DD-WRL-004
Secure Systems Development OPM Code: 631 and 632

Conducts research, conceptualizes, designs, develops, and tests secure technology systems, including on perimeter and cloud-based networks.

Responsible for the secure design, development, and testing of systems and the evaluation of system security throughout the systems development life cycle.

Code Description Work Roles
T0084 Employ secure configuration management processes 3
T0122 Implement security designs for new or existing systems 1
T0124 Incorporate cybersecurity vulnerability solutions into system designs (e.g., Cybersecurity Vulnerability Alerts) 1
T0271 Develop cybersecurity designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations, high integrity and availability requirements, multilevel security/processing of multiple classification levels, and processing Sensitive Compartmented Information) 1
T1010 Communicate enterprise information technology architecture 3
T1019 Determine special needs of cyber-physical systems 10
T1020 Determine the operational and safety impacts of cybersecurity lapses 37
T1022 Review enterprise information technology (IT) goals and objectives 9
T1026 Determine procurement requirements 9
T1027 Integrate organizational goals and objectives into security architecture 3
T1030 Estimate the impact of collateral damage 2
T1041 Determine impact of software configurations 4
T1046 Assess operation performance 2
T1047 Assess operation impact 2
T1072 Determine life cycle support requirements 1
T1075 Implement application cybersecurity policies 2
T1078 Determine effectiveness of system cybersecurity measures 1
T1079 Develop cybersecurity risk profiles 4
T1081 Create product prototypes using working and theoretical models 1
T1084 Identify anomalous network activity 9
T1096 Perform privacy impact assessments (PIAs) 4
T1118 Identify vulnerabilities 7
T1119 Recommend vulnerability remediation strategies 8
T1122 Determine essential system capabilities and business functions 3
T1123 Prioritize essential system capabilities and business functions 3
T1124 Restore essential system capabilities and business functions after catastrophic failure events 4
T1128 Design cybersecurity or cybersecurity-enabled products 1
T1129 Develop cybersecurity or cybersecurity-enabled products 1
T1131 Determine if hardware, operating systems, and software applications adequately address cybersecurity requirements 1
T1132 Design system data backup capabilities 1
T1133 Develop technical and procedural processes for integrity of stored backup data 1
T1134 Develop technical and procedural processes for backup data storage 1
T1138 Create system testing and validation procedures and documentation 2
T1148 Develop systems security design documentation 1
T1149 Develop disaster recovery and continuity of operations plans for systems under development 1
T1150 Test disaster recovery and continuity of operations plans for systems prior to deployment 1
T1160 Develop risk mitigation strategies 2
T1161 Resolve system vulnerabilities 1
T1162 Recommend security changes to systems and system components 2
T1163 Develop cybersecurity countermeasures for systems and applications 2
T1164 Develop risk mitigation strategies for systems and applications 2
T1193 Allocate security functions to components and elements 1
T1194 Remediate technical problems encountered during system testing and implementation 1
T1195 Direct the remediation of technical problems encountered during system testing and implementation 1
T1206 Recommend cybersecurity or cybersecurity-enabled products for use within a system 1
T1269 Conduct risk analysis of applications and systems undergoing major changes 4
T1292 Develop guidelines for implementing developed systems for customers and installation teams 1
T1294 Advise on Risk Management Framework process activities and documentation 5
T1309 Analyze system capabilities and requirements 3
T1312 Conduct test and evaluation activities 1
T1326 Develop system performance predictions for various operating conditions 1
T1363 Plan system security development 3
T1364 Conduct system security development 3
T1365 Document cybersecurity design and development activities 2
T1401 Integrate system development life cycle methodologies into development environment 1
T1454 Design secure interfaces between information systems, physical systems, and embedded technologies 1
T1455 Implement secure interfaces between information systems, physical systems, and embedded technologies 1
T1489 Correlate incident data 7
T1507 Determine user requirements 3
T1508 Plan cybersecurity architecture 3
T1519 Design system security measures 3
T1520 Update system security measures 3
T1522 Determine if systems meet minimum security requirements 2
T1563 Implement system security measures 4
T1583 Determine effectiveness of system implementation and testing processes 5
T1584 Establish minimum security requirements for applications 2
T1585 Determine if applications meet minimum security requirements 2
T1586 Conduct cybersecurity risk assessments 3
T1592 Conduct cybersecurity reviews 2
T1593 Identify cybersecurity gaps in enterprise architecture 1
T1604 Provide cybersecurity advice on implementation plans, standard operating procedures, maintenance documentation, and maintenance training materials 2
T1613 Determine if design components meet system requirements 1
T1614 Determine scalability of system architecture 1
Code Description Work Roles
K0018 Knowledge of encryption algorithms 10
K0055 Knowledge of microprocessors 3
K0068 Knowledge of programming language structures and logic 7
K0653 Knowledge of cybersecurity practices in the acquisition process 6
K0674 Knowledge of computer networking protocols 40
K0675 Knowledge of risk management processes 41
K0676 Knowledge of cybersecurity laws and regulations 41
K0677 Knowledge of cybersecurity policies and procedures 41
K0678 Knowledge of privacy laws and regulations 41
K0679 Knowledge of privacy policies and procedures 41
K0680 Knowledge of cybersecurity principles and practices 40
K0681 Knowledge of privacy principles and practices 40
K0682 Knowledge of cybersecurity threats 40
K0683 Knowledge of cybersecurity vulnerabilities 40
K0684 Knowledge of cybersecurity threat characteristics 40
K0685 Knowledge of access control principles and practices 21
K0686 Knowledge of authentication and authorization tools and techniques 21
K0694 Knowledge of computer algorithm capabilities and applications 5
K0698 Knowledge of cryptographic key management principles and practices 10
K0707 Knowledge of database systems and software 9
K0710 Knowledge of enterprise cybersecurity architecture principles and practices 20
K0711 Knowledge of evaluation and validation principles and practices 7
K0712 Knowledge of Local Area Networks (LAN) 6
K0713 Knowledge of Wide Area Networks (WAN) 6
K0714 Knowledge of electrical engineering principles and practices 3
K0715 Knowledge of resiliency and redundancy principles and practices 2
K0716 Knowledge of host access control (HAC) systems and software 10
K0717 Knowledge of network access control (NAC) systems and software 10
K0719 Knowledge of human-computer interaction (HCI) principles and practices 4
K0721 Knowledge of risk management principles and practices 19
K0722 Knowledge of software development principles and practices 3
K0728 Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices 20
K0729 Knowledge of non-repudiation principles and practices 20
K0730 Knowledge of cyber safety principles and practices 20
K0731 Knowledge of systems security engineering (SSE) principles and practices 13
K0736 Knowledge of information technology (IT) security principles and practices 18
K0737 Knowledge of bandwidth management tools and techniques 5
K0739 Knowledge of mathematics principles and practices 7
K0742 Knowledge of identity and access management (IAM) principles and practices 10
K0744 Knowledge of operating system (OS) systems and software 16
K0745 Knowledge of parallel and distributed computing principles and practices 5
K0746 Knowledge of policy-based access controls 15
K0747 Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC) 15
K0748 Knowledge of Privacy Impact Assessment (PIA) principles and practices 5
K0749 Knowledge of process engineering principles and practices 13
K0751 Knowledge of system threats 40
K0752 Knowledge of system vulnerabilities 40
K0755 Knowledge of configuration management (CM) tools and techniques 4
K0756 Knowledge of security management principles and practices 6
K0757 Knowledge of system design tools and techniques 8
K0758 Knowledge of server administration principles and practices 13
K0759 Knowledge of client and server architecture 16
K0764 Knowledge of software development models and frameworks 3
K0765 Knowledge of software engineering principles and practices 15
K0767 Knowledge of structured analysis principles and practices 5
K0768 Knowledge of automated systems analysis tools and techniques 5
K0769 Knowledge of system design standards and best practices 4
K0771 Knowledge of system life cycle management principles and practices 9
K0772 Knowledge of systems testing and evaluation tools and techniques 7
K0773 Knowledge of telecommunications principles and practices 14
K0778 Knowledge of enterprise information technology (IT) architecture principles and practices 20
K0779 Knowledge of systems engineering processes 14
K0791 Knowledge of defense-in-depth principles and practices 19
K0803 Knowledge of supply chain risk management principles and practices 17
K0813 Knowledge of interpreted and compiled programming language characteristics 7
K0814 Knowledge of secure coding tools and techniques 6
K0820 Knowledge of supply chain risks 18
K0828 Knowledge of supply chain risk management standards and best practices 16
K0838 Knowledge of supply chain risk management policies and procedures 13
K0839 Knowledge of critical infrastructure systems and software 13
K0840 Knowledge of hardware reverse engineering tools and techniques 15
K0842 Knowledge of software reverse engineering tools and techniques 15
K0846 Knowledge of secure software deployment principles and practices 3
K0847 Knowledge of secure software deployment tools and techniques 3
K0848 Knowledge of network systems management principles and practices 8
K0849 Knowledge of network systems management tools and techniques 8
K0851 Knowledge of reverse engineering principles and practices 15
K0859 Knowledge of encryption tools and techniques 13
K0865 Knowledge of data classification standards and best practices 18
K0866 Knowledge of data classification tools and techniques 18
K0870 Knowledge of enterprise architecture (EA) reference models and frameworks 20
K0871 Knowledge of enterprise architecture (EA) principles and practices 20
K0872 Knowledge of service management principles and practices 11
K0873 Knowledge of service management standards and best practices 11
K0877 Knowledge of application firewall principles and practices 12
K0878 Knowledge of network firewall principles and practices 12
K0879 Knowledge of industry cybersecurity models and frameworks 9
K0880 Knowledge of access control models and frameworks 9
K0891 Knowledge of the Open Systems Interconnect (OSI) reference model 13
K0915 Knowledge of network architecture principles and practices 21
K0917 Knowledge of Personally Identifiable Information (PII) data security standards and best practices 15
K0918 Knowledge of Payment Card Industry (PCI) data security standards and best practices 16
K0919 Knowledge of Personal Health Information (PHI) data security standards and best practices 16
K0922 Knowledge of the acquisition life cycle models and frameworks 7
K0928 Knowledge of systems engineering principles and practices 13
K0934 Knowledge of data classification policies and procedures 18
K0937 Knowledge of countermeasure design principles and practices 3
K0942 Knowledge of cryptology principles and practices 10
K0947 Knowledge of computer engineering principles and practices 14
K0948 Knowledge of embedded systems and software 9
K0952 Knowledge of information theory principles and practices 5
K0983 Knowledge of computer networking principles and practices 39
K1014 Knowledge of network security principles and practices 40
K1063 Knowledge of operation assessment processes 2
K1080 Knowledge of secure software update principles and practices 2
K1081 Knowledge of secure firmware update principles and practices 2
K1088 Knowledge of knowledge management tools and techniques 6
K1100 Knowledge of analytical tools and techniques 4
K1111 Knowledge of application security design principles and practices 4
K1119 Knowledge of component and interface specifications 1
K1120 Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices 5
K1148 Knowledge of data manipulation principles and practices 3
K1149 Knowledge of data retrieval principles and practices 3
K1150 Knowledge of data storage principles and practices 3
K1158 Knowledge of evaluation and validation requirements 1
K1164 Knowledge of hardware design principles and practices 1
K1194 Knowledge of Personally Identifiable Information (PII) attributes 4
K1212 Knowledge of security controls 4
K1235 Knowledge of user needs and requirements 1
Code Description Work Roles
S0141 Skill in assessing security systems designs 5
S0172 Skill in applying secure coding techniques 6
S0383 Skill in analyzing an organization's enterprise information technology architecture 3
S0385 Skill in communicating complex concepts 9
S0391 Skill in creating technical documentation 7
S0409 Skill in deriving evaluative conclusions from data 3
S0418 Skill in applying secure network architectures 2
S0419 Skill in designing systems 2
S0423 Skill in analyzing processes to ensure conformance with procedural requirements 6
S0428 Skill in designing architectures 2
S0429 Skill in designing frameworks 2
S0430 Skill in collaborating with others 9
S0462 Skill in integrating information security requirements in the acquisitions process 7
S0463 Skill in implementing software quality control processes 7
S0465 Skill in identifying critical infrastructure systems 10
S0466 Skill in identifying systems designed without security considerations 10
S0532 Skill in analyzing software configurations 4
S0543 Skill in scanning for vulnerabilities 12
S0544 Skill in recognizing vulnerabilities 13
S0569 Skill in designing security controls 4
S0570 Skill in designing the integration of hardware solutions 4
S0571 Skill in designing the integration of software solutions 4
S0574 Skill in developing security system controls 11
S0578 Skill in evaluating security designs 9
S0619 Skill in auditing technical systems 3
S0655 Skill in designing secure test plans 5
S0664 Skill in applying policies that meet system security objectives 2
S0674 Skill in installing system and component upgrades 6
S0675 Skill in optimizing system performance 10
S0681 Skill in performing design modeling 2
S0686 Skill in performing risk assessments 12
S0744 Skill in performing technical writing 6
S0788 Skill in orchestrating planning teams 2
S0789 Skill in coordinating collection support 2
S0790 Skill in monitoring status 2
S0824 Skill in communicating with customers 2
S0861 Skill in performing gap analysis 1
S0878 Skill in performing risk analysis 9
S0893 Skill in performing user needs analysis 3
S0899 Skill in testing interfaces 1