IO-WRL-006
Systems Security Analysis OPM Code: 461

Provides implementation, administration, configuration, operation, and maintenance to ensure effective and efficient technology system performance and security.

Responsible for developing and analyzing the integration, testing, operations, and maintenance of systems security. Prepares, performs, and manages the security aspects of implementing and operating a system.

Code Description Work Roles
T0309 Assess the effectiveness of security controls 2
T1020 Determine the operational and safety impacts of cybersecurity lapses 37
T1023 Identify critical technology procurement requirements 11
T1075 Implement application cybersecurity policies 2
T1076 Implement system cybersecurity policies 1
T1077 Assess the organization's cybersecurity architecture 3
T1172 Determine if systems security operations and maintenance activities are property documented and updated 1
T1173 Determine that the application of security patches for commercial products meets timeline requirements 1
T1174 Document commercial product timeline requirements dictated by the management authority for intended operational environments 1
T1176 Determine if cybersecurity-enabled products reduce identified risk to acceptable levels 2
T1177 Determine if security control technologies reduce identified risk to acceptable levels 2
T1212 Implement cybersecurity countermeasures for systems and applications 1
T1218 Integrate automated capabilities for updating or patching system software 1
T1219 Develop processes and procedures for manual updating and patching of system software 1
T1255 Perform cybersecurity testing of developed applications and systems 2
T1263 Perform security reviews 3
T1264 Identify gaps in security architecture 3
T1265 Develop a cybersecurity risk management plan 3
T1278 Recommend system modifications 2
T1287 Document systems security activities 1
T1294 Advise on Risk Management Framework process activities and documentation 5
T1327 Update security documentation to reflect current application and system security design features 2
T1437 Determine effectiveness of configuration management processes 2
T1522 Determine if systems meet minimum security requirements 2
T1532 Develop procedures for system operations transfer to alternate sites 1
T1533 Test failover for system operations transfer to alternative sites 1
T1539 Analyze organizational cybersecurity posture trends 2
T1540 Develop organizational cybersecurity posture trend reports 2
T1541 Develop system security posture trend reports 2
T1548 Determine adequacy of access controls 2
T1550 Execute disaster recovery and continuity of operations processes 1
T1557 Implement security measures for systems and system components 1
T1559 Resolve vulnerabilities in systems and system components 1
T1560 Mitigate risks in systems and system components 1
T1563 Implement system security measures 4
T1568 Implement cross-domain solutions 1
T1574 Develop risk acceptance documentation for senior leaders and authorized representatives 1
T1583 Determine effectiveness of system implementation and testing processes 5
T1584 Establish minimum security requirements for applications 2
T1585 Determine if applications meet minimum security requirements 2
T1603 Recommend threat and vulnerability risk mitigation strategies 2
T1615 Advise stakeholders on vulnerability compliance 2
T1616 Resolve computer security incidents 2
T1618 Advise stakeholders on disaster recovery, contingency, and continuity of operations plans 2
Code Description Work Roles
K0018 Knowledge of encryption algorithms 10
K0674 Knowledge of computer networking protocols 40
K0675 Knowledge of risk management processes 41
K0676 Knowledge of cybersecurity laws and regulations 41
K0677 Knowledge of cybersecurity policies and procedures 41
K0678 Knowledge of privacy laws and regulations 41
K0679 Knowledge of privacy policies and procedures 41
K0680 Knowledge of cybersecurity principles and practices 40
K0681 Knowledge of privacy principles and practices 40
K0682 Knowledge of cybersecurity threats 40
K0683 Knowledge of cybersecurity vulnerabilities 40
K0684 Knowledge of cybersecurity threat characteristics 40
K0685 Knowledge of access control principles and practices 21
K0686 Knowledge of authentication and authorization tools and techniques 21
K0694 Knowledge of computer algorithm capabilities and applications 5
K0698 Knowledge of cryptographic key management principles and practices 10
K0707 Knowledge of database systems and software 9
K0710 Knowledge of enterprise cybersecurity architecture principles and practices 20
K0719 Knowledge of human-computer interaction (HCI) principles and practices 4
K0721 Knowledge of risk management principles and practices 19
K0723 Knowledge of vulnerability data sources 5
K0728 Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices 20
K0729 Knowledge of non-repudiation principles and practices 20
K0730 Knowledge of cyber safety principles and practices 20
K0731 Knowledge of systems security engineering (SSE) principles and practices 13
K0734 Knowledge of Risk Management Framework (RMF) requirements 14
K0735 Knowledge of risk management models and frameworks 13
K0736 Knowledge of information technology (IT) security principles and practices 18
K0739 Knowledge of mathematics principles and practices 7
K0742 Knowledge of identity and access management (IAM) principles and practices 10
K0744 Knowledge of operating system (OS) systems and software 16
K0745 Knowledge of parallel and distributed computing principles and practices 5
K0749 Knowledge of process engineering principles and practices 13
K0751 Knowledge of system threats 40
K0752 Knowledge of system vulnerabilities 40
K0756 Knowledge of security management principles and practices 6
K0757 Knowledge of system design tools and techniques 8
K0758 Knowledge of server administration principles and practices 13
K0759 Knowledge of client and server architecture 16
K0765 Knowledge of software engineering principles and practices 15
K0772 Knowledge of systems testing and evaluation tools and techniques 7
K0773 Knowledge of telecommunications principles and practices 14
K0778 Knowledge of enterprise information technology (IT) architecture principles and practices 20
K0779 Knowledge of systems engineering processes 14
K0791 Knowledge of defense-in-depth principles and practices 19
K0803 Knowledge of supply chain risk management principles and practices 17
K0820 Knowledge of supply chain risks 18
K0828 Knowledge of supply chain risk management standards and best practices 16
K0834 Knowledge of technology procurement principles and practices 11
K0840 Knowledge of hardware reverse engineering tools and techniques 15
K0842 Knowledge of software reverse engineering tools and techniques 15
K0848 Knowledge of network systems management principles and practices 8
K0849 Knowledge of network systems management tools and techniques 8
K0851 Knowledge of reverse engineering principles and practices 15
K0859 Knowledge of encryption tools and techniques 13
K0865 Knowledge of data classification standards and best practices 18
K0866 Knowledge of data classification tools and techniques 18
K0870 Knowledge of enterprise architecture (EA) reference models and frameworks 20
K0871 Knowledge of enterprise architecture (EA) principles and practices 20
K0872 Knowledge of service management principles and practices 11
K0873 Knowledge of service management standards and best practices 11
K0877 Knowledge of application firewall principles and practices 12
K0878 Knowledge of network firewall principles and practices 12
K0879 Knowledge of industry cybersecurity models and frameworks 9
K0880 Knowledge of access control models and frameworks 9
K0894 Knowledge of computer architecture principles and practices 4
K0915 Knowledge of network architecture principles and practices 21
K0917 Knowledge of Personally Identifiable Information (PII) data security standards and best practices 15
K0918 Knowledge of Payment Card Industry (PCI) data security standards and best practices 16
K0919 Knowledge of Personal Health Information (PHI) data security standards and best practices 16
K0920 Knowledge of risk management policies and procedures 7
K0924 Knowledge of network analysis tools and techniques 7
K0927 Knowledge of configuration management tools and techniques 3
K0928 Knowledge of systems engineering principles and practices 13
K0930 Knowledge of credential management systems and software 1
K0931 Knowledge of data-at-rest encryption (DAR) standards and best practices 2
K0932 Knowledge of cryptographic key storage systems and software 2
K0934 Knowledge of data classification policies and procedures 18
K0937 Knowledge of countermeasure design principles and practices 3
K0942 Knowledge of cryptology principles and practices 10
K0947 Knowledge of computer engineering principles and practices 14
K0948 Knowledge of embedded systems and software 9
K0983 Knowledge of computer networking principles and practices 39
K1014 Knowledge of network security principles and practices 40
K1050 Knowledge of critical information requirements 8
K1120 Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices 5
K1216 Knowledge of service-oriented security architecture practices and principles 3
K1222 Knowledge of system availability requirements 1
Code Description Work Roles
S0141 Skill in assessing security systems designs 5
S0479 Skill in evaluating supplier trustworthiness 6
S0480 Skill in evaluating product trustworthiness 1
S0483 Skill in identifying software communications vulnerabilities 7
S0484 Skill in developing user credential management systems 1
S0485 Skill in implementing user credential management systems 1
S0486 Skill in implementing enterprise key escrow systems 2
S0543 Skill in scanning for vulnerabilities 12
S0544 Skill in recognizing vulnerabilities 13
S0570 Skill in designing the integration of hardware solutions 4
S0571 Skill in designing the integration of software solutions 4
S0574 Skill in developing security system controls 11
S0578 Skill in evaluating security designs 9
S0597 Skill in writing code in a currently supported programming language 7
S0667 Skill in assessing security controls 3
S0674 Skill in installing system and component upgrades 6
S0675 Skill in optimizing system performance 10
S0688 Skill in performing network data analysis 7