Cyber Defense Infrastructure Support Specialist
What does this work role do? Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
CORE KSATs
| KSAT ID | Description | KSAT |
|---|---|---|
| 22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. | Knowledge |
| 49 | Knowledge of host/network access control mechanisms (e.g., access control list). | Knowledge |
| 59A | Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. | Knowledge |
| 61 | Knowledge of incident response and handling methodologies. | Knowledge |
| 63 | Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). | Knowledge |
| 81A | Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. | Knowledge |
| 87A | Knowledge of network traffic analysis (tools, methodologies, processes). | Knowledge |
| 92B | Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI)). | Knowledge |
| 108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). | Knowledge |
| 148 | Knowledge of Virtual Private Network (VPN) security. | Knowledge |
| 150 | Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities. | Knowledge |
| 643A | Identify potential conflicts with implementation of any cyber defense tools(e.g., tool and signature testing and optimization). | Task |
| 960 | Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources. | Task |
| 984 | Knowledge of cyber defense policies, procedures, and regulations. | Knowledge |
| 1012A | Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)). | Knowledge |
| 1072 | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). | Knowledge |
| 1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. | Knowledge |
| 1158 | * Knowledge of cybersecurity principles. | Knowledge |
| 1159 | * Knowledge of cyber threats and vulnerabilities. | Knowledge |
| 2772 | Build, install, configure, and test dedicated cyber defense hardware. | Task |
| 5090 | Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure. | Task |
| 6700 | Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. | Skill |
| 6900 | * Knowledge of specific operational impacts of cybersecurity lapses. | Knowledge |
| 6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). | Knowledge |
| 6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. | Knowledge |
ADDITIONAL KSATs
| KSAT ID | Description | KSAT |
|---|---|---|
| 29 | Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools. | Knowledge |
| 93 | Knowledge of packet-level analysis. | Knowledge |
| 157 | Skill in applying host/network access controls (e.g., access control list). | Skill |
| 227 | Skill in tuning sensors. | Skill |
| 229 | Skill in using incident handling methodologies. | Skill |
| 237 | Skill in using Virtual Private Network (VPN) devices and encryption. | Skill |
| 393B | Coordinate with system administrators to create cyber defense tools, test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s). | Task |
| 471 | Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized cyber defense applications. | Task |
| 481A | Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems). | Task |
| 654B | Implement risk assessment and authorization requirements per the Risk Management Framework (RMF) process for dedicated cyber defense systems within the enterprise, and document and maintain records for them. | Task |
| 769 | Perform system administration on specialized cyber defense applications and systems (e.g., anti-virus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup and restoration. | Task |
| 893 | Skill in securing network communications. | Skill |
| 896 | Skill in protecting a network against malware. | Skill |
| 900 | Knowledge of web filtering technologies. | Knowledge |
| 1074A | Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. | Knowledge |
| 1125 | Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration. | Knowledge |
| 3143 | Knowledge of basic system, network, and OS hardening techniques. | Knowledge |
| 6210 | Knowledge of cloud service models and possible limitations for an incident response. | Knowledge |
| 6670 | Skill in system, network, and OS hardening techniques. | Skill |
| 6918 | Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments. | Ability |
| 6919 | Ability to determine the best cloud deployment model for the appropriate operating environment. | Ability |
| 6942 | Skill in designing or implementing cloud computing deployment models. | Skill |
| 6945 | Skill in migrating workloads to, from, and among the different cloud computing service models. | Skill |