OM-ANA-001 Systems Security Analyst

Provides the support, administration, and maintenance necessary to ensure effective and efficient information technology (IT) system performance and security.

Studies an organization's current computer systems and procedures, and designs information systems solutions to help the organization operate more securely, efficiently, and effectively. Brings business and information technology (IT) together by understanding the needs and limitations of both.

Responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.

Knowledges 46

Code	Description	Work Roles
K0001	Knowledge of computer networking concepts and protocols, and network security methodologies.	52
K0002	Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).	52
K0003	Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.	52
K0004	Knowledge of cybersecurity and privacy principles.	52
K0005	Knowledge of cyber threats and vulnerabilities.	52
K0006	Knowledge of specific operational impacts of cybersecurity lapses.	52
K0015	Knowledge of computer algorithms.	6
K0018	Knowledge of encryption algorithms	11
K0019	Knowledge of cryptography and cryptographic key management concepts	8
K0024	Knowledge of database systems.	7
K0035	Knowledge of installation, integration, and optimization of system components.	6
K0036	Knowledge of human-computer interaction principles.	12
K0040	Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).	5
K0044	Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).	14
K0049	Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).	8
K0052	Knowledge of mathematics (e.g. logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis).	6
K0056	Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).	11
K0060	Knowledge of operating systems.	13
K0061	Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).	11
K0063	Knowledge of parallel and distributed computing concepts.	6
K0075	Knowledge of security system design tools, methods, and techniques.	3
K0082	Knowledge of software engineering.	7
K0093	Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).	8
K0102	Knowledge of the systems engineering process.	7
K0179	Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).	19
K0180	Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.	9
K0200	Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).	11
K0203	Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).	10
K0227	Knowledge of various types of computer architectures.	4
K0260	Knowledge of Personally Identifiable Information (PII) data security standards.	16
K0261	Knowledge of Payment Card Industry (PCI) data security standards.	17
K0262	Knowledge of Personal Health Information (PHI) data security standards.	17
K0263	Knowledge of information technology (IT) risk management policies, requirements, and procedures.	3
K0266	Knowledge of how to evaluate the trustworthiness of the supplier and/or product.	1
K0267	Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.	8
K0275	Knowledge of configuration management techniques.	3
K0276	Knowledge of security management.	3
K0281	Knowledge of information technology (IT) service catalogues.	1
K0284	Knowledge of developing and applying user credential management system.	1
K0285	Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption.	2
K0287	Knowledge of an organization's information classification program and procedures for information compromise.	18
K0290	Knowledge of systems security testing and evaluation methods.	2
K0297	Knowledge of countermeasure design for identified security risks.	4
K0322	Knowledge of embedded systems.	10
K0333	Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.	6
K0339	Knowledge of how to use network analysis tools to identify vulnerabilities.	2

Skills 9

Code	Description	Work Roles
S0024	Skill in designing the integration of hardware and software solutions.	5
S0027	Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.	7
S0031	Skill in developing and applying security system access controls.	5
S0036	Skill in evaluating the adequacy of security designs.	4
S0060	Skill in writing code in a currently supported programming language (e.g., Java, C++).	7
S0141	Skill in assessing security systems designs.	2
S0147	Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).	3
S0167	Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).	2
S0367	Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).	14

Abilities 2

Code	Description	Work Roles
A0015	Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.	8
A0123	Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).	15

Tasks 31

Code	Description	Work Roles
T0309	Assess the effectiveness of security controls.	2
T0344	Assess all the configuration management (change configuration/release management) processes.	2
T0462	Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements.	1
T0469	Analyze and report organizational security posture trends.	2
T0470	Analyze and report system security posture trends.	2
T0475	Assess adequate access controls based on principles of least privilege and need-to-know.	2
T0477	Ensure the execution of disaster recovery and continuity of operations.	1
T0485	Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.	1
T0489	Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.	1
T0492	Ensure the integration and implementation of Cross-Domain Solutions (CDS) in a secure environment.	1
T0499	Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.	1
T0504	Assess and monitor cybersecurity related to system implementation and testing practices.	2
T0508	Verify minimum security requirements are in place for all applications.	1
T0526	Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.	2
T0545	Work with stakeholders to resolve computer security incidents and vulnerability compliance.	2
T0548	Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.	2
T0015	Apply security policies to applications that interface with one another, such as Business-to-Business (B2B) applications.	2
T0016	Apply security policies to meet security objectives of the system.	1
T0017	Apply service-oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements.	1
T0085	Ensure all systems security operations and maintenance activities are properly documented and updated as necessary.	1
T0086	Ensure that the application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment.	1
T0088	Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.	2
T0123	Implement specific cybersecurity countermeasures for systems and/or applications.	1
T0128	Integrate automated capabilities for updating or patching system software where practical and develop processes and procedures for manual updating and patching of system software based on current and projected patch timeline requirements for the operational environment of the system.	1
T0169	Perform cybersecurity testing of developed applications and/or systems.	1
T0177	Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.	3
T0187	Plan and recommend modifications or adjustments based on exercise results or system environment.	2
T0194	Properly document all systems security implementation, operations, and maintenance activities and update as necessary.	1
T0202	Provide cybersecurity guidance to leadership.	1
T0205	Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).	6
T0243	Verify and update security documentation reflecting the application/system security design features.	2