SP-TST-001 System Testing and Evaluation Specialist

Conceptualizes, designs, procures, and/or builds secure information technology (IT) systems, with responsibility for aspects of system and/or network development.

Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.

Plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.

Knowledges 28

Code	Description	Work Roles
K0001	Knowledge of computer networking concepts and protocols, and network security methodologies.	52
K0002	Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).	52
K0003	Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.	52
K0004	Knowledge of cybersecurity and privacy principles.	52
K0005	Knowledge of cyber threats and vulnerabilities.	52
K0006	Knowledge of specific operational impacts of cybersecurity lapses.	52
K0027	Knowledge of organization's enterprise information security architecture.	9
K0028	Knowledge of organization's evaluation and validation requirements.	8
K0037	Knowledge of Security Assessment and Authorization process.	5
K0044	Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).	14
K0057	Knowledge of network hardware devices and functions.	2
K0088	Knowledge of systems administration concepts.	3
K0091	Knowledge of systems testing and evaluation methods.	6
K0102	Knowledge of the systems engineering process.	7
K0139	Knowledge of interpreted and compiled computer languages.	8
K0126	Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)	14
K0169	Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.	14
K0170	Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.	12
K0179	Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).	19
K0199	Knowledge of security architecture concepts and enterprise architecture reference models (e.g., Zachman, Federal Enterprise Architecture [FEA]).	6
K0203	Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).	10
K0212	Knowledge of cybersecurity-enabled software products.	4
K0250	Knowledge of Test & Evaluation processes for learners.	3
K0260	Knowledge of Personally Identifiable Information (PII) data security standards.	16
K0261	Knowledge of Payment Card Industry (PCI) data security standards.	17
K0262	Knowledge of Personal Health Information (PHI) data security standards.	17
K0287	Knowledge of an organization's information classification program and procedures for information compromise.	18
K0332	Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.	14

Skills 15

Code	Description	Work Roles
S0015	Skill in conducting test events.	1
S0021	Skill in designing a data analysis structure (i.e., the types of data a test must generate and how to analyze that data).	1
S0026	Skill in determining an appropriate level of test rigor for a given system.	1
S0030	Skill in developing operations-based testing scenarios.	1
S0048	Skill in systems integration testing.	1
S0060	Skill in writing code in a currently supported programming language (e.g., Java, C++).	7
S0061	Skill in writing test plans.	2
S0082	Skill in evaluating test plans for applicability and completeness.	1
S0104	Skill in conducting Test Readiness Reviews.	1
S0107	Skill in designing and documenting overall program Test & Evaluation strategies.	1
S0110	Skill in identifying Test & Evaluation infrastructure (people, ranges, tools, instrumentation) requirements.	2
S0112	Skill in managing test assets, test resources, and test personnel to ensure effective completion of test events.	2
S0115	Skill in preparing Test & Evaluation reports.	2
S0117	Skill in providing Test & Evaluation resource estimate.	1
S0367	Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).	14

Abilities 4

Code	Description	Work Roles
A0026	Ability to analyze test data.	3
A0030	Ability to collect, verify, and validate test data.	2
A0040	Ability to translate data and test results into evaluative conclusions.	3
A0123	Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).	15

Tasks 13

Code	Description	Work Roles
T0274	Create auditable evidence of security measures.	1
T0393	Validate specifications and requirements for testability.	1
T0426	Analyze the results of software, hardware, or interoperability testing.	1
T0511	Perform developmental testing on systems under development.	1
T0512	Perform interoperability testing on systems exchanging electronic information with other systems.	1
T0513	Perform operational testing.	1
T0539	Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements.	1
T0540	Record and manage test data.	1
T0058	Determine level of assurance of developed capabilities based on test results.	1
T0080	Develop test plans to address specifications and requirements.	1
T0125	Install and maintain network infrastructure device operating system software (e.g., IOS, firmware).	3
T0143	Make recommendations based on test results.	1
T0257	Determine scope, infrastructure, resources, and data sample size to ensure system requirements are adequately demonstrated.	1