CAREER PATHWAY Developed By:

SYSTEMS SECURITY The Interagency

Federal Cyber Career
ANALYST (461) Pathways Working
Group

CLEARED
For Open Publication
Dec 21, 2020

Department of Defense
OFFICE OF PREPUBLICATION AND SECURITY REVIEW

Endorsed By:

November 2020

1
Table of Contents
CAREER PATHWAY SYSTEMS SECURITY ANALYST (461) ....................................................................... 1
1 461-SYSTEMS SECURITY ANALYST .......................................................................................................... 3
1.1 Work Role Overview ............................................................................................................................................... 3
1.2 Core Tasks.................................................................................................................................................................... 6
1.3 Core Knowledge, Skills, and Abilities ............................................................................................................... 8
1.4 Core Competencies................................................................................................................................................ 12
1.5 Suggested Qualifications / Capability Indicators ..................................................................................... 15
2 APPENDIX: 461-SYSTEMS SECURITY ANALYST TASK ANALYSIS AND KSA MAPPING ..........16
2.1 Key to Reading the Task Analysis and KSA Mapping .............................................................................. 16
2.2 461-Systems Security Analyst Task Analysis and KSA Mapping ....................................................... 17

2
 1 461-SYSTEMS SECURITY ANALYST

1.1 WORK ROLE OVERVIEW

The table below provides an overview of various role-specific elements related to 461-Systems Security
Analyst.
Table 1. 461-Systems Security Analyst Work Role Overview

NICE Role Responsible for the analysis and development of the integration, testing, operations, and
Description maintenance of systems security.

Personnel performing the 461-Systems Security Analyst work role are most commonly aligned to
the following Occupational Series (Top 5 shown):

OPM
- 2210-Information Technology – 79%
Occupational - 0080-Security Administration – 6%
Series - 1550-Computer Science – 4%
- 0343-Management and Program Analysis – 3%
- 0854-Computer Engineering – 2%

Personnel performing the 461-Systems Security Analyst work role are most commonly paired
with the following complimentary Work Roles (Top 5 shown):

Work Role - 541-Vulnerability Assessment Analyst – 14%

- 451-System Administrator – 11%
Pairings
- 411-Technical Support Specialist – 11%
- 722-Information Systems Security Manager – 9%
- 612-Security Control Assessor – 8%

Personnel performing the 461-Systems Security Analyst work role may unofficially or
alternatively be called:

- Information Assurance Specialist

- Information Assurance Operational Engineer
- Information Systems Security Analyst / Specialist
Functional Titles - Network Security Vulnerability Technician (NSVT)
- Information Security Analyst / Administrator
- Security Analyst
- Systems Analyst
- Systems Security Specialist
- Systems Compliance Analyst
- Cybersecurity Analyst

3
 Personnel performing the 461-Systems Security Analyst work role are most commonly found
within the following grades on the General Schedule*.

- ☐ GS-4 – redacted**
- ☐ GS-5 – redacted**
- ☐ GS-7 – redacted**
- ☒ GS-9 – 3%
Distribution of
- ☐ GS-10 – redacted**
GS-Levels - ☒ GS-11 – 8%
- ☒ GS-12 – 23%
- ☒ GS-13 – 30%
- ☒ GS-14 – 13%
- ☒ GS-15 – 3%

*21% of all 461s are in non-GS pay plans and excluded from this section
**Percentages less than 3% have been redacted
The following work roles are examples of possible roles an individual may perform prior to
transitioning into the 461-Systems Security Analyst work role:

- 422-Data Analyst
On Ramps - 441-Network Operations Specialist
- 451-System Administrator
- 612-Security Control Assessor
- 621-Software Developer
- 671-System Testing and Evaluation Specialist

The following work roles are examples of common transitions an individual may pursue after having
performed the 461-Systems Security Analyst work role. This is not an exhaustive list, nor does it consider
learning and development opportunities an individual may pursue to prepare themselves for performing
alternate work roles:

- 511-Cyber Defense Analyst

- 521-Cyber Defense Infrastructure Support Specialist
- 531-Cyber Defense Incident Responder
- 541-Vulnerability Assessment Analyst
Off Ramps - 612-Security Control Assessor
- 722-Information Systems Security Manager

*Note: Leveraging the knowledge, skills, abilities, and tasks of the 461-Systems Security Analyst
work role, individuals may prepare themselves to transition into one or more of the following
cross-functional work roles:

- 711- Cyber Instructional Curriculum Developer

- 712-Cyber Instructor
- 751-Cyber Workforce Developer and Manager
- 752-Cyber Policy and Strategy Planner
4
- 802-IT Project Manager
- 803-Product Support Manager

5
1.2 CORE TASKS
The table below provides a list of tasks that represent the Core, or baseline, expectations for
performance in the 461-Systems Security Analyst work role, as well as additional tasks that those in this
role may be expected to perform.
Table 2. 461-Systems Security Analyst Core Tasks

Core or
Task ID Task Description
Additional
T0469 Analyze and report organizational security posture trends. Core
T0470 Analyze and report system security posture trends. Core
T0016 Apply security policies to meet security objectives of the system. Core
Assess adequate access controls based on principles of least privilege and need-to-
T0475 Core
know.
Assess all the configuration management (change configuration/release
T0344 Core
management) processes.
T0309 Assess the effectiveness of security controls. Core
Develop procedures and test fail-over for system operations transfer to an alternate
T0462 Core
site based on system availability requirements.
Ensure all systems security operations and maintenance activities are properly
T0085 Core
documented and updated as necessary.
Ensure cybersecurity-enabled products or other compensating security control
T0088 Core
technologies reduce identified risk to an acceptable level.
Implement security measures to resolve vulnerabilities, mitigate risks and
T0485 Core
recommend security changes to system or system components as needed.
Implement system security measures in accordance with established procedures to
T0489 Core
ensure confidentiality, integrity, availability, authentication, and non-repudiation.
Mitigate/correct security deficiencies identified during security/certification testing
T0499 and/or recommend risk acceptance for the appropriate senior leader or authorized Core
representative.
Plan and recommend modifications or adjustments based on exercise results or
T0187 Core
system environment.
Properly document all systems security implementation, operations and
T0194 Core
maintenance activities and update as necessary.
Provides cybersecurity recommendations to leadership based on significant threats
T0526 Core
and vulnerabilities.
Verify and update security documentation reflecting the application/system security
T0243 Core
design features.
T0508 Verify minimum security requirements are in place for all applications. Core
Apply security policies to applications that interface with one another, such as
T0015 Additional
Business-to-Business (B2B) applications.
Apply service oriented security architecture principles to meet organization's
T0017 Additional
confidentiality, integrity, and availability requirements.
Assess and monitor cybersecurity related to system implementation and testing
T0504 Additional
practices.

6
 Core or
Task ID Task Description
Additional
Ensure application of security patches for commercial products integrated into
T0086 system design meet the timelines dictated by the management authority for the Additional
intended operational environment.
T0477 Ensure the execution of disaster recovery and continuity of operations. Additional
Ensure the integration and implementation of Cross-Domain Solutions (CDS) in a
T0492 Additional
secure environment.
T0123 Implement specific cybersecurity countermeasures for systems and/or applications. Additional
Integrate automated capabilities for updating or patching system software where
practical and develop processes and procedures for manual updating and patching
T0128 Additional
of system software based on current and projected patch timeline requirements for
the operational environment of the system.
T0169 Perform cybersecurity testing of developed applications and/or systems. Additional
Perform security reviews, identify gaps in security architecture, and develop a
T0177 Additional
security risk management plan.
Provide advice and input for Disaster Recovery, Contingency, and Continuity of
T0548 Additional
Operations Plans.
T0202 Provide cybersecurity guidance to leadership. Additional
Provide input to the Risk Management Framework process activities and related
T0205 documentation (e.g., system life-cycle support plans, concept of operations, Additional
operational procedures, and maintenance training materials).
Work with stakeholders to resolve computer security incidents and vulnerability
T0545 Additional
compliance.

7
 1.3 CORE KNOWLEDGE, SKILLS, AND ABILITIES
The table below provides a ranking of KSAs that represent the Core, or baseline, expectations for
performance in the 461-Systems Security Analyst work role, as well as additional KSAs that those in this
role may be expected to demonstrate.
Table 3. 461-Systems Security Analyst Core Knowledge, Skills, and Abilities

KSA Importance to
Description Competency
ID Work Role

Foundational
Information
K0004 Knowledge of cybersecurity and privacy principles. to All Work
Systems/Network Security
Roles

Foundational
Knowledge of computer networking concepts and protocols, and network
K0001 Infrastructure Design to All Work
security methodologies.
Roles

Foundational
Knowledge of laws, regulations, policies, and ethics as they relate to Legal, Government, and
K0003 to All Work
cybersecurity and privacy. Jurisprudence
Roles

Foundational
Knowledge of risk management processes (e.g., methods for assessing and
K0002 Risk Management to All Work
mitigating risk).
Roles

Foundational
K0005 Knowledge of cyber threats and vulnerabilities. Vulnerabilities Assessment to All Work
Roles

Foundational
K0006 Knowledge of specific operational impacts of cybersecurity lapses. Vulnerabilities Assessment to All Work
Roles

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147 Core
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense

Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260 Core
standards. Protection

Data Privacy and

K0262 Knowledge of Personal Health Information (PHI) data security standards. Core
Protection

K0018 Knowledge of encryption algorithms. Encryption Core

Knowledge of network access, identity, and access management (e.g.,

K0056 Identity Management Core
public key infrastructure, Oauth, OpenID, SAML, SPML).

S0031 Skill in developing and applying security system access controls. Identity Management Core

8
KSA Importance to
Description Competency
ID Work Role

Knowledge of cybersecurity and privacy principles and organizational

K0044 requirements (relevant to confidentiality, integrity, availability, Information Assurance Core
authentication, non-repudiation).

Knowledge of an organization's information classification program and

K0287 Information Management Core
procedures for information compromise.

Knowledge of information technology (IT) security principles and methods Information

K0049 Core
(e.g., firewalls, demilitarized zones, encryption). Systems/Network Security

Information
K0075 Knowledge of security system design tools, methods, and techniques. Core
Systems/Network Security

Information
K0276 Knowledge of security management. Core
Systems/Network Security

Skill in determining how a security system should work (including its

Information Technology
S0027 resilience and dependability capabilities) and how changes in conditions, Core
Assessment
operations, or the environment will affect these outcomes.

Knowledge of how traffic flows across the network (e.g., Transmission

Control Protocol [TCP] and Internet Protocol [IP], Open System
K0061 Infrastructure Design Core
Interconnection Model [OSI], Information Technology Infrastructure
Library, current version [ITIL]).

K0322 Knowledge of embedded systems. Infrastructure Design Core

Knowledge of network design processes, to include understanding of

K0333 Infrastructure Design Core
security objectives, operational objectives, and trade-offs.

Knowledge of laws, policies, procedures, or governance relevant to Legal, Government, and

K0267 Core
cybersecurity for critical infrastructures. Jurisprudence

K0060 Knowledge of operating systems. Operating Systems Core

Knowledge of information technology (IT) risk management policies,

K0263 Risk Management Core
requirements, and procedures.

K0082 Knowledge of software engineering. Software Development Core

K0227 Knowledge of various types of computer architectures. System Administration Core

K0275 Knowledge of configuration management techniques. System Administration Core

Knowledge of installation, integration, and optimization of system

K0035 Systems Integration Core
components.

9
 KSA Importance to
Description Competency
ID Work Role

S0024 Skill in designing the integration of hardware and software solutions. Systems Integration Core

Systems Testing and

K0290 Knowledge of systems security testing and evaluation methods. Core
Evaluation

Knowledge of telecommunications concepts (e.g., Communications

K0093 Telecommunications Core
channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).

K0339 Knowledge of how to use network analysis tools to identify vulnerabilities. Vulnerabilities Assessment Core

S0036 Skill in evaluating the adequacy of security designs. Vulnerabilities Assessment Core

S0141 Skill in assessing security systems designs. Vulnerabilities Assessment Core

Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability

S0167 Vulnerabilities Assessment Core
and compliance scanning).

Skill in writing code in a currently supported programming language (e.g.,

S0060 Computer Languages Additional
Java, C++).

Data Privacy and

K0261 Knowledge of Payment Card Industry (PCI) data security standards. Additional
Protection

Database Management
K0024 Knowledge of database systems. Additional
Systems

K0019 Knowledge of cryptography and cryptographic key management concepts Encryption Additional

Knowledge of implementing enterprise key escrow systems to support

K0285 Encryption Additional
data-at-rest encryption.

K0063 Knowledge of parallel and distributed computing concepts. Enterprise Architecture Additional

Knowledge of service management concepts for networks and related

K0200 standards (e.g., Information Technology Infrastructure Library, current Enterprise Architecture Additional
version [ITIL]).

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity

K0203 Information Assurance Additional
model, Clark-Wilson integrity model).

Skill to apply cybersecurity and privacy principles to organizational

S0367 requirements (relevant to confidentiality, integrity, availability, Information Assurance Additional
authentication, non-repudiation).

Ability to apply cybersecurity and privacy principles to organizational

A0123 requirements (relevant to confidentiality, integrity, availability, Information Assurance Additional
authentication, non-repudiation).

10
KSA Importance to
Description Competency
ID Work Role

Knowledge of network security architecture concepts including topology,

Information
K0179 protocols, components, and principles (e.g., application of defense-in- Additional
Systems/Network Security
depth).

K0015 Knowledge of computer algorithms. Mathematical Reasoning Additional

Knowledge of mathematics (e.g. logarithms, trigonometry, linear algebra,

K0052 Mathematical Reasoning Additional
calculus, statistics, and operational analysis).

Knowledge of network systems management principles, models, methods

K0180 Network Management Additional
(e.g., end-to-end systems performance monitoring), and tools.

K0281 Knowledge of information technology (IT) service catalogues. Operations Support Additional

Knowledge of developing and applying user credential management

K0284 System Administration Additional
system.

K0036 Knowledge of human-computer interaction principles. Systems Integration Additional

K0102 Knowledge of the systems engineering process. Systems Integration Additional

Third Party
Knowledge of how to evaluate the trustworthiness of the supplier and/or
K0266 Oversight/Acquisition Additional
product.
Management

K0297 Knowledge of countermeasure design for identified security risks. Threat Analysis Additional

Knowledge of vulnerability information dissemination sources (e.g., alerts,

K0040 Vulnerabilities Assessment Additional
advisories, errata, and bulletins).

Ability to conduct vulnerability scans and recognize vulnerabilities in

A0015 Vulnerabilities Assessment Additional
security systems.

11
 1.4 CORE COMPETENCIES
The table below is a compilation of competencies aligned to the 461-Systems Security Analyst work role,
and their associated importance. Listed competencies are collections of three or more similar
Knowledge, Skills, or Abilities aligned to the Work Role. These competencies originate from the NICE
Framework Competency Pivot Tool.
Table 4. 461-Systems Security Analyst Core Competencies

Technical Com Importanc

Definition Work Role Related KSAs
Competency p ID e
Data Privacy C014 KSAs that relate to - Knowledge of Personally Identifiable
and Protection computer network, Information (PII) data security standards. Core
desktop, and mainframe - Knowledge of Personal Health Information (PHI)
operating systems and data security standards.
their applications. - Knowledge of Payment Card Industry (PCI) data
security standards.
Encryption C017 KSAs that relate to the - Knowledge of encryption algorithms Core
operation, management, - Knowledge of cryptography and cryptographic
and maintenance of key management concepts
network and - Knowledge of implementing enterprise key
telecommunication escrow systems to support data-at-rest
systems and linked systems encryption.
and peripherals.

Information C022 KSAs that relate to the - Knowledge of cybersecurity and privacy Core
Assurance methods and procedures principles and organizational requirements
that protect information (relevant to confidentiality, integrity, availability,
systems and data by authentication, non-repudiation).
ensuring their availability, - Knowledge of security models (e.g., Bell-
authentication, LaPadula model, Biba integrity model, Clark-
confidentiality, and Wilson integrity model).
integrity. - Skill to apply cybersecurity and privacy principles
to organizational requirements (relevant to
confidentiality, integrity, availability,
authentication, non-repudiation).
- Ability to apply cybersecurity and privacy
principles to organizational requirements
(relevant to confidentiality, integrity, availability,
authentication, non-repudiation).

12
Technical Com Importanc
Definition Work Role Related KSAs
Competency p ID e
Information C024 KSAs that relate to the - Knowledge of cybersecurity and privacy Core
Systems / methods, tools, and principles.
Network procedures, including - Knowledge of information technology (IT)
Security development of security principles and methods (e.g., firewalls,
information security plans demilitarized zones, encryption).
to prevent information - Knowledge of security system design tools,
methods, and techniques.
systems vulnerabilities and
- Knowledge of security management.
to provide or restore
- Knowledge of network security architecture
security of information
concepts including topology, protocols,
systems and network
components, and principles (e.g., application of
services.
defense-in-depth).
This area contains KSAs
- Knowledge of installation, integration, and
that relate to the
optimization of system components.
principles, methods, and - Skill in designing the integration of hardware
Systems
C049 procedures for installing, and software solutions. Core
Integration
integrating, and optimizing - Knowledge of human-computer interaction
information systems principles.
components. - Knowledge of the systems engineering process.

Vulnerabilities C057 KSAs that relate to the - Knowledge of cyber threats and vulnerabilities. Core
Assessment principles, methods, and - Knowledge of specific operational impacts of
tools for assessing cybersecurity lapses.
vulnerabilities and - Knowledge of how to use network analysis tools
developing or to identify vulnerabilities.
recommending appropriate - Skill in evaluating the adequacy of security
designs.
mitigation
- Skill in assessing security systems designs.
countermeasures.
- Skill in recognizing vulnerabilities in security
systems. (e.g., vulnerability and compliance
scanning).
- Knowledge of vulnerability information
dissemination sources (e.g., alerts, advisories,
errata, and bulletins).
- Ability to conduct vulnerability scans and
recognize vulnerabilities in security systems.

13
Technical Com Importanc
Definition Work Role Related KSAs
Competency p ID e
Infrastructure C026 KSAs that relate to the - Knowledge of computer networking concepts Additional
Design architecture and typology and protocols, and network security
of software, hardware, and methodologies.
networks, including LANS, - Knowledge of how traffic flows across the
WANS, and network (e.g., Transmission Control Protocol
telecommunications [TCP] and Internet Protocol [IP], Open System
Interconnection Model [OSI], Information
systems, their components
Technology Infrastructure Library, current
and associated protocols
version [ITIL]).
and standards, and how - Knowledge of embedded systems.
they operate and integrate - Knowledge of network design processes, to
with one another and with include understanding of security objectives,
associated controlling operational objectives, and trade-offs.
software.

This area contains KSAs - Knowledge of various types of computer

that relate to the upkeep, architectures.
System - Knowledge of configuration management
C048 configuration, and reliable Additional
Administration techniques.
operation of computer
systems. - Knowledge of developing and applying user
credential management system.

14
1.5 SUGGESTED QUALIFICATIONS / CAPABILITY INDICATORS
Table 5. 461-Systems Security Analyst Suggested Qualifications / Capability Indicators

For indicators of capability for the 461-Systems Security Analyst work role, please see Draft NISTR 8193 -
National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators.

Section to be populated with updated DoD-8140 Qualification Matrix for 461-Systems Security Analyst.

15
 2 APPENDIX: 461-SYSTEMS SECURITY ANALYST TASK
ANALYSIS AND KSA MAPPING

2.1 KEY TO READING THE TASK ANALYSIS AND KSA MAPPING

Table 6. Key to Reading the Task Analysis and KSA Mapping

Proficiency Task Statement Importance

Overall Importance to Work
As Written Task as written within the NICE Cybersecurity Workforce Framework (NICE Framework).
Role
Entry Example behavioral indicator / task permutation for performing this task at an Entry skills proficiency level.
Intermediate Example behavioral indicator / task permutation for performing this task at an Intermediate skills proficiency level.
Advanced Example behavioral indicator / task permutation for performing this task at an Advanced skills proficiency level.

Table 7. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Competency mapped to the
ID of K, S, or A Knowledge, Skill or Ability needed to perform the task as written within the NICE Framework
individual K, S, or A.

16
2.2 461-SYSTEMS SECURITY ANALYST TASK ANALYSIS AND KSA MAPPING

Table 8. T0469 Task Analysis

Proficiency Task Statement Importance

As Written
within Analyze and report organizational security posture trends. Core
Framework
Entry Understand baseline organizational security posture.
Intermediate Analyze and report organizational security posture trends.
Review, approve, and report organizational security posture trends, to include recommended
Advanced
corrective actions when necessary.

Table 9. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense

Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Database
K0024 Knowledge of database systems. Management
Systems

K0018 Knowledge of encryption algorithms Encryption

Knowledge of cryptography and cryptographic key management

K0019 Encryption
concepts

Identity
S0031 Skill in developing and applying security system access controls.
Management
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Skill to apply cybersecurity and privacy principles to organizational
Information
S0367 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to organizational
Information
A0123 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Knowledge of an organization's information classification program and Information
K0287
procedures for information compromise. Management

17
 KSA ID Description Competency
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Information
K0075 Knowledge of security system design tools, methods, and techniques. Systems/Network
Security
Information
K0276 Knowledge of security management. Systems/Network
Security
Knowledge of how traffic flows across the network (e.g., Transmission
Control Protocol [TCP] and Internet Protocol [IP], Open System Infrastructure
K0061
Interconnection Model [OSI], Information Technology Infrastructure Design
Library, current version [ITIL]).
Knowledge of laws, policies, procedures, or governance relevant to Legal, Government,
K0267
cybersecurity for critical infrastructures. and Jurisprudence

Knowledge of information technology (IT) risk management policies,

K0263 Risk Management
requirements, and procedures.

Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment

Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities

K0040
alerts, advisories, errata, and bulletins). Assessment

18
 Table 10. T0470 Task Analysis

Proficiency Task Statement Importance

As Written
within Analyze and report system security posture trends. Core
Framework
Entry Understand, track, and report deviations from baseline organizational system security posture.
Intermediate Analyze and report system security posture trends.
Review, approve, and report system security posture trends, to include recommended
Advanced
corrective actions when necessary.

Table 11. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Database
K0024 Knowledge of database systems. Management
Systems
Knowledge of network access, identity, and access management (e.g., Identity
K0056
public key infrastructure, Oauth, OpenID, SAML, SPML). Management
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Knowledge of laws, policies, procedures, or governance relevant to Legal, Government,
K0267
cybersecurity for critical infrastructures. and Jurisprudence
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment
Vulnerabilities
S0141 Skill in assessing security systems designs.
Assessment
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability Vulnerabilities
S0167
and compliance scanning). Assessment
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

19
 Table 12. T0016 Task Analysis

Proficiency Task Statement Importance

As Written
within Apply security policies to meet security objectives of the system. Core
Framework
Entry Understand and apply organizational and system-specific security policies.

Intermediate Apply, [manage, and implement] security policies to meet security objectives of the system.
Approve and oversee the application of security policies to meet security objectives of the
Advanced
system.

Table 13. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Knowledge of Personal Health Information (PHI) data security Data Privacy and
K0262
standards. Protection
Database
K0024 Knowledge of database systems. Management
Systems
K0018 Knowledge of encryption algorithms Encryption
Knowledge of implementing enterprise key escrow systems to support
K0285 Encryption
data-at-rest encryption.
Identity
S0031 Skill in developing and applying security system access controls.
Management
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Skill to apply cybersecurity and privacy principles to organizational
Information
S0367 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to organizational
Information
A0123 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

20
 Table 14. T0475 Task Analysis

Proficiency Task Statement Importance

As Written
Assess adequate access controls based on principles of least privilege
within Core
and need-to-know.
Framework
Entry Support assessment of access controls based on principles of least privilege and need-to-know.

Intermediate Assess adequate access controls based on principles of least privilege and need-to-know.
Review and approve the assessment of access controls based on principles of least privilege
Advanced
and need-to-know.

Table 15. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense

Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Database
K0024 Knowledge of database systems. Management
Systems
Knowledge of network access, identity, and access management (e.g., Identity
K0056
public key infrastructure, Oauth, OpenID, SAML, SPML). Management
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Skill to apply cybersecurity and privacy principles to organizational
Information
S0367 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to organizational
Information
A0123 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
System
K0275 Knowledge of configuration management techniques.
Administration

21
 Table 16. T0344 Task Analysis

Proficiency Task Statement Importance

As Written
Assess all the configuration management (change
within Core
configuration/release management) processes.
Framework
Support assessment of all the configuration management (change configuration/release
Entry
management) processes.
Assess all the configuration management (change configuration/release management)
Intermediate
processes.
Review and approve assessment of configuration management (change
Advanced
configuration/release management) processes.

Table 17. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity

Computer Network
S0147 principles and tenets. (e.g., CIS CSC, NIST SP 800-53,
Defense
Cybersecurity Framework, etc.).
Database Management
K0024
Knowledge of database systems. Systems
Knowledge of network access, identity, and access
K0056 management (e.g., public key infrastructure, Oauth, OpenID,
SAML, SPML). Identity Management
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to
A0123 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of an organization's information classification
K0287 Information Management
program and procedures for information compromise.
Knowledge of information technology (IT) risk management
K0263 Risk Management
policies, requirements, and procedures.
S0036 Skill in evaluating the adequacy of security designs. Vulnerabilities Assessment

22
 Table 18. T0309 Task Analysis

Proficiency Task Statement Importance

As Written
within Assess the effectiveness of security controls. Core
Framework
Entry Understand security controls and assist in assessing their effectiveness.
Intermediate Assess the effectiveness of security controls.
Lead, review, and/or approve the results of the assessment of the effectiveness of security
Advanced
controls, to include recommendations for corrective action when necessary.

Table 19. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Knowledge of Personal Health Information (PHI) data security Data Privacy and
K0262
standards. Protection
Knowledge of service management concepts for networks and related
Enterprise
K0200 standards (e.g., Information Technology Infrastructure Library, current
Architecture
version [ITIL]).
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability Vulnerabilities
S0167
and compliance scanning). Assessment
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

23
 Table 20. T0462 Task Analysis

Proficiency Task Statement Importance

As Written Develop procedures and test fail-over for system operations
within transfer to an alternate site based on system availability Core
Framework requirements.
Observe and support fail-over tests for system operations transfer to an alternate site based
Entry
on system availability requirements.
Review procedures and [assist in testing] fail-over for system operations transfer to an
Intermediate
alternate site based on system availability requirements.
Develop procedures and assist in testing fail-over for system operations transfer to an
Advanced
alternate site based on system availability requirements.

Table 21. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Database Management
K0024
Knowledge of database systems. Systems
K0018 Knowledge of encryption algorithms Encryption
Knowledge of cryptography and cryptographic key
K0019 Encryption
management concepts
S0031 Skill in developing and applying security system access controls. Identity Management
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles Information
K0049
and methods (e.g., firewalls, demilitarized zones, encryption). Systems/Network Security
Knowledge of network systems management principles,
K0180 models, methods (e.g., end-to-end systems performance
monitoring), and tools. Network Management
Knowledge of installation, integration, and optimization of
K0035 Systems Integration
system components.
Knowledge of information technology (IT) risk management
K0263 Risk Management
policies, requirements, and procedures.

24
 Table 22. T0085 Task Analysis

Proficiency Task Statement Importance

As Written
Ensure all systems security operations and maintenance activities are
within Core
properly documented and updated as necessary.
Framework
Entry Document and update security operations and maintenance activities.
Routinely validate the proper documentation and updating of all systems security operations
Intermediate
and maintenance activities.
Review, approve and/or report to senior leadership the status of systems security operations
Advanced
and maintenance activities.

Table 23. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Database
K0024 Knowledge of database systems. Management
Systems
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Knowledge of information technology (IT) risk management policies,
K0263 Risk Management
requirements, and procedures.
System
K0275 Knowledge of configuration management techniques.
Administration
Knowledge of installation, integration, and optimization of system
K0035 Systems Integration
components.
S0024 Skill in designing the integration of hardware and software solutions. Systems Integration
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment
Vulnerabilities
S0141 Skill in assessing security systems designs.
Assessment
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

25
 Table 24. T0088 Task Analysis

Proficiency Task Statement Importance

As Written
Ensure cybersecurity-enabled products or other compensating security
within Core
control technologies reduce identified risk to an acceptable level.
Framework
Work with others to ensure that cybersecurity-enabled products or other compensating
Entry
security control technologies reduce identified risk to an acceptable level.
Ensure cybersecurity-enabled products or other compensating security control technologies
Intermediate
reduce identified risk to an acceptable level.
Validate, approve, and/or report on effectiveness of cybersecurity-enabled products or other
Advanced
compensating security control technologies reducing identified risk to acceptable levels.

Table 25. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Database
K0024 Knowledge of database systems. Management
Systems
K0018 Knowledge of encryption algorithms Encryption
Knowledge of cryptography and cryptographic key management
K0019 Encryption
concepts
Knowledge of implementing enterprise key escrow systems to support
K0285 Encryption
data-at-rest encryption.
Identity
S0031 Skill in developing and applying security system access controls.
Management
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Knowledge of an organization's information classification program and Information
K0287
procedures for information compromise. Management
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment

26
 Table 26. T0485 Task Analysis

Proficiency Task Statement Importance

As Written Implement security measures to resolve vulnerabilities,
within mitigate risks and recommend security changes to system or Core
Framework system components as needed.
Entry Assist with implementing security measures to resolve vulnerabilities and mitigate risks.
Implement security measures to resolve vulnerabilities, mitigate risks and recommend
Intermediate
security changes to system or system components as needed.
Oversee the implementation of security measures to resolve vulnerabilities, mitigate risks,
Advanced
and recommend security changes to system or system components as needed.

Table 27. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity

Computer Network
S0147 principles and tenets. (e.g., CIS CSC, NIST SP 800-53,
Defense
Cybersecurity Framework, etc.).
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to
A0123 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles Information
K0049
and methods (e.g., firewalls, demilitarized zones, encryption). Systems/Network Security
Skill in designing the integration of hardware and software
S0024 solutions. Systems Integration
K0036 Knowledge of human-computer interaction principles. Systems Integration
Knowledge of systems security testing and evaluation Systems Testing and
K0290 methods. Evaluation
Knowledge of how to use network analysis tools to identify
K0339 vulnerabilities. Vulnerabilities Assessment
S0036 Skill in evaluating the adequacy of security designs. Vulnerabilities Assessment
Skill in recognizing vulnerabilities in security systems. (e.g.,
S0167 vulnerability and compliance scanning). Vulnerabilities Assessment
Knowledge of vulnerability information dissemination sources
K0040 (e.g., alerts, advisories, errata, and bulletins). Vulnerabilities Assessment

27
 Table 28. T0489 Task Analysis

Proficiency Task Statement Importance

As Written Implement system security measures in accordance with
within established procedures to ensure confidentiality, integrity, Core
Framework availability, authentication, and non-repudiation.
Assist with the implementation of system security measures in accordance with established
Entry procedures to ensure confidentiality, integrity, availability, authentication, and non-
repudiation.
Implement system security measures in accordance with established procedures to ensure
Intermediate
confidentiality, integrity, availability, authentication, and non-repudiation.
Oversee and make recommendations to senior leadership for system security enhancements in
Advanced accordance with established procedures to ensure confidentiality, integrity, availability,
authentication, and non-repudiation.

Table 29. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Knowledge of Personally Identifiable Information (PII) data Data Privacy and

K0260
security standards. Protection
Database Management
K0024
Knowledge of database systems. Systems
K0018 Knowledge of encryption algorithms Encryption
Knowledge of cryptography and cryptographic key management
K0019 Encryption
concepts
Knowledge of network access, identity, and access management
K0056
(e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). Identity Management
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to
A0123 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles Information
K0049
and methods (e.g., firewalls, demilitarized zones, encryption). Systems/Network Security
Information
K0276 Knowledge of security management.
Systems/Network Security
Knowledge of network security architecture concepts including
Information
K0179 topology, protocols, components, and principles (e.g.,
Systems/Network Security
application of defense-in-depth).

28
 Table 30. T0499 Task Analysis

Proficiency Task Statement Importance

As Written Mitigate/correct security deficiencies identified during
within security/certification testing and/or recommend risk acceptance for the Core
Framework appropriate senior leader or authorized representative.
Support mitigation/correction of security deficiencies identified during security/certification
Entry
testing.
Work with system subject matter expert to mitigate/correct security deficiencies identified
Intermediate
during security/certification testing.
Oversee the mitigation/correction of security deficiencies identified during
Advanced security/certification testing and/or recommend risk acceptance for the appropriate senior
leader or authorizing official.

Table 31. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Database
K0024 Knowledge of database systems. Management
Systems
Identity
S0031 Skill in developing and applying security system access controls.
Management
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Information
K0276 Knowledge of security management. Systems/Network
Security
Knowledge of network security architecture concepts including Information
K0179 topology, protocols, components, and principles (e.g., application of Systems/Network
defense-in-depth). Security
Knowledge of information technology (IT) risk management policies,
K0263 Risk Management
requirements, and procedures.
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability Vulnerabilities
S0167
and compliance scanning). Assessment
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

29
 Table 32. T0187 Task Analysis

Proficiency Task Statement Importance

As Written
Plan and recommend modifications or adjustments based on
within Core
exercise results or system environment.
Framework
Entry Document and provide initial analysis of exercise results or system environment.
Plan and recommend [system security] modifications (e.g., policies, procedures,
Intermediate
configurations, etc.) or adjustments based on exercise results or system environment.
Review, approve, and oversee implementation of recommended modifications or adjustments
Advanced
based on exercise results or system environment.

Table 33. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity

Computer Network
S0147 principles and tenets. (e.g., CIS CSC, NIST SP 800-53,
Defense
Cybersecurity Framework, etc.).
Database Management
K0024
Knowledge of database systems. Systems
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles Information
K0049
and methods (e.g., firewalls, demilitarized zones, encryption). Systems/Network Security
Skill in determining how a security system should work
(including its resilience and dependability capabilities) and how Information Technology
S0027
changes in conditions, operations, or the environment will Assessment
affect these outcomes.
Skill in designing the integration of hardware and software
S0024 solutions. Systems Integration
K0036 Knowledge of human-computer interaction principles. Systems Integration
Systems Testing and
K0290 Knowledge of systems security testing and evaluation methods. Evaluation
S0036 Skill in evaluating the adequacy of security designs. Vulnerabilities Assessment

30
 Table 34. T0194 Task Analysis

Proficiency Task Statement Importance

As Written Properly document all systems security implementation,
within operations and maintenance activities and update as Core
Framework necessary.
Properly document all systems security implementation, operations, and maintenance
Entry
activities and update as necessary.
Evaluate all systems security implementation, operations, and maintenance activities and
Intermediate
recommend updating as necessary.
Review and report on all systems security implementation, operations, and maintenance
Advanced
activities and necessary updates.

Table 35. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity

Computer Network
S0147 principles and tenets. (e.g., CIS CSC, NIST SP 800-53,
Defense
Cybersecurity Framework, etc.).
Knowledge of Personally Identifiable Information (PII) data Data Privacy and
K0260
security standards. Protection
Database Management
K0024
Knowledge of database systems. Systems
S0031 Skill in developing and applying security system access controls. Identity Management
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to
A0123 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of an organization's information classification
K0287 Information Management
program and procedures for information compromise.
Knowledge of information technology (IT) security principles Information
K0049
and methods (e.g., firewalls, demilitarized zones, encryption). Systems/Network Security
Information
K0276 Knowledge of security management.
Systems/Network Security
Skill in determining how a security system should work
(including its resilience and dependability capabilities) and how Information Technology
S0027
changes in conditions, operations, or the environment will Assessment
affect these outcomes.
K0036 Knowledge of human-computer interaction principles. Systems Integration
S0036 Skill in evaluating the adequacy of security designs. Vulnerabilities Assessment
Knowledge of vulnerability information dissemination sources
K0040 (e.g., alerts, advisories, errata, and bulletins). Vulnerabilities Assessment

31
 Table 36. T0526 Task Analysis

Proficiency Task Statement Importance

As Written
Provides cybersecurity recommendations to leadership based on
within Core
significant threats and vulnerabilities.
Framework
Provide initial data and analysis to support the drafting of cybersecurity recommendations to
Entry
leadership based on significant threats and vulnerabilities.
Draft cybersecurity recommendations to leadership based on significant threats and
Intermediate
vulnerabilities.
Evaluate, approve, and provide cybersecurity recommendations to leadership based on
Advanced
significant threats and vulnerabilities.

Table 37. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Knowledge of service management concepts for networks and related
Enterprise
K0200 standards (e.g., Information Technology Infrastructure Library, current
Architecture
version [ITIL]).
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to organizational
Information
A0123 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Knowledge of an organization's information classification program and Information
K0287
procedures for information compromise. Management
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
Information
K0276 Knowledge of security management. Systems/Network
Security
Knowledge of network systems management principles, models, Network
K0180
methods (e.g., end-to-end systems performance monitoring), and tools. Management
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment
Vulnerabilities
S0141 Skill in assessing security systems designs.
Assessment

32
 KSA ID Description Competency
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability Vulnerabilities
S0167
and compliance scanning). Assessment
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

33
 Table 38. T0243 Task Analysis

Proficiency Task Statement Importance

As Written
Verify and update security documentation reflecting the
within Core
application/system security design features.
Framework
Entry Maintain security documentation reflecting the application/system security design features.
Verify and update security documentation reflecting the application/system security design
Intermediate
features.
Review and approve documented security design features of the application/system based on
Advanced
compliance with established regulations.

Table 39. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity

Computer Network
S0147 principles and tenets. (e.g., CIS CSC, NIST SP 800-53,
Defense
Cybersecurity Framework, etc.).
Knowledge of Personally Identifiable Information (PII) data Data Privacy and
K0260
security standards. Protection
Database Management
K0024
Knowledge of database systems. Systems
Knowledge of cybersecurity and privacy principles and
K0044 organizational requirements (relevant to confidentiality, Information Assurance
integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles and Information
K0049
methods (e.g., firewalls, demilitarized zones, encryption). Systems/Network Security
K0227 Knowledge of various types of computer architectures. System Administration
K0275 Knowledge of configuration management techniques. System Administration
Knowledge of installation, integration, and optimization of
K0035 system components. Systems Integration
Systems Testing and
K0290 Knowledge of systems security testing and evaluation methods. Evaluation
S0036 Skill in evaluating the adequacy of security designs. Vulnerabilities Assessment

34
 Table 40. T0508 Task Analysis

Proficiency Task Statement Importance

As Written
within Verify minimum security requirements are in place for all applications. Core
Framework
Entry Assist with verifying minimum security requirements are in place for all applications.
Intermediate Verify minimum security requirements are in place for all applications.
Advanced Review and validate that minimum security requirements are in place for all applications.

Table 41. Primary Knowledge, Skills, and Abilities Required to Perform the above Task

KSA ID Description Competency

Skill in assessing security controls based on cybersecurity principles and Computer Network
S0147
tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Defense
Knowledge of Personally Identifiable Information (PII) data security Data Privacy and
K0260
standards. Protection
Database
K0024 Knowledge of database systems. Management
Systems
Knowledge of cybersecurity and privacy principles and organizational
Information
K0044 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Ability to apply cybersecurity and privacy principles to organizational
Information
A0123 requirements (relevant to confidentiality, integrity, availability,
Assurance
authentication, non-repudiation).
Information
Knowledge of information technology (IT) security principles and
K0049 Systems/Network
methods (e.g., firewalls, demilitarized zones, encryption).
Security
K0036 Knowledge of human-computer interaction principles. Systems Integration
Systems Testing
K0290 Knowledge of systems security testing and evaluation methods.
and Evaluation
K0297 Knowledge of countermeasure design for identified security risks. Threat Analysis
Knowledge of how to use network analysis tools to identify Vulnerabilities
K0339
vulnerabilities. Assessment
Vulnerabilities
S0036 Skill in evaluating the adequacy of security designs.
Assessment
Vulnerabilities
S0141 Skill in assessing security systems designs.
Assessment
Knowledge of vulnerability information dissemination sources (e.g., Vulnerabilities
K0040
alerts, advisories, errata, and bulletins). Assessment

35