DD-WRL-001
Cybersecurity Architecture  OPM Code: 652

Conducts research, conceptualizes, designs, develops, and tests secure technology systems, including on perimeter and cloud-based networks.

Responsible for ensuring that security requirements are adequately addressed in all aspects of enterprise architecture, including reference models, segment and solution architectures, and the resulting systems that protect and support organizational mission and business processes.

Code Description Work Roles
T0084 Employ secure configuration management processes 3
T0542 Translate proposed capabilities into technical requirements 2
T1010 Communicate enterprise information technology architecture 3
T1019 Determine special needs of cyber-physical systems 10
T1020 Determine the operational and safety impacts of cybersecurity lapses 37
T1027 Integrate organizational goals and objectives into security architecture 3
T1029 Implement organizational evaluation and validation criteria 1
T1077 Assess the organization's cybersecurity architecture 3
T1096 Perform privacy impact assessments (PIAs) 4
T1100 Configure network hubs, routers, and switches 3
T1101 Optimize network hubs, routers, and switches 3
T1122 Determine essential system capabilities and business functions 3
T1123 Prioritize essential system capabilities and business functions 3
T1124 Restore essential system capabilities and business functions after catastrophic failure events 4
T1125 Define system availability levels 2
T1126 Determine disaster recovery and continuity of operations system requirements 2
T1151 Develop cybersecurity designs for systems and networks with multilevel security requirements 1
T1152 Develop cybersecurity designs for systems and networks that require processing of multiple data classification levels 1
T1153 Integrate cybersecurity designs for systems and networks 1
T1168 Define acquisition life cycle cybersecurity architecture requirements 1
T1169 Define acquisition life cycle systems security engineering requirements 1
T1179 Determine if systems and architecture are consistent with cybersecurity architecture guidelines 2
T1263 Perform security reviews 3
T1264 Identify gaps in security architecture 3
T1265 Develop a cybersecurity risk management plan 3
T1293 Advise on security requirements to be included in statements of work 2
T1294 Advise on Risk Management Framework process activities and documentation 5
T1361 Determine the impact of new system and interface implementations on organization's cybersecurity posture 2
T1362 Document impact of new system and interface implementations on organization's cybersecurity posture 2
T1363 Plan system security development 3
T1364 Conduct system security development 3
T1403 Allocate cybersecurity services 2
T1404 Select cybersecurity mechanisms 2
T1410 Develop system security contexts 2
T1423 Create system security concept of operations (ConOps) documents 3
T1426 Determine cybersecurity design and architecture effectiveness 2
T1434 Create cybersecurity architecture functional specifications 2
T1507 Determine user requirements 3
T1508 Plan cybersecurity architecture 3
T1519 Design system security measures 3
T1520 Update system security measures 3
T1521 Develop enterprise architecture 2
T1527 Define baseline system security requirements 5
T1544 Create definition activity documentation 2
T1545 Create architecture activity documentation 2
T1556 Identify system and network protection needs 1
T1563 Implement system security measures 4
T1583 Determine effectiveness of system implementation and testing processes 5
T1627 Conduct cybersecurity management assessments 1
T1628 Design cybersecurity management functions 1
Code Description Work Roles
K0018 Knowledge of encryption algorithms 10
K0055 Knowledge of microprocessors 3
K0092 Knowledge of technology integration processes 2
K0646 Knowledge of system optimization techniques 2
K0674 Knowledge of computer networking protocols 40
K0675 Knowledge of risk management processes 41
K0676 Knowledge of cybersecurity laws and regulations 41
K0677 Knowledge of cybersecurity policies and procedures 41
K0678 Knowledge of privacy laws and regulations 41
K0679 Knowledge of privacy policies and procedures 41
K0680 Knowledge of cybersecurity principles and practices 40
K0681 Knowledge of privacy principles and practices 40
K0682 Knowledge of cybersecurity threats 40
K0683 Knowledge of cybersecurity vulnerabilities 40
K0684 Knowledge of cybersecurity threat characteristics 40
K0685 Knowledge of access control principles and practices 21
K0686 Knowledge of authentication and authorization tools and techniques 21
K0687 Knowledge of business operations standards and best practices 5
K0688 Knowledge of common application vulnerabilities 5
K0689 Knowledge of network infrastructure principles and practices 9
K0690 Knowledge of requirements analysis principles and practices 6
K0691 Knowledge of cyber defense tools and techniques 7
K0692 Knowledge of vulnerability assessment tools and techniques 7
K0694 Knowledge of computer algorithm capabilities and applications 5
K0698 Knowledge of cryptographic key management principles and practices 10
K0707 Knowledge of database systems and software 9
K0709 Knowledge of business continuity and disaster recovery (BCDR) policies and procedures 5
K0710 Knowledge of enterprise cybersecurity architecture principles and practices 20
K0714 Knowledge of electrical engineering principles and practices 3
K0718 Knowledge of network communications principles and practices 10
K0719 Knowledge of human-computer interaction (HCI) principles and practices 4
K0720 Knowledge of Assessment and Authorization (A&A) processes 5
K0727 Knowledge of analysis standards and best practices 7
K0728 Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices 20
K0729 Knowledge of non-repudiation principles and practices 20
K0730 Knowledge of cyber safety principles and practices 20
K0731 Knowledge of systems security engineering (SSE) principles and practices 13
K0736 Knowledge of information technology (IT) security principles and practices 18
K0739 Knowledge of mathematics principles and practices 7
K0742 Knowledge of identity and access management (IAM) principles and practices 10
K0743 Knowledge of new and emerging technologies 15
K0744 Knowledge of operating system (OS) systems and software 16
K0745 Knowledge of parallel and distributed computing principles and practices 5
K0749 Knowledge of process engineering principles and practices 13
K0751 Knowledge of system threats 40
K0752 Knowledge of system vulnerabilities 40
K0753 Knowledge of remote access principles and practices 2
K0756 Knowledge of security management principles and practices 6
K0757 Knowledge of system design tools and techniques 8
K0758 Knowledge of server administration principles and practices 13
K0759 Knowledge of client and server architecture 16
K0765 Knowledge of software engineering principles and practices 15
K0768 Knowledge of automated systems analysis tools and techniques 5
K0772 Knowledge of systems testing and evaluation tools and techniques 7
K0773 Knowledge of telecommunications principles and practices 14
K0778 Knowledge of enterprise information technology (IT) architecture principles and practices 20
K0779 Knowledge of systems engineering processes 14
K0791 Knowledge of defense-in-depth principles and practices 19
K0814 Knowledge of secure coding tools and techniques 6
K0835 Knowledge of risk assessment principles and practices 8
K0836 Knowledge of threat assessment principles and practices 7
K0839 Knowledge of critical infrastructure systems and software 13
K0840 Knowledge of hardware reverse engineering tools and techniques 15
K0842 Knowledge of software reverse engineering tools and techniques 15
K0846 Knowledge of secure software deployment principles and practices 3
K0847 Knowledge of secure software deployment tools and techniques 3
K0848 Knowledge of network systems management principles and practices 8
K0849 Knowledge of network systems management tools and techniques 8
K0851 Knowledge of reverse engineering principles and practices 15
K0859 Knowledge of encryption tools and techniques 13
K0865 Knowledge of data classification standards and best practices 18
K0866 Knowledge of data classification tools and techniques 18
K0868 Knowledge of process improvement principles and practices 6
K0869 Knowledge of process maturity models and frameworks 6
K0870 Knowledge of enterprise architecture (EA) reference models and frameworks 20
K0871 Knowledge of enterprise architecture (EA) principles and practices 20
K0872 Knowledge of service management principles and practices 11
K0873 Knowledge of service management standards and best practices 11
K0874 Knowledge of key management service (KMS) principles and practices 3
K0875 Knowledge of symmetric encryption principles and practices 3
K0876 Knowledge of key management service (KMS) key rotation policies and procedures 3
K0877 Knowledge of application firewall principles and practices 12
K0878 Knowledge of network firewall principles and practices 12
K0891 Knowledge of the Open Systems Interconnect (OSI) reference model 13
K0894 Knowledge of computer architecture principles and practices 4
K0906 Knowledge of multi-level security (MLS) systems and software 2
K0907 Knowledge of cross-domain solutions 2
K0915 Knowledge of network architecture principles and practices 21
K0917 Knowledge of Personally Identifiable Information (PII) data security standards and best practices 15
K0918 Knowledge of Payment Card Industry (PCI) data security standards and best practices 16
K0919 Knowledge of Personal Health Information (PHI) data security standards and best practices 16
K0921 Knowledge of program protection plan (PPP) principles and practices 2
K0927 Knowledge of configuration management tools and techniques 3
K0928 Knowledge of systems engineering principles and practices 13
K0933 Knowledge of N-tier architecture principles and practices 2
K0934 Knowledge of data classification policies and procedures 18
K0942 Knowledge of cryptology principles and practices 10
K0947 Knowledge of computer engineering principles and practices 14
K0948 Knowledge of embedded systems and software 9
K0949 Knowledge of fault tolerance tools and techniques 2
K0952 Knowledge of information theory principles and practices 5
K0983 Knowledge of computer networking principles and practices 39
K1014 Knowledge of network security principles and practices 40
K1049 Knowledge of routing protocols 3
K1080 Knowledge of secure software update principles and practices 2
K1081 Knowledge of secure firmware update principles and practices 2
K1086 Knowledge of design modeling 3
K1095 Knowledge of design methods 2
K1110 Knowledge of acquisition cybersecurity requirements 2
K1111 Knowledge of application security design principles and practices 4
K1120 Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices 5
K1137 Knowledge of cybersecurity requirements 11
K1143 Knowledge of data classification levels 1
K1159 Knowledge of fail-over or alternate site requirements 2
K1169 Knowledge of material supportability requirements 2
K1173 Knowledge of multilevel security requirements 1
K1194 Knowledge of Personally Identifiable Information (PII) attributes 4
K1212 Knowledge of security controls 4
K1216 Knowledge of service-oriented security architecture practices and principles 3
K1223 Knowledge of system backup requirements 2
K1236 Knowledge of user requirements 3
Code Description Work Roles
S0141 Skill in assessing security systems designs 5
S0172 Skill in applying secure coding techniques 6
S0383 Skill in analyzing an organization's enterprise information technology architecture 3
S0385 Skill in communicating complex concepts 9
S0386 Skill in communicating verbally 4
S0387 Skill in communicating in writing 4
S0418 Skill in applying secure network architectures 2
S0419 Skill in designing systems 2
S0428 Skill in designing architectures 2
S0429 Skill in designing frameworks 2
S0430 Skill in collaborating with others 9
S0458 Skill in coordinating efforts between stakeholders 1
S0465 Skill in identifying critical infrastructure systems 10
S0466 Skill in identifying systems designed without security considerations 10
S0543 Skill in scanning for vulnerabilities 12
S0544 Skill in recognizing vulnerabilities 13
S0551 Skill in applying information technologies into proposed solutions 4
S0569 Skill in designing security controls 4
S0570 Skill in designing the integration of hardware solutions 4
S0571 Skill in designing the integration of software solutions 4
S0574 Skill in developing security system controls 11
S0578 Skill in evaluating security designs 9
S0590 Skill in building use cases 3
S0596 Skill in encrypting network communications 3
S0598 Skill in creating test plans 2
S0613 Skill in configuring software-based computer protection tools 3
S0632 Skill in designing Test and Evaluation Strategies (TES) 3
S0637 Skill in designing multi-level security solutions 1
S0638 Skill in designing cross-domain solutions 1
S0655 Skill in designing secure test plans 5
S0657 Skill in implementing Public Key Infrastructure (PKI) encryption 5
S0658 Skill in implementing digital signatures 5
S0659 Skill in applying security models 1
S0673 Skill in translating operational requirements into security controls 8
S0674 Skill in installing system and component upgrades 6
S0675 Skill in optimizing system performance 10
S0683 Skill in implementing network segregation 2
S0685 Skill in configuring computer protection components 2
S0686 Skill in performing risk assessments 12
S0728 Skill in preparing briefings 6
S0762 Skill in integrating organization objectives 3
S0791 Skill in presenting to an audience 9
S0813 Skill in identifying cybersecurity issues in external connections 3
S0814 Skill in identifying privacy issues in partner interconnections 3
S0822 Skill in collaborating with stakeholders 3
S0853 Skill in performing cybersecurity architecture analysis 2
S0880 Skill in performing security architecture analysis 2
S0893 Skill in performing user needs analysis 3