Issuu on Google+


CONTENTS Securely Provision ///////////////////////////////////// 5 Information Assurance Compliance /////////////////////////6 Software Assurance & Security Engineering ////////////////// 8 Systems Security Architecture //////////////////////////// 10 Technology Research & Development ////////////////////// 12 Systems Requirements Planning ////////////////////////// 14 Test & Evaluation ///////////////////////////////////// 16 Systems Development ////////////////////////////////// 18

Operate & Maintain ///////////////////////////////////// 21 Data Administration /////////////////////////////////// 22 Knowledge Management /////////////////////////////// 24 Customer Service & Technical Support ///////////////////// 26 Network Services ///////////////////////////////////// 28 System Administration ///////////////////////////////// 30 System Security Analysis //////////////////////////////// 32

Protect & Defend ////////////////////////////////////// 35 Computer Network Defense (CND) Analysis ///////////////// 36 Incident Response ///////////////////////////////////// 38 Computer Network Defense (CND) Infrastructure Support /////// 40 Vulnerability Assessment & Management /////////////////// 42

2 / INSA Cyber Jobs for America


Investigate ////////////////////////////////////////////////////////// 45 Digital Forensics ///////////////////////////////////////////////////// 46 Investigation //////////////////////////////////////////////////////// 48

Oversight & Development /////////////////////////////////////////////// 51 Legal Advice & Advocacy ///////////////////////////////////////////// 52 Strategic Planning & Policy Development ////////////////////////////////// 54 Education & Training ///////////////////////////////////////////////// 56 Information Systems Security Operations ////////////////////////////////// 58 Security Program Management ///////////////////////////////////////// 60

Analyze ///////////////////////////////////////////////////////////// 63 Threat Analysis ///////////////////////////////////////////////////// 64 Exploitation Analysis ///////////////////////////////////////////////// 65 All Source Intelligence //////////////////////////////////////////////// 66 Targets //////////////////////////////////////////////////////////// 67

Collect & Operate //////////////////////////////////////////////////// 69 Collection Operations //////////////////////////////////////////////// 70 Cyber Operations Planning //////////////////////////////////////////// 71 Cyber Operations /////////////////////////////////////////////////// 72

INSA Cyber Jobs for America / 3


4 / INSA Cyber Jobs for America


Securely Provision Information Assurance Compliance //////////////////////6 Software Assurance & Security Engineering /////////////// 8 Systems Security Architecture /////////////////////////10 Technology Research & Development ///////////////////12 Systems Requirements Planning ////////////////////////14 Test & Evaluation //////////////////////////////////16 Systems Development ///////////////////////////////18

INSA Cyber Jobs for America / 5


Information Assurance Compliance Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new information technology (IT) systems meet the organization’s information assurance (IA) and security requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Ensures that members of an organization comply with the organization’s information assurance requirements and standards. Once an organization’s information security policies are established, those working in Information Assurance Compliance monitor that the policies are being followed. They develop the methods to monitor and measure compliance and evaluate the compliance results of this monitoring. They compare the results of the monitoring with expected results to identify holes in compliance and strategize ways to correct any lapses in compliance. They draft statements of residual security risks to an organization’s information and can recommend new or revised security measures based on the results of compliance reviews. They are also responsible for the management and review of information system accreditation and certifications.

Knowledge & Skills • Knowledge of information assurance principles and organizational requirements • Knowledge of industry methods for evaluating, monitoring, and disseminating • Knowledge of new and emerging IT and information security technologies • Knowledge of systems diagnostic tools • Knowledge of network security architecture concepts, components, and principles • Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance • Skill in evaluating the trustworthiness of the supplier or product

6 / INSA Cyber Jobs for America


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Computer Science

• Information Assurance

• Engineering

• Information Technology

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 7


Software Assurance & Security Engineering (Formerly Software Engineering)

Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assurance best practices. Software engineers design and create computer applications and software. When designing a program or application, they consider the customer’s needs, the timeline for the project, the budget of the project, security concerns, the hardware interface, and the software requirements in order to develop a plan for the project’s creation. A software engineer specializing in assurance and security captures security controls used during the requirements phase to integrate security throughout the entire process. They identify key security objectives specific to the customer or the project and maximize software security while minimizing disruption to the functionality of the software or to the development schedule. After the initial design stage, a software engineer begins to write the code for the application/software. Software engineers test the application/software during the creation process and revise it accordingly, keeping a log of comments so that others can understand the changes made. They continue to conduct trial runs of the application/software to ensure it meets the customer’s needs and operates correctly before handing it over to the customer. Software engineers often consult with their customers about the maintenance of programs in addition to performing updates to programs already in existence.

Knowledge & Skills • Knowledge of computer programming principles • Knowledge of software engineering and software development models • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems • Skill in developing and applying security system access controls • Skill in discerning protection needs of information systems and networks • Skill in designing countermeasures to identified security risks

8 / INSA Cyber Jobs for America


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 9


Systems Security Architecture (Formerly Enterprise Architecture)

Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs. An Enterprise architect analyzes the strategy and needs of an organization and defines the IT architecture to support the strategy. They must be able to understand the business/mission strategy of an organization while also being highly technical in order to implement a systems architecture. They must also identify the protection/security needs for the network and its architecture and be able to develop information assurance designs for the architecture with multilevel security requirements. They use their technical knowledge to collaborate with IT personnel to select appropriate solutions that are compatible with current system components and that are in line with an organization’s strategy. They are required to prioritize IT programs according to the company’s need in an attempt to increase the success rate of programs directly related to an organization’s strategy. This prioritization is also important in the event of a system failure and restoration, to ensure that the most important programs are functional quickly. They must also evaluate current or emerging technologies for their organization’s use, while considering cost, compatibility, usability, and security.

Knowledge & Skills • Knowledge of the Security Assessment and Authorization process • Knowledge of how system components are installed, integrated, and optimized • Knowledge of cryptology and encryption algorithms • Knowledge of risk management processes, including steps and methods for assessing risk • Knowledge of network access, identity, and access management • Knowledge of network security architecture concepts and how a security system should work • Skill in designing the integration of hardware and software solutions • Skill in discerning the protection needs of information systems and networks

10 / INSA Cyber Jobs for America


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 11


Technology Research & Development (Formerly Technology Demonstration)

Conducts technology assessment and integration processes; provides and supports a prototype capability and/or evaluates its utility. Those working in this field are tasked with determining whether certain technologies are free of vulnerabilities, meet customer needs, and are meeting capability standards. They research current and available technologies to understand the capabilities of systems and use this understanding to establish standards which the technology they are testing is required to meet. After the research stage, they design and develop new tools and technologies to address the recognized needs. They troubleshoot prototype design and performance issues throughout the design, development, and launch phases. They conduct analysis and utilize reverse engineering tools to identify performance shortfalls or vulnerabilities in the technology. They use this information to find opportunities for new capability development to exploit or mitigate vulnerabilities.

Knowledge & Skills • Knowledge of capabilities and applications of network equipment (e.g., hubs, routers, switches, and other hardware) • Knowledge of penetration testing principles, tools, and techniques • Knowledge of technology integration process • Ability to read, interpret, write, modify, and execute simple scripts • Knowledge of network security architecture concepts, including topology, protocols, components, and principles • Skill in conducting vulnerability scans and recognizing vulnerabilities • Skill in applying and incorporating information technologies into proposed solution • Skill in writing code in a modern programming language that is compatible with legacy code

12 / INSA Cyber Jobs for America


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

• Information Systems

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 13


Systems Requirements Planning Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs. Those working in systems requirement planning translate customer needs into a technical solution. They consult with customers to determine the security requirements of IT projects and what they will be used for; they then recommend a system to meet these needs. In doing so, the planner must develop a cost estimate and a feasibility study for developing and integrating a new system within the customer’s budget. After recommending a solution, they must often coordinate with systems architects and developers to oversee the development of the technical solution to ensure that customer requirements will be met and to manage any problems encountered. After a solution is completed, they may make recommendations regarding the solution’s configuration and future management.

Knowledge & Skills • Knowledge of capabilities and requirements analysis • Knowledge of system software and system design • Knowledge of computer networking fundamentals, protocols, directory services, and design processes • Knowledge of cryptology and encryption algorithms • Knowledge of information assurance (IA) principles used to manage risks • Knowledge of information assurance (IA) principles and organizational requirements relevant to confidentiality, integrity, availability, authentication, and nonrepudiation

• Knowledge of fault tolerance and the Security Assessment and Authorization (SA&A) process • Knowledge of information security systems engineering principles • Knowledge of information technology (IT) architectural concepts and frameworks, parallel and distributed computing concepts • Knowledge of network access, identity, and access management • Knowledge of process and systems engineering • Knowledge of risk management process, policies, requirements, and procedures

• Knowledge of security management • Knowledge of critical information technology (IT) procurement requirements and skill in evaluating trustworthiness of supplier and/or product • Knowledge of applicable laws, U.S. statutes, presidential directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed • Skill in applying system analysis, testing, and evaluation methods • Skill in the use of design modeling


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Cyber Security

• Computer Science

• Law

• Computer Engineering

• Public Policy/Administration

• Information Technology

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 15


Test & Evaluation Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for costeffective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating information technology (IT). These practitioners design tests and evaluations to determine whether program specifications and requirements are meeting expectations. When designing tests they must determine the scope, sample size, and methodology of the test to ensure they are getting a realistic measurement of system effectiveness without hindering normal system operations. They must run a variety of tests to measure differing aspects of the network and IT infrastructure. These tests include: developmental testing on systems being currently developed, conformance testing to assess whether a system complies with its own specifications and standards, interoperability testing for systems exchanging information with other systems outside the organization, operational testing to evaluate systems in the operational environment, and validation testing to ensure that requirements meet proposed specifications. Through these tests and others, they attempt to ensure that all programs and systems meet the standards for each specification when considering performance, interoperability, cost-efficiency, and security. The results of all testing are then evaluated to determine the level of compliance and how to best increase performance.

Knowledge & Skills • Knowledge of computer networking fundamentals, protocols, and directory services • Knowledge of organization’s information security architecture system • Knowledge of the Security Assessment and Authorization (SA&A) process. • Knowledge of information assurance (IA) principles and organizational requirements • Knowledge of interpreted and compiled computer languages

• Knowledge of network security concepts • Knowledge of Personally Identifiable Information (PII) and Payment Card Industry (PCI) data security standards • Knowledge of information technology (IT) supply chain security/risk management policies, requirements, and procedures • Skill in conducting test events including test rigor for a given system, operations-based scenarios, systems integration, and writing and evaluation test plans


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 17


Systems Development Works on the development phases of the systems development lifecycle. Systems developers take an organization’s system requirements, create a design of the system, and then convert the design into a complete information system. They assess the uses that will be required by the organization and the threats faced to design a system. They design, build, and test product prototypes using working or theoretical models to ensure that the system will meet requirements and to minimize issues during the development phase. During the development phase, they develop system components, databases, test files, and disaster recovery procedures. Systems developers implement security designs for new systems and incorporate information assurance solutions into the system. System developers also provide guidelines and input for the implementation of developed systems to customers to ensure proper integration and interoperability with the existing architecture and systems.

Knowledge & Skills • Knowledge of network access, identity, and access management • Knowledge of policy-based and risk adaptive access controls • Knowledge of computer and encryption algorithms • Knowledge of math including logarithms, trigonometry, linear algebra, calculus, and statistics • Knowledge of database systems • Knowledge of information assurance (IA) principles and organizational requirements • Knowledge of information technology (IT) principles and methods

18 / INSA Cyber Jobs for America

• Knowledge of network security architecture and concepts • Knowledge of local area network (LAN) and wide area network (WAN) principles and concepts • Knowledge of network design process including security objectives, operational objectives, and tradeoffs • Knowledge of system testing and evaluation methods • Knowledge of parallel and distributed computing concepts, process engineering concepts, software development models, and software engineering

• Knowledge of system design tools, methods and techniques, including automated systems analysis and design tools • Knowledge of interpreted and compiled computer languages • Skill in determining protection needs of information systems and networks • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems • Skill in designing security controls based on information assurance (IA) principles and tenets


SECURELY PROVISION Specialty areas responsible for conceptualizing, designing, and building secure information technology [IT] systems, i.e. responsible for some aspect of systems development

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 19


20 / INSA Cyber Jobs for America


Operate & Maintain Data Administration ////////////////////////////////22 Knowledge Management //////////////////////////// 24 Customer Service & Technical Support ////////////////// 26 Network Services ///////////////////////////////// 28 System Administration ////////////////////////////// 30 System Security Analysis //////////////////////////// 32

INSA Cyber Jobs for America / 21


Data Administration Develops and administers databases and/or data management systems that allow for the storage, query, and utilization of data. A career in data administration is centered on the need to manage an organization’s data systems and data architecture. Data administrators must determine their organization’s current and future data requirements concerning storage, access, and usage. They may be asked to provide recommendations on database technologies and solutions that best meet an organization’s data requirements. They must also have knowledge of query languages and data mining to ensure that data is not only searchable, but also usable according to the organization’s needs. Data administrators install and manage database systems including data mining, message delivery, and database management software. Data administrators are responsible for data backup and recovery in order to insuring data integrity. Data administration also may involve developing access controls to classifications of data to ensure that the user has authorization to access data.

Knowledge & Skills • Knowledge of data administration and data standardization policies and standards • Knowledge of data mining and warehousing principles • Knowledge of data backup, types of backup, and recovery concepts and tools • Knowledge of database management systems, query languages, table relationships, and views • Knowledge of query languages • Skill in developing data dictionaries and repositories • Skill in conducting queries and developing algorithms to analyze data structures • Skill in designing and maintaining databases

22 / INSA Cyber Jobs for America


OPERATE & MAINTAIN Specialty areas responsible for providing support, administration, and maintenance necessary to ensure effective and efficient information technology [IT] system performance and security

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 23


Knowledge Management Knowledge management is the process by which an organization manages its intellectual capital, which involves codifying information that the organization learns through employee, partner, or customer knowledge and lessons learned through their own past experience. Those working in knowledge management create and manage the processes by which an organization identifies, documents, and accesses this information. They develop procedures to collect this information from employees and other sources. They also develop or acquire a means to index, catalogue, and sort this information so that it can later easily accessed by users. This often includes testing and monitoring these knowledge management systems to ensure the proper collection and delivery of intellectual capital. They must also promote these systems within their organization by spreading employee awareness and developing the organization’s processes for knowledge sharing.

Knowledge & Skills • Ability to match the appropriate knowledge repository technology for a given application or environment • Knowledge of computer network defense and vulnerability assessment tools • Knowledge of methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures • Knowledge of the capabilities and functionality associated with various technologies for organizing and managing information • Knowledge of the principle methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence • Knowledge of Personally Identifiable Information (PII) and Payment Card Industry (PCI) data security standards • Skill in using knowledge management technologies

24 / INSA Cyber Jobs for America


OPERATE & MAINTAIN Specialty areas responsible for providing support, administration, and maintenance necessary to ensure effective and efficient information technology [IT] system performance and security

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Computer Science

• Cyber Security

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 25


Customer Service & Technical Support Addresses problems and installs and configures software and security measures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support). Someone working in technical support has a good knowledge of the software and hardware that system users interact with. They routinely interact with customers or other employees to diagnose technical problems being encountered and to troubleshoot that problem. Technical support installs and configures the hardware, software, and other secondary technical equipment for system users within an organization. They do this with the end-user requirements in mind while attempting to minimize any potential problems the end-user may face. They often manage user accounts, network rights, and access to systems and equipment. Due to their familiarity with the system and the issues routinely faced, they may be asked to make recommendations for possible improvements or upgrades.

Knowledge & Skills • Knowledge of “knowledge base” capabilities for identifying the solutions to complex system problems • Knowledge of disaster recovery and continuity of operations plans • Knowledge of the operations and processes for diagnosing common system problems • Knowledge of the type and frequency of maintenance needed to keep equipment functioning • Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals

26 / INSA Cyber Jobs for America


OPERATE & MAINTAIN Specialty areas responsible for providing support, administration, and maintenance necessary to ensure effective and efficient information technology [IT] system performance and security

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Computer Engineering

• Computer Science

• Information Technology

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 27


Network Services Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor systems) and software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems. Network services oversees and maintains all elements of a network. This includes installing and maintaining network infrastructure device operating system software. These individuals install, configure and optimize network hubs, routers, and switches. They implement new system design procedures, test procedures, and quality standards, along with developing network backup and recovery procedures. They can expand or modify network infrastructure to improve work flow or to serve new purposes. Network services tests and maintains network infrastructure (including software and hardware devices) and provides feedback on the network architecture and infrastructure requirements. They monitor network capacity, activity, and performance to ensure efficient operation. They patch network vulnerabilities discovered by this monitoring to ensure information is safeguarded against outside parties. They also diagnose and repair network connectivity problems.

Knowledge & Skills • Knowledge of communication methods, principles and concepts, that support network infrastructure • Knowledge of capabilities and applications of network equipment • Knowledge of information assurance (IA) principles used to manage risk and information technology (IT) security principles and methods

• Knowledge of network security architecture concepts • Skill in developing, testing, implementing network infrastructure contingency and recovery plans • Skill in establishing routing schema • Skill in implementing, maintaining, and improving established network security practices

• Knowledge of network protocols and domain services

• Skill in configuring and utilizing hardware-based computer protection components

• Knowledge of server administration and systems engineering theories, concepts, and methods

• Skill in securing network communications and protecting against malware

• Knowledge of the capabilities of different electronic communication systems

• Skill in utilizing network protection components

28 / INSA Cyber Jobs for America


OPERATE & MAINTAIN Specialty areas responsible for providing support, administration, and maintenance necessary to ensure effective and efficient information technology [IT] system performance and security

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Computer Engineering

• Computer Science

• Information Technology

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 29


System Administration Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Also manages accounts, firewalls, and patches. Responsible for access control, passwords, and account creation and administration. System administrators manage the access to and operation of a network or server. They install and configure server fixes, updates, and enhancements. They also plan and coordinate the installation of hardware, operating systems, software, and other network components. They monitor server availability, functionality, integrity, and efficiency. They manage user accounts, network rights, and access to systems and equipment. System administrators conduct periodic server maintenance, testing, and repairs to ensure continuing operability. They also provide ongoing optimization and problem-solving support.

Knowledge & Skills • Knowledge of IT security principles and methods • Knowledge of local area network (LAN) and wide area network (WAN) principles and concepts • Knowledge of network protocols and directory services • Knowledge of integrating server components • Knowledge of virtual private network security • Knowledge of virtualization technologies and virtual machine development and maintenance • Knowledge of network security architecture concepts • Knowledge of transmission methods and jamming techniques that enable transmissions of undesirable information, or prevent installed systems from operating correctly • Skill in correcting physical and technical problems, which impact server performance

30 / INSA Cyber Jobs for America


OPERATE & MAINTAIN Specialty areas responsible for providing support, administration, and maintenance necessary to ensure effective and efficient information technology [IT] system performance and security

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Computer Engineering

• Computer Science

• Information Technology

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 31


System Security Analysis Conducts the integration/testing, operations, and maintenance of systems security. A systems security analyst manages the elements of an organizations system security and applies the organization’s security policies to meet the security objectives of the system. They implement system security measures and information assurance countermeasures to resolve vulnerabilities and mitigate risks. They perform security reviews and information assurance testing to identify vulnerabilities. They then plan and recommend modifications or adjustments to correct any security deficiencies discovered during testing. Systems security analysts discover security trends within the organization and provide information assurance and security systems guidance to leadership.

Knowledge & Skills • Knowledge of cryptology and encryption algorithms • Knowledge of electrical engineering as applied to computer architecture • Knowledge of information assurance principles and organizational requirements • Knowledge of IT security principles and methods • Knowledge of mathematics including logarithms, trigonometry, linear algebra, calculus, and statistics • Knowledge of network design process, to include understanding of security objectives, operational objectives, and tradeoffs • Knowledge of security management

32 / INSA Cyber Jobs for America

• Knowledge of interpreted and compiled computer languages • Knowledge of relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure • Knowledge of network security architecture concepts • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems • Skill in designing countermeasures to identified security risks • Skill in developing and applying security system access controls


OPERATE & MAINTAIN Specialty areas responsible for providing support, administration, and maintenance necessary to ensure effective and efficient information technology [IT] system performance and security

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Computer Engineering

• Electrical Engineering

• Information Technology

• Mathematics

• Cyber Security

• Computer Science

• Law

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 33


34 / INSA Cyber Jobs for America


Protect & Defend Computer Network Defense (CND) Analysis ///////////// 36 Incident Response ///////////////////////////////// 38 Computer Network Defense (CND) Infrastructure Support /// 40 Vulnerability Assessment & Management //////////////// 42

INSA Cyber Jobs for America / 35


Computer Network Defense (CND) Analysis Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. Computer network defense analysts monitor and characterize network traffic to identify irregular activity and potential threats to the network. They document any incidents that may cause an impact on the network and provide daily summary reports. CND analysts use the information gathered to perform trend analysis and reporting in an attempt to distinguish threats from regular activity. They then analyze the identified malicious activity to determine the weakness exploited, the methods used, and the effect on the system. CND analysts also recommend a course of action based on their analysis. They may also reconstruct malicious activities and conduct tests of information assurance safeguards in place.

Knowledge & Skills • Knowledge of computer network defense and vulnerability assessment tools

• Knowledge of defense in depth principles and network security architecture

• Knowledge of cryptology and encryption methodologies

• Knowledge of Unix and Windows command line

• Knowledge of intrusion detections system (IDS) tools and applications • Knowledge of penetration testing principles, tools, and techniques • Knowledge of programming language structures and logic • Knowledge of information assurance (IA) principles and organization requirements • Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities • Knowledge of common adversary tactics, techniques, and procedures (TTPs)

36 / INSA Cyber Jobs for America

• Knowledge of different operational threat environments • Knowledge of basic system administration, network, and operating system hardening techniques • Knowledge of applicable laws, U.S. statutes, Presidential directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed • Knowledge of general attack stages • Skill in identifying common encoding techniques


PROTECT & DEFEND Specialty areas responsible for identification, analysis, and mitigation of threats to internal information technology [IT] systems or networks

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Engineering

• Information Technology

• Mathematics

• Cyber Security

• Computer Science

• Law

• Computer Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 37


Incident Response Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities. Incident responders act quickly to determine the scope, the level of urgency, and the potential impact of malicious activity. They perform the initial incident handling tasks to support Incident Response Teams. These tasks include initial forensic collections, activity tracking, and threat analysis. They use the information gathered to identify the vulnerability and make recommendations of possible mitigation or remediation. Incident responders track and document these incidents from the initial detection through the final resolution and generate a final incident report. They may also be required to serve as a technical expert and liaison to law enforcement personnel when involved.

Knowledge & Skills • Knowledge of data backup, types of backups, and recovery concepts and tools • Knowledge of incident categories, incident responses, and timeliness for responses • Knowledge of intrusion detection methodologies and techniques for detecting host and network based intrusions • Knowledge of network traffic analysis methods • Knowledge of system security threats and vulnerabilities • Knowledge of computer network defense (CND) policies, procedures, and regulations • Knowledge of different operational threat environments • Knowledge of network security architecture concepts • Skill in handling malware • Skill in preserving evidence integrity according to standard operating procedures or national standards • Skill in securing network communications

38 / INSA Cyber Jobs for America


PROTECT & DEFEND Specialty areas responsible for the identification, analysis, and mitigation of threats internal to IT systems or networks

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Mathematics

• Information Technology

• Cyber Security

• Management Information Systems

• Engineering

• Computer Science

• Statistics

• Information Security

• Technology Management

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 39


Computer Network Defens (CND) Infrastructure Supp Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense (CND) service provider network and resources. Monitors networks to actively remediate unauthorized activities. Infrastructure support for CND manages the hardware and software for the network. They test all new software, hardware, applications, and access controls to ensure functionality, interoperability, and security. After successful testing, it is implemented and deployed across the network to appropriate users by infrastructure support, who identifies any potential issues that may arise during implementation that would create vulnerabilities or access control issues. They perform system administration on CND applications and systems including installation, configuration, maintenance, and backup. Infrastructure support edits and manages changes to network access control lists on specialized CND systems and coordinates with CND analysts to manage or update rules and signatures for CND applications. They also assist in identifying, prioritizing, and coordinating the protection of CND infrastructure and other key resources in the event of a system restoration or attack.

Knowledge & Skills • Knowledge of data backup, types of backups, and recovery concepts and tools • Knowledge of host/network access controls • Knowledge of information assurance (IA) principles and organizational requirements • Knowledge of network traffic analysis methods • Knowledge of system and application security threats and vulnerabilities • Knowledge of types of Intrusion Detection System (IDS) hardware and software • Knowledge of Virtual Private Network (VPN) security • Knowledge of computer network defense (CND) policies, procedures, and regulations • Knowledge of Capabilities and Maturity Model Integration (CMMI) at all five levels • Skill in tuning sensors • Skill in protecting a network against malware 40 / INSA Cyber Jobs for America


PROTECT & DEFEND

se port

Specialty areas responsible for identification, analysis, and mitigation of threats to internal information technology [IT] systems or networks

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Information Security

• Information Technology

• Mathematics

• Management Information Systems

• Cyber Security

• Computer Science

• Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 41


Vulnerability Assessme & Management Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. Those working in vulnerability and management find vulnerabilities within a network and determine how to minimize them. They analyze their organization’s computer network defense policies and configurations to ensure compliance with applicable regulations and their organization’s goals and policies. They organize and conduct authorized penetration testing on the network and its assets to discover vulnerabilities and potential effects of security breaches. They prepare audit reports that identify their findings of technical and procedural vulnerabilities in the network and recommend solutions. Vulnerability assessors/ managers must be able to prioritize vulnerabilities based on the likelihood of exploitation, the potential damage caused, and the cost or effectiveness of various potential solutions.

Knowledge & Skills • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems • Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. • Knowledge of data backup, types of backups, and recovery concepts and tools • Knowledge of information assurance (IA) principles and organizational requirements • Knowledge of directory protocols and directory services • Knowledge of how traffic flows across the network • Knowledge of programming language and structure logic • Knowledge of system and application security threats and vulnerabilities

42 / INSA Cyber Jobs for America


PROTECT & DEFEND

ent

Specialty areas responsible for identification, analysis, and mitigation of threats to internal information technology [IT] systems or networks

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Information Security

• Information Technology

• Mathematics

• Management Information Systems

• Cyber Security

• Computer Science

• Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 43


44 / INSA Cyber Jobs for America


Investigate Digital Forensics ///////////////////////////////////46 Investigation ///////////////////////////////////// 48

INSA Cyber Jobs for America / 45


Digital Forensics Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations. Those working in digital forensics collect and analyze evidence of malicious activity or intrusion, including source code, malware, Trojans, and access logs. They conduct an analysis of this evidence in an attempt to identify the perpetrator of the network intrusion and the vulnerability exploited. They must follow similar processes of forensics personnel that deal with physical evidence, including documentation of the original condition of evidence and ensuring a chain of custody. If working with law enforcement, they provide consultation to investigators and prosecutors and may be required to provide testimony concerning their gathering of evidence and their analysis.

Knowledge & Skills • Knowledge of basic concepts and practices of processing digital forensic data • Knowledge of encryption algorithms • Knowledge of data backup, types of backups, and recovery concepts and tools • Knowledge of incident response and handling methodologies • Knowledge of operating systems • Knowledge of system and application security threats and vulnerabilities • Knowledge of server and client operating systems • Knowledge of server diagnostic tools and fault identification techniques • Knowledge of the common networking protocols

46 / INSA Cyber Jobs for America


INVESTIGATE Specialty areas responsible for investigation of cyber events and/or crimes of information technology systems, networks, and digital evidence

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Information Security

• Information Technology

• Mathematics

• Management Information Systems

• Cyber Security

• Computer Science

• Engineering

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 47


Investigation Applies tactics, techniques and procedures for a full range of investigative tools and processes including, but not limited to, interview and interrogation techniques, surveillance, counter surveillance, and surveillance detection, and appropriately balances the benefits of prosecution versus intelligence gathering. Investigators assist in the gathering of evidence and its analysis in the prosecution of computer crimes. They investigate computer security incidents to identify whether these incidents are a violation of law. They must be able to identify what digital evidence is of relevance to proving the crime and identifying the perpetrator. They must fuse the evidence and its analysis with the investigation to develop potential leads. Investigators are often required to monitor potential suspects’ activities, both physical and digital, to build a case against the suspect. They often conduct interviews with witnesses and victims of the incident along with interrogations of suspects.

Knowledge & Skills • Knowledge of system and application security threats and vulnerabilities • Knowledge of electronic devices • Knowledge of processes for seizing and preserving digital evidence • Knowledge of legal governance related to admissibility • Knowledge of types and collection of persistent data • Knowledge of social dynamics of computer attackers in a global context • Skill in preserving evidence integrity according to standard operating procedures or national standards • Skill in using scientific rules and methods to solve problems

48 / INSA Cyber Jobs for America


INVESTIGATE Specialty areas responsible for investigation of cyber events and/or crimes of information technology systems, networks, and digital evidence

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Mathematics

• Information Technology

• Cyber Security

• Management Information Systems

• Engineering

• Computer Science

• Electrical Engineering

• Information Security

• Law

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 49


50 / INSA Cyber Jobs for America


Oversight & Development Legal Advice & Advocacy ////////////////////////////52 Strategic Planning & Policy Development //////////////// 54 Education & Training /////////////////////////////// 56 Information Systems Security Operations //////////////// 58 Security Program Management /////////////////////// 60

INSA Cyber Jobs for America / 51


Legal Advice & Advocacy Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain. Advocates legal and policy changes and makes a case on behalf of client via a wide range of written and oral work products, including legal briefs and proceedings. Those who provide legal advice or advocacy must maintain a working knowledge of relevant laws, regulations, policies, standards, and procedures to best serve their client or organization. They are often asked to interpret applicable laws and regulations and explain or provide guidance on these laws/regulations to their clients. They often ensure their client’s compliance with applicable laws and regulations. Some legal advisors may be asked to develop new policies, programs, or guidelines for implementation. They may also be asked to implement or apply new or revised laws, policies, or regulations. Legal advocates represent their organization or clients in legal or legislative proceedings. This includes advocating their client’s position through the preparation and filing of legal documents including briefs, pleadings, and comments on rule making.

Knowledge & Skills • Knowledge of cryptology • Knowledge of new and emerging information technology (IT) and information security technologies • Knowledge of system and application security threats and vulnerabilities • Knowledge of emerging computer-based technology that has potential for exploitation by adversaries • Knowledge of industry indicators useful for identifying technology trends • Knowledge of intelligence reporting principles, policies, procedures, and vehicles, including report formats, reportability criteria, dissemination practices, and legal authorities and restrictions • Knowledge of the structure and intent of military operation plans, concept operation plans, orders, and standing rules of engagement • Skill in tracking and analyzing technical and legal trends that will impact cyber activities

52 / INSA Cyber Jobs for America


OVERSIGHT & DEVELOPMENT Specialty areas providing leadership, management, direction, and/or development and advocacy so that individuals and organizations may effectively conduct cyber security work

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Cyber Security

• Information Technology

• Engineering

• Management Information Systems

• Statistics

• Computer Science

• Law

• Information Security

• Economics

• Mathematics

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 53


Strategic Planning & Policy Development Applies knowledge of priorities to define an entity’s direction, determines how to allocate resources, and identifies programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements. A strategic planner develops an IT and information assurance strategy for an organization and then carries out policies in support of that strategy. They attempt to support the organization’s current and future strategy and the needs that strategy creates by balancing IT resources and issues to best meet those requirements with their own IT strategy. To develop a strategy they identify current and future business environments, available budget, IT and information assurance needs, and IT workforce management issues. After identifying a strategy, they assist in developing supporting policies, including an IT user policy, IT workforce recruitment and training policies, access control policies, and information assurance policy . They must ensure that these policies are dispersed within the organization by promoting awareness of the policies and strategy. They must monitor the application of these policies and provide guidance to IT management, staff, and users. They must then be able to revise either the strategy or its supporting policies based on the business or threat environment or the effectiveness of policies.

Knowledge & Skills • Knowledge of computer networks and defense (CND) and vulnerability assessment tools, including open source tools, and their capabilities • Knowledge of information assurance (IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation • Knowledge of new and emerging IT and information security technologies • Ability to determine the validity of technology trend data • Knowledge of emerging computer-based technology that has potential for exploitation by adversaries • Knowledge of industry indicators useful for identifying technology trends • Skill in tracking and analyzing technical and legal trends that will impact cyber activities

54 / INSA Cyber Jobs for America


OVERSIGHT & DEVELOPMENT Specialty areas providing leadership, management, direction, and/or development and advocacy so that individuals and organizations may effectively conduct cyber security work

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Cyber Security

• Information Technology

• Engineering

• Management Information Systems

• Statistics

• Computer Science

• Law

• Information Security

• Public Policy

• Mathematics

• Economics

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 55


Education & Training Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers, and/or evaluates training courses, methods, and techniques as appropriate. Educators must use their subject matter knowledge to develop and conduct interactive training exercises to create an effective learning environment. They must determine the training requirements for an applicable subject and be able to design a curriculum, course content, and materials to meet those requirements. These courses should educate customers in the applicable concepts, procedures, software, equipment, and applications. The preparation and presentation of the course should be tailored specifically to the audience and the physical environment. Educators/trainers should also be able to evaluate the effectiveness of current training programs and revise the curriculum or course content based on this evaluation and feedback received from previous training sessions.

Knowledge & Skills • Knowledge of computer networks and defense (CND) and vulnerability assessment tools, including open source tools, and their capabilities • Knowledge of new and emerging IT and information security technologies • Knowledge of operating systems • Knowledge and experience in the Instructional System Design (ISD) methodology • Knowledge of and experience in Insider Threat investigations, reporting, investigative tools, and laws/regulations • Knowledge of basic physical computer components and architectures, including the functions and various components and peripherals • Knowledge of multiple cognitive domains and appropriate tools and methods for learning each domain • Ability to develop curriculum that speaks to the topic at the appropriate level for the target audience

56 / INSA Cyber Jobs for America


OVERSIGHT & DEVELOPMENT Specialty areas providing leadership, management, direction, and/or development and advocacy so that individuals and organizations may effectively conduct cyber security work

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Cyber Security

• Information Technology

• Engineering

• Management Information Systems

• Statistics

• Computer Science

• Law

• Information Security

• Education

• Mathematics

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 57


Information Systems Security Operations Oversees the Information Assurance (IA) program of an information system in or outside the network environment; may include procurement duties. Those working in Information Systems Security Management take part in overseeing the information assurance (IA) program within an organization. They analyze, develop, and issue IA policies and make certain that network users are aware of these policies and follow them. Information Systems Security Operators ensure that IA inspections, tests, and reviews are coordinated and carried out. They are often also tasked with the generation of plans and procedures for network security operations for their organization. They often collect data for information assurance reporting and ensure that compliance monitoring occurs within the organization. They are responsible for ensuring that information assurance requirements are identified in the organization’s computer operation procedures and integrated into their Continuity of Operations Plan. They also often supervise or manage protective and corrective measures in the event of an information assurance incident or vulnerability is discovered. Depending on the level of the Information Systems Manager, they may be responsible for developing security standards for hardware, software, and services acquisition and ensuring that the acquired technology complies with security policies and procedures.

Knowledge & Skills • Knowledge of disaster recovery and continuity of operations plans • Knowledge of information assurance (IA) principles used to manage risks related to the use, processing, storage, and transmission of information or data • Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins • Knowledge of Risk Management Framework (RMF) requirements • Knowledge of measures or indicators of system performance and availability

58 / INSA Cyber Jobs for America

• Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures using standardsbased concepts and capabilities • Knowledge of risk management processes, including steps and methods for assessing risk • Knowledge of server administration and systems engineering theories, concepts, and methods • Knowledge of server and client operating systems


OVERSIGHT & DEVELOPMENT Specialty areas providing leadership, management, direction, and/or development and advocacy so that individuals and organizations may effectively conduct cyber security work

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Mathematics

• Information Technology

• Cyber Security

• Management Information Systems

• Engineering

• Computer Science

• Statistics

• Information Security

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst

INSA Cyber Jobs for America / 59


Security Program Management Manages relevant security (e.g., information security) implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and other resources (e.g., CISO). Someone with a career in security program management manages all aspects of information security for an organization, according to their security strategy and organization requirements. This includes managing security personnel and information security resources of the organization by acquiring the necessary resources and making sure all systems are continuously updated. Security program managers plan for potential emergencies and attacks and both lower the risk of these events and mitigate any potential damage caused by them. They are also responsible for ensuring that all members of the organization are aware of information security policies and that these policies are enforced.

Knowledge & Skills • Knowledge of the applicable laws, U.S. statutes, legal policies, procedures, or governance relevant to the work and infrastructure. • Knowledge of basic system administration, network, operating system hardening and network security architecture concepts • Knowledge of network access controls, protocols, traffic flows, and specialized system requirements • Knowledge of information assurance (IA) principles used to manage risks and security management • Knowledge of data backups, recovery concepts, tools, and handling methodologies of incident response • Knowledge of business process and operations of customer organizations • Knowledge of intrusion detection methodologies and techniques, vulnerability tests and security tools • Knowledge of system engineering theories, concepts, procedures, and encryption algorithms • Knowledge of new and emerging IT and information security technologies

60 / INSA Cyber Jobs for America


OVERSIGHT & DEVELOPMENT Specialty areas providing leadership, management, direction, and/or development and advocacy so that individuals and organizations may effectively conduct cyber security work

Educational Resources • NSA Centers of Academic Excellence – NSA and DHS jointly designate schools whose programs excel in the development of professionals who meet the needs of protecting information systems for the US Government, Industry, and Academia. This designation allows students at these universities to apply for special grants and scholarships only available to Centers of Academic Excellence.

Academic Programs • Information Systems

• Engineering

• Information Technology

• Statistics

• Management Information Systems

• Law

• Computer Science

• Public Policy

• Information Security

• Public Administration

• Mathematics

• Business Administration

• Cyber Security

• Business

JOb opportunities • USA Jobs • Cyber Jobs for America

Example Job Titles • Computer Crime Investigator • Incident Handler • Incident Responder • Intrusion Analyst INSA Cyber Jobs for America / 61


62 / INSA Cyber Jobs for America


Analyze Threat Analysis ////////////////////////////////////64 Exploitation Analysis /////////////////////////////// 65 All Source Intelligence ////////////////////////////// 66 Targets ///////////////////////////////////////// 67

INSA Cyber Jobs for America / 63


Threat Analysis Identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.

64 / INSA Cyber Jobs for America


ANALYZE Specialty areas responsible for highly specialized review and evaluation of incoming cyber security information to determine its usefulness for intelligence

Exploitation Analysis Analyzes collected information to identify vulnerabilities and potential for exploitation.

Due to the unique and highly specialized nature of this work, this document does not provide content on Knowledge & Skills, Educational Resources, Academic Programs and Job Opportunities.

INSA Cyber Jobs for America / 65


All Source Intelligence Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.

66 / INSA Cyber Jobs for America


ANALYZE Specialty areas responsible for highly specialized review and evaluation of incoming cyber security information to determine its usefulness for intelligence

Targets Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.

Due to the unique and highly specialized nature of this work, this document does not provide content on Knowledge & Skills, Educational Resources, Academic Programs and Job Opportunities.

INSA Cyber Jobs for America / 67


68 / INSA Cyber Jobs for America


Collect & Operate Collection Operations ///////////////////////////////70 Cyber Operations Planning ////////////////////////// 71 Cyber Operations ///////////////////////////////// 72

INSA Cyber Jobs for America / 69


Collection Operations Executes collection using appropriate strategies and within the priorities established through the collection management process.

70 / INSA Cyber Jobs for America


COLLECT AND OPERATE Specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence

Cyber Operations Planning Performs in-depth joint targeting and cyber planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operationallevel planning across the full range of operations for integrated information and cyberspace operations.

Due to the unique and highly specialized nature of this work, this document does not provide content on Knowledge & Skills, Educational Resources, Academic Programs and Job Opportunities.

INSA Cyber Jobs for America / 71


Cyber Operations Performs activities to gather evidence on criminal or foreign intelligence entities in order to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support other intelligence activities.

Due to the unique and highly specialized nature of this work, this document does not provide content on Knowledge & Skills, Educational Resources, Academic Programs and Job Opportunities.

72 / INSA Cyber Jobs for America


COLLECT AND OPERATE Specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence

INSA Cyber Jobs for America / 73



INSA Cyber Jobs for America