|
A0001
|
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. |
4 |
|
A0002
|
Ability to match the appropriate knowledge repository technology for a given application or environment. |
1 |
|
A0003
|
Ability to determine the validity of technology trend data. |
1 |
|
A0004
|
Ability to develop curriculum that speaks to the topic at the appropriate level for the target audience. |
1 |
|
A0005
|
Ability to decrypt digital data collections. |
2 |
|
A0006
|
Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures. |
1 |
|
A0007
|
Ability to tailor code analysis for application-specific concerns. |
1 |
|
A0008
|
Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]). |
3 |
|
A0009
|
Ability to apply supply chain risk management standards. |
3 |
|
A0010
|
Ability to analyze malware. |
1 |
|
A0011
|
Ability to answer questions in a clear and concise manner. |
2 |
|
A0012
|
Ability to ask clarifying questions. |
3 |
|
A0013
|
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. |
14 |
|
A0014
|
Ability to communicate effectively when writing. |
3 |
|
A0015
|
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems. |
8 |
|
A0016
|
Ability to facilitate small group discussions. |
2 |
|
A0017
|
Ability to gauge learner understanding and knowledge level. |
1 |
|
A0018
|
Ability to prepare and present briefings. |
4 |
|
A0019
|
Ability to produce technical documentation. |
5 |
|
A0020
|
Ability to provide effective feedback to students for improving learning. |
1 |
|
A0021
|
Ability to use and understand complex mathematical concepts (e.g., discrete math). |
2 |
|
A0022
|
Ability to apply principles of adult learning. |
2 |
|
A0023
|
Ability to design valid and reliable assessments. |
3 |
|
A0024
|
Ability to develop clear directions and instructional materials. |
3 |
|
A0025
|
Ability to accurately define incidents, problems, and events in the trouble ticketing system. |
2 |
|
A0026
|
Ability to analyze test data. |
3 |
|
A0027
|
Ability to apply an organization's goals and objectives to develop and maintain architecture. |
3 |
|
A0028
|
Ability to assess and forecast manpower requirements to meet organizational objectives. |
2 |
|
A0029
|
Ability to build complex data structures and high-level programming languages. |
1 |
|
A0030
|
Ability to collect, verify, and validate test data. |
2 |
|
A0031
|
Ability to conduct and implement market research to understand government and industry capabilities and appropriate pricing. |
1 |
|
A0032
|
Ability to develop curriculum for use within a virtual environment. |
2 |
|
A0033
|
Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities. |
5 |
|
A0034
|
Ability to develop, update, and/or maintain standard operating procedures (SOPs). |
3 |
|
A0035
|
Ability to dissect a problem and examine the interrelationships between data that may appear unrelated. |
2 |
|
A0036
|
Ability to identify basic common coding flaws at a high level. |
2 |
|
A0037
|
Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues. |
2 |
|
A0038
|
Ability to optimize systems to meet enterprise performance requirements. |
2 |
|
A0039
|
Ability to oversee the development and update of the life cycle cost estimate. |
4 |
|
A0040
|
Ability to translate data and test results into evaluative conclusions. |
3 |
|
A0041
|
Ability to use data visualization tools (e.g., Flare, HighCharts, AmCharts, D3.js, Processing, Google Visualization API, Tableau, Raphael.js). |
1 |
|
A0042
|
Ability to develop career path opportunities. |
1 |
|
A0043
|
Ability to conduct forensic analyses in and for both Windows and Unix/Linux environments. |
1 |
|
A0044
|
Ability to apply programming language structures (e.g., source code review) and logic. |
1 |
|
A0045
|
Ability to evaluate/ensure the trustworthiness of the supplier and/or product. |
3 |
|
A0046
|
Ability to monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies. |
1 |
|
A0047
|
Ability to develop secure software according to secure software deployment methodologies, tools, and practices. |
1 |
|
A0048
|
Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
2 |
|
A0049
|
Ability to apply secure system design tools, methods and techniques. |
2 |
|
A0050
|
Ability to apply system design tools, methods, and techniques, including automated systems analysis and design tools. |
2 |
|
A0051
|
Ability to execute technology integration processes. |
1 |
|
A0052
|
Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. |
1 |
|
A0053
|
Ability to determine the validity of workforce trend data. |
1 |
|
A0054
|
Ability to apply the Instructional System Design (ISD) methodology. |
1 |
|
A0055
|
Ability to operate common network tools (e.g., ping, traceroute, nslookup). |
4 |
|
A0056
|
Ability to ensure security practices are followed throughout the acquisition process. |
6 |
|
A0057
|
Ability to tailor curriculum that speaks to the topic at the appropriate level for the target audience. |
3 |
|
A0058
|
Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat). |
3 |
|
A0059
|
Ability to operate the organization's LAN/WAN pathways. |
1 |
|
A0060
|
Ability to build architectures and frameworks. |
1 |
|
A0061
|
Ability to design architectures and frameworks. |
2 |
|
A0062
|
Ability to monitor measures or indicators of system performance and availability. |
2 |
|
A0063
|
Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts). |
3 |
|
A0064
|
Ability to interpret and translate customer requirements into operational capabilities. |
1 |
|
A0065
|
Ability to monitor traffic flows across the network. |
1 |
|
A0066
|
Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. |
12 |
|
A0067
|
Ability to adjust to and operate in a diverse, unpredictable, challenging, and fast-paced work environment. |
3 |
|
A0068
|
Ability to apply approved planning development and staffing processes. |
3 |
|
A0069
|
Ability to apply collaborative skills and strategies. |
3 |
|
A0070
|
Ability to apply critical reading/thinking skills. |
9 |
|
A0071
|
Ability to apply language and cultural expertise to analysis. |
1 |
|
A0072
|
Ability to clearly articulate intelligence requirements into well-formulated research questions and data tracking variables for inquiry tracking purposes. |
3 |
|
A0073
|
Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information. |
2 |
|
A0074
|
Ability to collaborate effectively with others. |
6 |
|
A0075
|
WITHDRAWN: Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. |
0 |
|
A0076
|
Ability to coordinate and collaborate with analysts regarding surveillance requirements and essential information development. |
1 |
|
A0077
|
Ability to coordinate cyber operations with other organization functions or support activities. |
4 |
|
A0078
|
Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations. |
2 |
|
A0079
|
Ability to correctly employ each organization or element into the collection plan and matrix. |
1 |
|
A0080
|
Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
6 |
|
A0081
|
Ability to develop or recommend planning solutions to problems and situations for which no precedent exists. |
3 |
|
A0082
|
Ability to effectively collaborate via virtual teams. |
7 |
|
A0083
|
Ability to evaluate information for reliability, validity, and relevance. |
6 |
|
A0084
|
Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products. |
7 |
|
A0085
|
Ability to exercise judgment when policies are not well-defined. |
9 |
|
A0086
|
Ability to expand network access by conducting target analysis and collection to identify targets of interest. |
2 |
|
A0087
|
Ability to focus research efforts to meet the customer’s decision-making needs. |
6 |
|
A0088
|
Ability to function effectively in a dynamic, fast-paced environment. |
7 |
|
A0089
|
Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise. |
13 |
|
A0090
|
Ability to identify external partners with common cyber operations interests. |
5 |
|
A0091
|
Ability to identify intelligence gaps. |
6 |
|
A0092
|
Ability to identify/describe target vulnerability. |
2 |
|
A0093
|
Ability to identify/describe techniques/methods for conducting technical exploitation of the target. |
2 |
|
A0094
|
Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives. |
6 |
|
A0095
|
Ability to interpret and translate customer requirements into operational action. |
2 |
|
A0096
|
Ability to interpret and understand complex and rapidly evolving concepts. |
4 |
|
A0097
|
Ability to monitor system operations and react to events in response to triggers and/or observation of trends or unusual activity. |
1 |
|
A0098
|
Ability to participate as a member of planning teams, coordination groups, and task forces as necessary. |
5 |
|
A0099
|
Ability to perform network collection tactics, techniques, and procedures to include decryption capabilities/tools. |
1 |
|
A0100
|
Ability to perform wireless collection procedures to include decryption capabilities/tools. |
1 |
|
A0101
|
Ability to recognize and mitigate cognitive biases which may affect analysis. |
6 |
|
A0102
|
Ability to recognize and mitigate deception in reporting and analysis. |
5 |
|
A0103
|
Ability to review processed target language materials for accuracy and completeness. |
1 |
|
A0104
|
Ability to select the appropriate implant to achieve operational goals. |
2 |
|
A0105
|
Ability to tailor technical and planning information to a customer’s level of understanding. |
7 |
|
A0106
|
Ability to think critically. |
9 |
|
A0107
|
Ability to think like threat actors. |
3 |
|
A0108
|
Ability to understand objectives and effects. |
4 |
|
A0109
|
Ability to utilize multiple intelligence sources across all intelligence disciplines. |
6 |
|
A0110
|
Ability to monitor advancements in information privacy laws to ensure organizational adaptation and compliance. |
1 |
|
A0111
|
Ability to work across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives. |
3 |
|
A0112
|
Ability to monitor advancements in information privacy technologies to ensure organizational adaptation and compliance. |
4 |
|
A0113
|
Ability to determine whether a security incident violates a privacy principle or legal standard requiring specific legal action. |
1 |
|
A0114
|
Ability to develop or procure curriculum that speaks to the topic at the appropriate level for the target. |
4 |
|
A0115
|
Ability to work across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives. |
2 |
|
A0116
|
Ability to prioritize and allocate cybersecurity resources correctly and efficiently. |
2 |
|
A0117
|
Ability to relate strategy, business, and technology in the context of organizational dynamics. |
3 |
|
A0118
|
Ability to understand technology, management, and leadership issues related to organization processes and problem solving. |
5 |
|
A0119
|
Ability to understand the basic concepts and issues related to cyber and its organizational impact. |
7 |
|
A0120
|
Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture. |
1 |
|
A0121
|
Ability to design incident response for cloud service models. |
1 |
|
A0122
|
Ability to design capabilities to find solutions to less common and more complex system problems. |
1 |
|
A0123
|
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
15 |
|
A0124
|
Ability to establish and maintain automated security control assessments |
1 |
|
A0125
|
Ability to author a privacy disclosure statement based on current laws. |
1 |
|
A0126
|
Ability to track the location and configuration of networked devices and software across departments, locations, facilities and, potentially, supporting business functions. |
0 |
|
A0127
|
Ability to deploy continuous monitoring technologies and tools. |
0 |
|
A0128
|
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. |
3 |
|
A0129
|
Ability to ensure information security management processes are integrated with strategic and operational planning processes. |
1 |
|
A0130
|
Ability to ensure that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control. |
1 |
|
A0131
|
Ability to ensure the organization has adequately trained personnel to assist in complying with security requirements in legislation, Executive Orders, policies, directives, instructions, standards, and guidelines. |
0 |
|
A0132
|
Ability to coordinate with senior leadership of an organization to provide a comprehensive, organization-wide, holistic approach for addressing risk—an approach that provides a greater understanding of the integrated operations of the organization. |
0 |
|
A0133
|
Ability to coordinate with senior leadership of an organization to develop a risk management strategy for the organization providing a strategic view of security-related risks for the organization. |
0 |
|
A0134
|
Ability to coordinate with senior leadership of an organization to facilitate the sharing of risk-related information among authorizing officials and other senior leaders within the organization. |
0 |
|
A0135
|
Ability to coordinate with senior leadership of an organization to provide oversight for all risk management-related activities across the organization to help ensure consistent and effective risk acceptance decisions. |
0 |
|
A0136
|
Ability to coordinate with senior leadership of an organization to ensure that authorization decisions consider all factors necessary for mission and business success. |
0 |
|
A0137
|
Ability to coordinate with senior leadership of an organization to provide an organization-wide forum to consider all sources of risk (including aggregated risk) to organizational operations and assets, individuals, other organizations, and the Nation. |
0 |
|
A0138
|
Ability to coordinate with senior leadership of an organization to promote cooperation and collaboration among authorizing officials to include authorization actions requiring shared responsibility. |
0 |
|
A0139
|
Ability to coordinate with senior leadership of an organization to ensure that the shared responsibility for supporting organizational mission/business functions using external providers of systems, services, and applications receives the needed visibility and is elevated to the appropriate decision-making authorities. |
0 |
|
A0140
|
Ability to coordinate with senior leadership of an organization to identify the organizational risk posture based on the aggregated risk from the operation and use of the systems for which the organization is responsible. |
0 |
|
A0141
|
Ability to work closely with authorizing officials and their designated representatives to help ensure that an organization-wide security program is effectively implemented resulting in adequate security for all organizational systems and environments of operation. |
0 |
|
A0142
|
Ability to work closely with authorizing officials and their designated representatives to help ensure that security considerations are integrated into programming/planning/budgeting cycles, enterprise architectures, and acquisition/system development life cycles. |
0 |
|
A0143
|
Ability to work closely with authorizing officials and their designated representatives to help ensure that organizational systems and common controls are covered by approved security plans and possess current authorizations. |
0 |
|
A0144
|
Ability to work closely with authorizing officials and their designated representatives to help ensure that security-related activities required across the organization are accomplished in an efficient, cost-effective, and timely manner. |
0 |
|
A0145
|
Ability to work closely with authorizing officials and their designated representatives to help ensure that there is centralized reporting of security-related activities. |
0 |
|
A0146
|
Ability to establish the rules for appropriate use and protection of the information and retains that responsibility even when the information is shared with or provided to other organizations. |
0 |
|
A0147
|
Ability to approve security plans, memorandums of agreement or understanding, plans of action and milestones, and determine whether significant changes in the systems or environments of operation require reauthorization. |
0 |
|
A0148
|
Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls. |
1 |
|
A0149
|
Ability, in close coordination with system security officers, advise authorizing officials, chief information officers, senior information security officers, and the senior accountable official for risk management/risk executive (function), on a range of security-related issues (e.g. establishing system boundaries; assessing the severity of weaknesses and deficiencies in the system; plans of action and milestones; risk mitigation approaches; security alerts; and potential adverse effects of identified vulnerabilities). |
1 |
|
A0150
|
Ability to conduct systems security engineering activities (NIST SP 800-16). |
0 |
|
A0151
|
Ability to capture and refine security requirements and ensure that the requirements are effectively integrated into the component products and systems through purposeful security architecting, design, development, and configuration. |
0 |
|
A0152
|
Ability to employ best practices when implementing security controls within a system including software engineering methodologies; system and security engineering principles; secure design, secure architecture, and secure coding techniques. |
0 |
|
A0153
|
Ability to coordinate their security-related activities with security architects, senior information security officers, system owners, common control providers, and system security officers. |
0 |
|
A0154
|
Ability to conduct a comprehensive assessment of the management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine the effectiveness of the controls (i.e., the extent to which the security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). |
0 |
|
A0155
|
Ability to provide an assessment of the severity of weaknesses or deficiencies discovered in the system and its environment of operation and recommend corrective actions to address identified vulnerabilities. |
0 |
|
A0156
|
Ability to prepare the final security assessment report containing the results and findings from the assessment. |
0 |
|
A0157
|
Ability to assesses a security plan to help ensure that the plan provides a set of security controls for the system that meet the stated security requirements. |
0 |
|
A0158
|
Ability to ensure that functional and security requirements are appropriately addressed in a contract and that the contractor meets the functional and security requirements as stated in the contract. |
0 |
|
A0159
|
Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). |
2 |
|
A0160
|
Ability to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise. |
1 |
|
A0161
|
Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). |
1 |
|
A0162
|
Ability to ensure information system security, acquisition personnel, legal counsel, and other appropriate advisors and stakeholders are participating in decision making from system concept definition/review and are involved in, or approve of, each milestone decision through the entire system life cycle for systems. |
0 |
|
A0177
|
Ability to recognize the unique aspects of the Communications Security (COMSEC) environment and hierarchy. |
1 |
|
A0163
|
Ability to interpret Communications Security (COMSEC) terminology, guidelines and procedures. |
1 |
|
A0164
|
Ability to identify the roles and responsibilities for appointed Communications Security (COMSEC) personnel. |
1 |
|
A0165
|
Ability to manage Communications Security (COMSEC) material accounting, control and use procedure. |
1 |
|
A0166
|
Ability to identify types of Communications Security (COMSEC) Incidents and how they’re reported. |
1 |
|
A0167
|
Ability to recognize the importance of auditing Communications Security (COMSEC) material and accounts. |
1 |
|
A0168
|
Ability to Identify the requirements of In-Process accounting for Communications Security (COMSEC). |
1 |
|
A0170
|
Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations. |
11 |
|
A0171
|
Ability to conduct training and education needs assessment. |
2 |
|
A0172
|
Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks. |
2 |
|
A0173
|
Ability to recognize that changes to systems or environment can change residual risks in relation to risk appetite. |
0 |
|
A0174
|
Ability to find and navigate the dark web using the TOR network to locate markets and forums. |
1 |
|
A0175
|
Ability to examine digital media on multiple operating system platforms. |
2 |
|
A0176
|
Ability to maintain databases. (i.e., backup, restore, delete data, transaction log files, etc.). |
1 |