage the delivery of knowledge management projects.

Task
794A

Promote knowledge sharing between information owners/users through an organization’s operational processes and systems.

Task
814

Provide recommendations on data structures and databases that ensure correct and quality production of reports/management information.

Task
907A

Knowledge of data mining techniques.

Knowledge
942

Knowledge of the organization’s core business/mission processes.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1125

Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.

Knowledge
1126

Knowledge of data classification standards and methodologies based on sensitivity and other risk factors.

Knowledge
1136A

Knowledge of use cases related to collaboration and content synchronization across platforms (e.g., Mobile, PC, Cloud).

Knowledge
5000

Leads efforts to promote the organization’s use of knowledge management and information sharing.

Task
6000

Knowledge of taxonomy and semantic ontology theory.

Knowledge
Network Operations Specialist Work Role ID: 441 (NIST: OM-NET-001) Category/Specialty Area: Operate & Maintain / Network Services Workforce Element: IT (Cyberspace)

Plans, implements, and operates network services/systems, to include hardware and virtual environments.

Core KSATs

KSAT ID Description KSAT
12

Knowledge of communication methods, principles, and concepts (e.g., crypto, dual hubs, time multiplexers) that support the network infrastructure.

Knowledge
15B

Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.

Ability
15

Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.

Knowledge
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
41

Knowledge of organization’s LAN/WAN pathways.

Knowledge
55

Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.

Knowledge
70

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
76

Knowledge of measures or indicators of system performance and availability.

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
92

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
106

Knowledge of remote access technology concepts.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
112

Knowledge of server administration and systems engineering theories, concepts, and methods.

Knowledge
133

Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers).

Knowledge
148

Knowledge of Virtual Private Network (VPN) security.

Knowledge
154

Skill in analyzing network traffic capacity and performance characteristics.

Skill
193A

Skill in implementing and testing network infrastructure contingency and recovery plans.

Skill
198

Skill in establishing a routing schema.

Skill
205

Skill in implementing, maintaining, and improving established network security practices.

Skill
207

Skill in installing, configuring, and troubleshooting LAN and WAN components such as routers, hubs, and switches.

Skill
231

Skill in using network management tools to analyze network traffic patterns (e.g., simple network management protocol).

Skill
234A

Skill in sub-netting.

Skill
261

Knowledge of basic concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).

Knowledge
271B

Ability to operate common network tools (e.g., ping, traceroute, nslookup).

Ability
271

Knowledge of common network tools (e.g., ping, traceroute, nslookup).

Knowledge
278

Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).

Knowledge
347A

Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).

Ability
462

Configure and optimize network hubs, routers, and switches (e.g., higher-level protocols, tunneling).

Task
522

Develop and implement network backup and recovery procedures.

Task
555

Diagnose network connectivity problem.

Task
666

Install and maintain network infrastructure device operating system software (e.g., IOS, firmware).

Task
667

Install or replace network hubs, routers, and switches.

Task
718

Monitor network capacity and performance.

Task
736

Patch network vulnerabilities to ensure information is safeguarded against outside parties.

Task
857

Test and maintain network infrastructure including software and hardware devices.

Task
891A

Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).

Skill
893

Skill in securing network communications.

Skill
896

Skill in protecting a network against malware.

Skill
900

Knowledge of web filtering technologies.

Knowledge
901A

Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).

Ability
901

Knowledge of the capabilities of different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).

Knowledge
902

Knowledge of the range of existing networks (e.g., PBX, LANs, WANs, WIFI, SCADA).

Knowledge
985

Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).

Skill
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1073

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
41A

Ability to operate the organization’s LAN/WAN pathways.

Ability
76A

Ability to monitor measures or indicators of system performance and availability.

Ability
92A

Ability to monitor traffic flows across the network.

Ability
656

Implement new system design procedures, test procedures, and quality standards.

Task
673

Integrate new systems into existing network architecture.

Task
802

Provide feedback on network requirements, including network architecture and infrastructure.

Task
903

Knowledge of Wi-Fi.

Knowledge
989

Knowledge of Voice over IP (VoIP).

Knowledge
990

Knowledge of the common attack vectors on the network layer.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1074A

Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.

Knowledge
1133

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
1134

Knowledge of symmetric key rotation techniques and concepts.

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1142

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Knowledge
Research & Development Specialist Work Role ID: 661 (NIST: SP-RD-001) Category/Specialty Area: Securely Provision / Technology R&D Workforce Element: IT (Cyberspace)

Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
88

Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
129

Knowledge of system life cycle management principles, including software security and usability.

Knowledge
144A

Skill in applying the systems engineering process.

Skill
925

Research current technology to understand capabilities of required system or network.

Task
927A

Research and evaluate available technologies and standards to meet customer requirements.

Task
934

Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.

Task
1076

Collaborate with stakeholders to identify and/or develop appropriate solutions technology.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
2420

Follow software and systems engineering life cycle standards and processes.

Task
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
4

Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.

Ability
10

Knowledge of application vulnerabilities.

Knowledge
15A

Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.

Knowledge
27

Knowledge of cryptography and cryptographic key management concepts.

Knowledge
42A

Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software.

Knowledge
95A

Knowledge of penetration testing principles, tools, and techniques.

Knowledge
155

Skill in applying and incorporating information technologies into proposed solutions.

Skill
172

Skill in creating and utilizing mathematical or statistical models.

Skill
180A

Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.

Skill
294A

Knowledge of hacking methodologies.

Knowledge
321A

Knowledge of industry technologies and how differences affect exploitation/vulnerabilities.

Knowledge
383

Skill in using scientific rules and methods to solve problems.

Skill
520

Review and validate data mining and data warehousing programs, processes, and requirements.

Task
905A

Skill in applying secure coding techniques.

Skill
1037

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1040A

Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure.

Knowledge
1044A

Knowledge of forensic footprint identification.

Knowledge
1052A

Knowledge of mobile communications architecture.

Knowledge
1054

Knowledge of hardware reverse engineering techniques.

Knowledge
1055

Knowledge of middleware (e.g., enterprise service bus and message queuing).

Knowledge
1056

Knowledge of operations security.

Knowledge
1059

Knowledge of networking protocols.

Knowledge
1062

Knowledge of software reverse engineering techniques.

Knowledge
1063A

Knowledge of operating system structures and internals (e.g., process management, directory structure, installed applications).

Knowledge
1064

Knowledge of Extensible Markup Language (XML) schemas.

Knowledge
1067A

Knowledge of network analysis tools used to identify software communications vulnerabilities.

Knowledge
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1077

Design and develop new tools/technologies as related to cybersecurity.

Task
1078A

Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.

Task
1079A

Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.

Task
1080A

Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities.

Task
1135

Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).

Knowledge
1142A

Knowledge of industry standard security models.

Knowledge
1147A

Develop data management capabilities (e.g., cloud based, centralized cryptographic key management) to include support to the mobile workforce.

Task
2388

Evaluate network infrastructure vulnerabilities to enhance capabilities being developed.

Task
3068

Ability to prepare and present briefings.

Ability
3069

Ability to produce technical documentation.

Ability
3192

Knowledge of covert communication techniques.

Knowledge
Software Developer Work Role ID: 621 (NIST: SP-DEV-001) Category/Specialty Area: Securely Provision / Software Development Workforce Element: IT (Cyberspace)

Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
23

Knowledge of computer programming principles such as object-oriented design.

Knowledge
40

Knowledge of organization’s evaluation and validation requirements.

Knowledge
56

Knowledge of cybersecurity principles and methods that apply to software development.

Knowledge
63

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
74

Knowledge of low-level computer languages (e.g., assembly languages).

Knowledge
102

Knowledge of programming language structures and logic.

Knowledge
105

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
109

Knowledge of secure configuration management techniques.

Knowledge
116

Knowledge of software debugging principles.

Knowledge
117

Knowledge of software design tools, methods, and techniques.

Knowledge
118

Knowledge of software development models (e.g., Waterfall Model, Spiral Model).

Knowledge
119

Knowledge of software engineering.

Knowledge
121

Knowledge of structured analysis principles and methods.

Knowledge
124

Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.

Knowledge
149

Knowledge of web services, including service-oriented architecture, Simple Object Access Protocol, and web service description language.

Knowledge
168

Skill in conducting software debugging.

Skill
174

Skill in creating programs that validate and process multiple inputs including command line arguments, environmental variables, and input streams.

Skill
177

Skill in designing countermeasures to identified security risks.

Skill
185A

Skill in developing applications that can log and handle errors, exceptions, and application faults and logging.

Skill
191

Skill in developing and applying security system access controls.

Skill
238A

Skill in writing code in a currently supported programming language (e.g., Java, C++).

Skill
408

Analyze information to determine, recommend, and plan the development of a new application or modification of an existing application.

Task
414

Analyze user needs and software requirements to determine feasibility of design within time and cost constraints.

Task
417

Apply coding and testing standards, apply security testing tools including “‘fuzzing” static-analysis code scanning tools, and conduct code reviews.

Task
418

Apply secure code documentation.

Task
432

Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.

Task
446

Compile and write documentation of program development and subsequent revisions, inserting comments in the coded instructions so others can understand the program.

Task
459A

Conduct trial runs of programs and software applications to ensure the desired information is produced and instructions and security levels are correct.

Task
461

Confer with systems analysts, engineers, programmers, and others to design application and to obtain information on project limitations and capabilities, performance requirements, and interfaces.

Task
467

Consult with engineering staff to evaluate interface between hardware and software.

Task
477

Correct errors by making appropriate changes and rechecking the program to ensure desired results are produced.

Task
506

Design, develop, and modify software systems, using scientific analysis and mathematical models to predict and measure outcome and consequences of design.

Task
515A

Develop software system testing and validation procedures, programming, and documentation.

Task
543

Develop secure code and error handling.

Task
602

Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration.

Task
634

Identify basic common coding flaws at a high level.

Task
644

Identify security implications and apply methodologies within centralized and decentralized environments across the enterprises computer systems in software development.

Task
645

Identify security issues around steady state operation and management of software and incorporate security measures that must be taken when a product reaches its end of life.

Task
709A

Modify and maintain existing software to correct errors, to adapt it to new hardware, or to upgrade interfaces and improve performance.

Task
756

Perform integrated quality assurance testing for security functionality and resiliency attack.

Task
764

Perform secure programming and identify potential flaws in codes to mitigate vulnerabilities.

Task
770

Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

Task
850

Store, retrieve, and manipulate data for analysis of system capabilities and requirements.

Task
865

Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.

Task
904

Knowledge of interpreted and compiled computer languages.

Knowledge
905

Knowledge of secure coding techniques.

Knowledge
968

Knowledge of software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, simplicity/minimization).

Knowledge
970A

Apply cybersecurity functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities.

Task
972A

Determine and document software patches or the extent of releases that would leave software vulnerable.

Task
976

Knowledge of software quality assurance process.

Knowledge
978A

Knowledge of root cause analysis techniques.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1037A

Knowledge of information technology (IT) risk management policies, requirements, and procedures.

Knowledge
1071A

Ability to develop secure software according to secure software deployment methodologies, tools, and practices.

Ability
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1149A

Enable applications with public keying by leveraging existing public key infrastructure (PKI) libraries and incorporating certificate management and encryption functionalities when appropriate.

Task
1150A

Identify and leverage the enterprise-wide security services while designing and developing secure applications (e.g., Enterprise PKI, Federated Identity server, Enterprise AV solution) when appropriate.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
3

Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.

Skill
20

Knowledge of complex data structures.

Knowledge
38

Knowledge of organization’s enterprise information security architecture system.

Knowledge
43A

Knowledge of embedded systems.

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
90

Knowledge of operating systems.

Knowledge
95A

Knowledge of penetration testing principles, tools, and techniques.

Knowledge
100

Knowledge of Privacy Impact Assessments.

Knowledge
172

Skill in creating and utilizing mathematical or statistical models.

Skill
197

Skill in discerning the protection needs (i.e., security controls) of information systems and networks.

Skill
785

Prepare detailed workflow charts and diagrams that describe input, output, and logical operation, and convert them into a series of instructions coded in a computer language.

Task
826

Address security implications in the software acceptance phase including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.

Task
971

Design countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities in system and elements.

Task
973A

Skill in using code analysis tools.

Skill
974

Ability to tailor code analysis for application-specific concerns.

Ability
979

Knowledge of supply chain risk management standards, processes, and practices.

Knowledge
980A

Skill in performing root cause analysis.

Skill
1020A

Skill in secure test plan design (e. g. unit, integration, system, acceptance).

Skill
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1131

Knowledge of security architecture concepts and enterprise architecture reference models (e.g., Zackman, Federal Enterprise Architecture [FEA]).

Knowledge
1135

Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).

Knowledge
1140A

Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).

Skill
1151

Identify and leverage the enterprise-wide version control system while designing and developing secure applications.

Task
2156

Consult with customers about software system design and maintenance.

Task
2335

Direct software programming and development of documentation.

Task
2839

Supervise and assign work to programmers, designers, technologists and technicians and other engineering and scientific personnel.

Task
3080

Ability to use and understand complex mathematical concepts (e.g., discrete math).

Ability
System Administrator Work Role ID: 451 (NIST: OM-SA-001) Category/Specialty Area: Operate & Maintain / Systems Administration Workforce Element: IT (Cyberspace)

Installs, configures, troubleshoots, and maintains hardware, software, and administers system accounts.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
76

Knowledge of measures or indicators of system performance and availability.

Knowledge
96

Knowledge of performance tuning tools and techniques.

Knowledge
99A

Knowledge of principles and methods for integrating system components.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
127

Knowledge of systems administration concepts.

Knowledge
171A

Skill in correcting physical and technical problems that impact system/server performance.

Skill
211A

Skill in monitoring and optimizing system/server performance.

Skill
216A

Skill in recovering failed systems/servers.

Skill
219A

Skill in operating system administration.

Skill
344

Knowledge of virtualization technologies and virtual machine development and maintenance.

Knowledge
452

Conduct functional and connectivity testing to ensure continuing operability.

Task
518

Develop and document systems administration standard operating procedures.

Task
518A

Comply with organization systems administration standard operating procedures.

Task
521A

Implement and enforce local network usage policies and procedures.

Task
683

Maintain baseline system security according to organizational policies.

Task
695

Manage accounts, network rights, and access to systems and equipment.

Task
701A

Manage system/server resources including performance, capacity, availability, serviceability, and recoverability.

Task
713A

Monitor and maintain system/server configuration.

Task
763B

Perform repairs on faulty system/server hardware.

Task
781

Plan, execute, and verify data redundancy and system recovery procedures.

Task
835A

Troubleshoot hardware/software interface and interoperability problems.

Task
986

Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).

Knowledge
1033

Knowledge of basic system administration, network, and operating system hardening techniques.

Knowledge
1153A

Install, update, and troubleshoot systems/servers.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
70

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
112A

Knowledge of systems engineering theories, concepts, and methods.

Knowledge
113

Knowledge of server and client operating systems.

Knowledge
114A

Knowledge of system/server diagnostic tools and fault identification techniques.

Knowledge
141

Knowledge of the enterprise information technology (IT) architecture.

Knowledge
145

Knowledge of the type and frequency of routine maintenance needed to keep equipment functioning properly.

Knowledge
148

Knowledge of Virtual Private Network (VPN) security.

Knowledge
167A

Skill in conducting system/server planning, management, and maintenance.

Skill
170

Skill in configuring and optimizing software.

Skill
194

Skill in diagnosing connectivity problems.

Skill
195A

Skill in troubleshooting failed system components (i.e., servers)

Skill
202A

Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.

Skill
206A

Skill in installing system and component upgrades.

Skill
209

Skill in maintaining directory services.

Skill
287

Knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]).

Knowledge
342A

Knowledge of operating system command line/prompt.

Knowledge
386

Skill in using virtual machines.

Skill
434A

Check system hardware availability, functionality, integrity, and efficiency.

Task
456A

Conduct periodic system maintenance including cleaning (both physically and electronically), disk checks, routine reboots, data dumps, and testing.

Task
499

Design group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs.

Task
728A

Oversee installation, implementation, configuration, and support of system components.

Task
763A

Diagnose faulty system/server hardware.

Task
811

Provide ongoing optimization and problem solving support.

Task
892

Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, anti-virus software, anti-spyware).

Skill
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1074A

Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.

Knowledge
6590

Skill in interfacing with customers.

Skill
System Testing and Evaluation Specialist Work Role ID: 671 (NIST: SP-TE-001) Category/Specialty Area: Securely Provision / Test and Evaluation Workforce Element: IT (Cyberspace)

Plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
40

Knowledge of organization’s evaluation and validation requirements.

Knowledge
53

Knowledge of the Security Assessment and Authorization process.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
169

Skill in conducting test events.

Skill
176

Skill in designing a data analysis structure (i.e., the types of data your test must generate and how to analyze those data).

Skill
182

Skill in determining an appropriate level of test rigor for a given system.

Skill
190

Skill in developing operations-based testing scenarios.

Skill
220

Skill in systems integration testing.

Skill
239

Skill in writing test plans.

Skill
412A

Analyze the results of software, hardware, or interoperability testing.

Task
508

Determine level of assurance of developed capabilities based on test results.

Task
550

Develop test plans to address specifications and requirements.

Task
694

Make recommendations based on test results.

Task
748A

Perform developmental testing on systems under development.

Task
757A

Perform interoperability testing on systems exchanging electronic information with other systems.

Task
761A

Perform operational testing.

Task
858A

Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements.

Task
858B

Record and manage test data.

Task
950

Skill in evaluating test plans for applicability and completeness.

Skill
951

Determine scope, infrastructure, resources, and data sample size to ensure system requirements are adequately demonstrated.

Task
1006

Create auditable evidence of security measures.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
5650

Validate specifications and requirements for testability.

Task
6020

Ability to analyze test data.

Ability
6060

Ability to collect, verify, and validate test data.

Ability
6170

Ability to translate data and test results into evaluative conclusions.

Ability
6430

Knowledge of Test & Evaluation processes.

Knowledge
6500

Skill in conducting Test Readiness Reviews.

Skill
6530

Skill in designing and documenting overall program Test & Evaluation strategies.

Skill
6580

Skill in identifying Test & Evaluation infrastructure (people, ranges, tools, instrumentation) requirements.

Skill
6600

Skill in managing test assets, test resources, and test personnel to ensure effective completion of test events.

Skill
6630

Skill in preparing Test & Evaluation reports.

Skill
6641

Skill in providing Test & Evaluation resource estimate.

Skill
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
38

Knowledge of organization’s enterprise information security architecture system.

Knowledge
63

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
83

Knowledge of network hardware devices and functions.

Knowledge
127

Knowledge of systems administration concepts.

Knowledge
144

Knowledge of the systems engineering process.

Knowledge
238A

Skill in writing code in a currently supported programming language (e.g., Java, C++).

Skill
904

Knowledge of interpreted and compiled computer languages.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1037

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1131

Knowledge of security architecture concepts and enterprise architecture reference models (e.g., Zackman, Federal Enterprise Architecture [FEA]).

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1142

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Knowledge
3307

Knowledge of cybersecurity-enabled software products.

Knowledge
Systems Developer Work Role ID: 632 (NIST: SP-SYS-002) Category/Specialty Area: Securely Provision / Systems Development Workforce Element: IT (Cyberspace)

Designs, develops, tests, and evaluates information systems throughout the systems development lifecycle.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
38

Knowledge of organization’s enterprise information security architecture system.

Knowledge
40

Knowledge of organization’s evaluation and validation requirements.

Knowledge
63

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
64

Knowledge of information security systems engineering principles.

Knowledge
70

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
109

Knowledge of secure configuration management techniques.

Knowledge
118

Knowledge of software development models (e.g., Waterfall Model, Spiral Model).

Knowledge
119

Knowledge of software engineering.

Knowledge
124

Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.

Knowledge
129

Knowledge of system life cycle management principles, including software security and usability.

Knowledge
130

Knowledge of systems testing and evaluation methods.

Knowledge
144

Knowledge of the systems engineering process.

Knowledge
191

Skill in developing and applying security system access controls.

Skill
500A

Design hardware, operating systems, and software applications to adequately address requirements.

Task
530A

Develop detailed design documentation for component and interface specifications to support system design and development.

Task
659A

Implement designs for new or existing system(s).

Task
999B

Collaborate on cybersecurity designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations, high integrity and availability requirements, multilevel security/processing of multiple classification levels, and processing Sensitive Compartmented Information).

Task
1000A

Ensure design and development activities are properly documented (providing a functional description of implementation) and updated as necessary.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
3642

Knowledge of various types of computer architectures.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
8A

Knowledge of access authentication methods.

Knowledge
21

Knowledge of computer algorithms.

Knowledge
25

Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).

Knowledge
27A

Knowledge of cryptology.

Knowledge
34

Knowledge of database systems.

Knowledge
42

Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware.

Knowledge
43A

Knowledge of embedded systems.

Knowledge
46

Knowledge of fault tolerance.

Knowledge
51

Knowledge of how system components are installed, integrated, and optimized.

Knowledge
52

Knowledge of human-computer interaction principles.

Knowledge
65A

Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
75

Knowledge of mathematics, including logarithms, trigonometry, linear algebra, calculus, and statistics.

Knowledge
78

Knowledge of microprocessors.

Knowledge
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
82A

Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs.

Knowledge
90

Knowledge of operating systems.

Knowledge
92

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
94

Knowledge of parallel and distributed computing concepts.

Knowledge
98

Knowledge of policy-based and risk adaptive access controls.

Knowledge
100

Knowledge of Privacy Impact Assessments.

Knowledge
101

Knowledge of process engineering concepts.

Knowledge
110A

Knowledge of security management.

Knowledge
121

Knowledge of structured analysis principles and methods.

Knowledge
126

Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.

Knowledge
133

Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers).

Knowledge
173

Skill in creating policies that reflect system security objectives.

Skill
173A

Skill in integrating and applying policies that meet system security objectives.

Skill
173B

Skill in creating policies that enable systems to meet performance objectives (e.g. traffic routing, SLA’s, CPU specifications).

Skill
177A

Knowledge of countermeasure design for identified security risks.

Knowledge
177

Skill in designing countermeasures to identified security risks.

Skill
179

Skill in designing security controls based on cybersecurity principles and tenets.

Skill
180

Skill in designing the integration of hardware and software solutions.

Skill
181A

Skill in detecting host and network based intrusions via intrusion detection technologies.

Skill
197

Skill in discerning the protection needs (i.e., security controls) of information systems and networks.

Skill
199

Skill in evaluating the adequacy of security designs.

Skill
224A

Skill in the use of design modeling (e.g., unified modeling language).

Skill
238A

Skill in writing code in a currently supported programming language (e.g., Java, C++).

Skill
416

Analyze design constraints, analyze trade-offs and detailed system and security design, and consider lifecycle support.

Task
431

Build, test, and modify product prototypes using working models or theoretical models.

Task
494

Design and develop cybersecurity or cybersecurity-enabled products.

Task
501

Design or integrate appropriate data backup capabilities into overall system designs, and ensure appropriate technical and procedural processes exist for secure system backups and protected storage of backup data.

Task
503A

Design to security requirements to ensure requirements are met for all systems and/or applications.

Task
516

Develop and direct system testing and validation procedures and documentation.

Task
527

Develop architectures or system components consistent with technical specifications.

Task
531

Develop Disaster Recovery and Continuity of Operations plans for systems under development and ensure testing prior to systems entering a production environment.

Task
542A

Develop mitigation strategies to address cost, schedule, performance, and security risks.

Task
626A

Identify components or elements, allocate comprehensive functional components to include security functions, and describe the relationships between the elements.

Task
630

Identify and direct the remediation of technical problems encountered during testing and implementation of new systems (e.g., identify and find work-arounds for communication protocols that are not interoperable).

Task
632

Identify and prioritize essential system functions or sub-systems required to support essential capabilities or business functions for restoration or recovery after a system failure or during a system recovery event based on overall system requirements for continuity and availability.

Task
648

Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system and ensure recommended products are in compliance with organization’s evaluation and validation requirements.

Task
766A

Perform security reviews and identify security gaps in architecture.

Task
770

Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

Task
803

Provide guidelines for implementing developed systems to customers or installation teams.

Task
808B

Provide input to implementation plans, standard operating procedures, maintenance documentation, and maintenance training materials

Task
809

Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

Task
850

Store, retrieve, and manipulate data for analysis of system capabilities and requirements.

Task
856A

Provide support to test and evaluation activities.

Task
860A

Trace system requirements to design components and perform gap analysis.

Task
874

Utilize models and simulations to analyze or predict system performance under different operating conditions.

Task
877A

Verify stability, interoperability, portability, and/or scalability of system architecture.

Task
904

Knowledge of interpreted and compiled computer languages.

Knowledge
998A

Analyze user needs and requirements to plan and conduct system development.

Task
999A

Develop designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations.

Task
1002

Skill in conducting audits or reviews of technical systems.

Skill
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1037

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1073

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Knowledge
1073A

Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Skill
1133

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1142

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Knowledge
1152

Implement and integrate system development life cycle (SDLC) methodologies (e.g., IBM Rational Unified Process) into development environment.

Task
2354

Employ configuration management processes.

Task
3153

Knowledge of circuit analysis.

Knowledge
3307

Knowledge of cybersecurity-enabled software products.

Knowledge
3687

Skill in applying security controls.

Skill
5110

Conduct a market analysis to identify, assess, and recommend commercial, GOTS, and open source products for use within a system and ensure recommended products are in compliance with organization’s evaluation and validation requirements.

Task
5190

Design and develop system administration and management functionality for privileged access users.

Task
5200

Design, implement, test, and evaluate secure interfaces between information systems, physical systems, and/or embedded technologies.

Task
5400

Incorporates risk-driven systems maintenance updates process to address system deficiencies (periodically and out of cycle).

Task
Systems Requirements Planner Work Role ID: 641 (NIST: SP-RP-001) Category/Specialty Area: Securely Provision / Systems Requirements Planning Workforce Element: IT (Cyberspace)

Consults with customers to evaluate functional requirements and translate functional requirements into technical solutions.

Core KSATs

KSAT ID Description KSAT
9

Knowledge of applicable business processes and operations of customer organizations.

Knowledge
16

Knowledge of capabilities and requirements analysis.

Knowledge
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
63

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
64

Knowledge of information security systems engineering principles.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
129

Knowledge of system life cycle management principles, including software security and usability.

Knowledge
143

Knowledge of the organization’s enterprise information technology (IT) goals and objectives.

Knowledge
162

Skill in conducting capabilities and requirements analysis.

Skill
458

Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications.

Task
466

Consult with customers to evaluate functional requirements.

Task
487

Define project scope and objectives based on customer requirements.

Task
863

Translate functional requirements into technical solutions.

Task
911A

Ability to interpret and translate customer requirements into operational capabilities.

Ability
1144

Develop and document User Experience (UX) requirements including information architecture and user interface requirements.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
25

Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).

Knowledge
27

Knowledge of cryptography and cryptographic key management concepts.

Knowledge
46

Knowledge of fault tolerance.

Knowledge
51

Knowledge of how system components are installed, integrated, and optimized.

Knowledge
55

Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.

Knowledge
62

Knowledge of industry-standard and organizationally accepted analysis principles and methods.

Knowledge
65A

Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).

Knowledge
68

Knowledge of information technology (IT) architectural concepts and frameworks.

Knowledge
78

Knowledge of microprocessors.

Knowledge
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
82A

Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs.

Knowledge
88

Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

Knowledge
90

Knowledge of operating systems.

Knowledge
92

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
94

Knowledge of parallel and distributed computing concepts.

Knowledge
100

Knowledge of Privacy Impact Assessments.

Knowledge
101

Knowledge of process engineering concepts.

Knowledge
109

Knowledge of secure configuration management techniques.

Knowledge
110

Knowledge of key concepts in security management (e.g., Release Management, Patch Management).

Knowledge
124

Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.

Knowledge
126

Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.

Knowledge
130

Knowledge of systems testing and evaluation methods.

Knowledge
133

Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers).

Knowledge
144

Knowledge of the systems engineering process.

Knowledge
155

Skill in applying and incorporating information technologies into proposed solutions.

Skill
156

Skill in applying confidentiality, integrity, and availability principles.

Skill
158

Skill in applying organization-specific systems analysis principles and techniques.

Skill
224

Skill in design modeling and building use cases (e.g., unified modeling language).

Skill
476

Coordinate with systems architects and developers, as needed, to provide oversight in the development of design solutions.

Task
511B

Define baseline security requirements in accordance with applicable guidelines.

Task
517

Develop and document requirements, capabilities, and constraints for design procedures and processes.

Task
528A

Develop cost estimates for new or modified system(s).

Task
669

Integrate and align information security and/or cybersecurity policies to ensure system analysis meets security requirements.

Task
700A

Manage the information technology (IT) planning process to ensure that developed solutions meet customer requirements.

Task
726

Oversee and make recommendations regarding configuration management.

Task
760

Perform needs analysis to determine opportunities for new and improved business process solutions.

Task
789

Prepare use cases to justify the need for specific information technology (IT) solutions.

Task
1002A

Skill in conducting reviews of systems.

Skill
1003

Develop and document supply chain risks for critical system elements, as appropriate.

Task
1004

Knowledge of critical information technology (IT) procurement requirements.

Knowledge
1005

Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).

Knowledge
1036

Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed.

Knowledge
1037

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge
1038

Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.

Knowledge
1040A

Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure.

Knowledge
1073

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Knowledge
1133

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
2214

Design and document quality standards.

Task
2343

Document a system’s purpose and preliminary system security concept of operations.

Task
2692

Ensure that all systems components can be integrated and aligned (e.g., procedures, databases, policies, software, and hardware).

Task
Technical Support Specialist Work Role ID: 411 (NIST: OM-TS-001) Category/Specialty Area: Operate & Maintain / Customer Service and Technical Support Workforce Element: IT (Cyberspace)

Provides technical support to customers who need assistance utilizing client level hardware and software in accordance with established or approved organizational process components. (i.e., Master Incident Management Plan, when applicable).

Core KSATs

KSAT ID Description KSAT
7A

Knowledge of successful capabilities to identify the solutions to less common and more complex system problems.

Knowledge
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
33A

Knowledge of procedures used for documenting and querying reported incidents, problems, and events.

Knowledge
76

Knowledge of measures or indicators of system performance and availability.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
127

Knowledge of systems administration concepts.

Knowledge
142A

Knowledge of the operations and processes for incident, problem, and event management.

Knowledge
145A

Knowledge of IT system operation, maintenance, and security needed to keep equipment functioning properly.

Knowledge
165A

Skill in conducting research for troubleshooting novel client-level problems.

Skill
204

Skill in identifying possible causes of degradation of system performance or availability and initiating actions needed to mitigate this degradation.

Skill
221A

Skill in configuring and validating network workstations and peripherals in accordance with approved standards and/or specifications.

Skill
222B

Knowledge of the basic operation of computers.

Knowledge
235

Skill in using the appropriate tools for repairing software, hardware, and peripheral equipment of a system.

Skill
264A

Knowledge of basic physical computer components and architectures.

Knowledge
281

Knowledge of electronic devices (e.g., computer systems/components, access control devices, digital cameras, electronic organizers, hard drives, memory cards, modems, network components, printers, removable storage devices, scanners, telephones, copiers, credit card skimmers, facsimile machines, global positioning systems [GPSs]).

Knowledge
554A

Diagnose and resolve customer reported system incidents, problems, and events.

Task
665A

Install and configure hardware, software, and peripheral equipment for system users in accordance with organizational standards.

Task
695A

Administer accounts, network rights, and access to systems and equipment.

Task
714A

Monitor and report client-level computer system performance.

Task
866

Troubleshoot system hardware and software.

Task
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6010

Ability to accurately define incidents, problems, and events in the trouble ticketing system.

Ability
6310

Knowledge of industry best practices for service desk.

Knowledge
6350

Knowledge of organizational security policies.

Knowledge
6400

Knowledge of remote access processes, tools, and capabilities related to customer support.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
639A

Make recommendations based on trend analysis for enhancements to software and hardware solutions to enhance customer experience.

Task
698A

Perform asset management/inventory of information technology (IT) resources.

Task
830A

Develop a trend analysis and impact report.

Task
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
2016

Analyze incident data for emerging trends.

Task
2253

Develop and deliver technical training to educate others or meet customer needs.

Task
2549

Maintain incident tracking and solution database.

Task
6110

Ability to develop, update, and/or maintain standard operating procedures (SOPs).

Ability