| 34 |
Knowledge of database systems. |
Knowledge |
| 40 |
Knowledge of organization’s evaluation and validation requirements. |
Knowledge |
| 42 |
Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware. |
Knowledge |
| 43A |
Knowledge of embedded systems. |
Knowledge |
| 46A |
Knowledge of system fault tolerance methodologies. |
Knowledge |
| 51 |
Knowledge of how system components are installed, integrated, and optimized. |
Knowledge |
| 53 |
Knowledge of the Security Assessment and Authorization process. |
Knowledge |
| 62 |
Knowledge of industry-standard and organizationally accepted analysis principles and methods. |
Knowledge |
| 63 |
Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
Knowledge |
| 65A |
Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression). |
Knowledge |
| 70A |
Knowledge of cybersecurity methods, such as firewalls, demilitarized zones, and encryption. |
Knowledge |
| 75 |
Knowledge of mathematics, including logarithms, trigonometry, linear algebra, calculus, and statistics. |
Knowledge |
| 81A |
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
Knowledge |
| 90 |
Knowledge of operating systems. |
Knowledge |
| 92 |
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
| 94 |
Knowledge of parallel and distributed computing concepts. |
Knowledge |
| 109A |
Knowledge of configuration management techniques. |
Knowledge |
| 110 |
Knowledge of key concepts in security management (e.g., Release Management, Patch Management). |
Knowledge |
| 111 |
Knowledge of security system design tools, methods, and techniques. |
Knowledge |
| 113A |
Knowledge of N-tiered typologies including server and client operating systems. |
Knowledge |
| 119 |
Knowledge of software engineering. |
Knowledge |
| 130 |
Knowledge of systems testing and evaluation methods. |
Knowledge |
| 132A |
Ability to execute technology integration processes. |
Ability |
| 133 |
Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers). |
Knowledge |
| 155 |
Skill in applying and incorporating information technologies into proposed solutions. |
Skill |
| 180 |
Skill in designing the integration of hardware and software solutions. |
Skill |
| 183A |
Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
Knowledge |
| 183 |
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
Skill |
| 224 |
Skill in design modeling and building use cases (e.g., unified modeling language). |
Skill |
| 238A |
Skill in writing code in a currently supported programming language (e.g., Java, C++). |
Skill |
| 483A |
Captures and integrates essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event. |
Task |
| 484 |
Define appropriate levels of system availability based on critical system functions and ensure system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration. |
Task |
| 631 |
Identify and prioritize critical business functions in collaboration with organizational stakeholders. |
Task |
| 765A |
Integrate results regarding the identification of gaps in security architecture. |
Task |
| 797 |
Provide advice on project costs, design concepts, or design changes. |
Task |
| 809 |
Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). |
Task |
| 864A |
Translate proposed capabilities into technical requirements. |
Task |
| 993A |
Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization’s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]). |
Ability |
| 994A |
Document how the implementation of a new system or new interface between systems impacts the current and target environment including but not limited to security posture. |
Task |
| 996B |
Integrate key management functions as related to cyberspace. |
Task |
| 1037B |
Knowledge of program protection planning to include information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements. |
Knowledge |
| 1038 |
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability. |
Knowledge |
| 1073 |
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
Knowledge |
| 1130 |
Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions). |
Knowledge |
| 1133 |
Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
| 1141A |
Knowledge of an organization’s information classification program and procedures for information compromise. |
Knowledge |
| 1142 |
Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model). |
Knowledge |
| 2014 |
Analyze candidate architectures, allocate security services, and select security mechanisms. |
Task |
| 2248 |
Develop a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements. |
Task |
| 2390 |
Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents. |
Task |
| 2887 |
Write detailed functional specifications that document the architecture development process. |
Task |
| 3030 |
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems. |
Ability |
| 3153 |
Knowledge of circuit analysis. |
Knowledge |
| 3246 |
Knowledge of confidentiality, integrity, and availability requirements. |
Knowledge |
| 3307 |
Knowledge of cybersecurity-enabled software products. |
Knowledge |
| 3353 |
Knowledge of the Risk Management Framework Assessment Methodology. |
Knowledge |
| 3642 |
Knowledge of various types of computer architectures. |
Knowledge |
| 6030 |
Ability to apply an organization’s goals and objectives to develop and maintain architecture. |
Ability |
| 6150 |
Ability to optimize systems to meet enterprise performance requirements. |
Ability |
| 6330 |
Knowledge of multi-level/security cross domain solutions. |
Knowledge |
| 6680 |
Skill in the use of design methods. |
Skill |
