CISA Network Operations Specialist

This role plans, implements, and operates network services/systems, to include hardware and virtual environments.

Personnel performing this work role may unofficially or alternatively be called:

  • Network Administrator
  • Network Analyst
  • Network Designer
  • Network Engineer
  • Network Systems and Data Communications Analyst
  • Network Systems Engineer
  • Telecommunications Engineer/ Personnel/ Specialist

Category: Operate and Maintain
Specialty Area: Network Services

Core Tasks

  • Configure and optimize network hubs, routers, and switches (e.g., higher-level protocols, tunneling). (T0035)
  • Develop and implement network backup and recovery procedures. (T0065)
  • Diagnose network connectivity problems. (T0081)
  • Install and maintain network infrastructure device operating system software (e.g., IOS, firmware). (T0125)
  • Install or replace network hubs, routers, and switches. (T0126)
  • Monitor network capacity and performance. (T0153)
  • Patch network vulnerabilities to ensure information is safeguarded against outside parties. (T0160)
  • Test and maintain network infrastructure including software and hardware devices. (T0232)

Core Competencies

  • Business Continuity
  • Computer Network Defense
  • Encryption
  • Information Assurance
  • Infrastructure Design
  • Information Systems/Network Security
  • Information Technology Assessment
  • Network Management
  • Operating Systems
  • System Administration
  • Systems Integration
  • Technology Awareness
  • Telecommunications
  • Web Technology

Core Knowledge, Skills, Abilities (KSAs)

  • Knowledge of computer networking concepts and protocols, and network security methodologies. (K0001)
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). (K0002)
  • Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. (K0003)
  • Knowledge of cybersecurity principles. (K0004)
  • Knowledge of cyber threats and vulnerabilities. (K0005)
  • Knowledge of specific operational impacts of cybersecurity lapses. (K0006)
  • Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat). (A0058)
  • Ability to operate common network tools (e.g., ping, traceroute, nslookup). (A0055)
  • Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts). (A0063)
  • Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. (A0052)
  • Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless). (K0108)
  • Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. (K0011)
  • Knowledge of communication methods, principles, and concepts (e.g., crypto, dual hubs, time multiplexers) that support the network infrastructure. (K0010)
  • Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data. (K0038)
  • Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN). (K0113)
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). (K0061)
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). (K0049)
  • Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing). (K0093)
  • Knowledge of local area and wide area networking principles and concepts including bandwidth management. (K0050)
  • Knowledge of measures or indicators of system performance and availability. (K0053)
  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. (K0332)
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). (K0179)
  • Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. (K0180)
  • Knowledge of the organization's Local and Wide Area Network connections. (K0029)
  • Knowledge of remote access technology concepts. (K0071)
  • Knowledge of server administration and systems engineering theories, concepts, and methods. (K0076)
  • Knowledge of the capabilities of different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts). (K0136)
  • Knowledge of the range of existing networks (e.g., PBX, LANs, WANs, WIFI, SCADA). (K0137)
  • Knowledge of Virtual Private Network (VPN) security. (K0104)
  • Knowledge of web filtering technologies. (K0135)
  • Skill in analyzing network traffic capacity and performance characteristics. (S0004)
  • Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate). (S0170)
  • Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems). (S0084)
  • Skill in establishing a routing schema. (S0035)
  • Skill in implementing and testing network infrastructure contingency and recovery plans. (S0150)
  • Skill in implementing, maintaining, and improving established network security practices. (S0040)
  • Skill in installing, configuring, and troubleshooting LAN and WAN components such as routers, hubs, and switches. (S0041)
  • Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). (S0079)
  • Skill in securing network communications. (S0077)
  • Skill in applying various subnet techniques (e.g., CIDR). (S0162)
  • Skill in using network management tools to analyze network traffic patterns (e.g., simple network management protocol). (S0056)
  • Knowledge of network tools (e.g., ping, traceroute, nslookup). (K0111)

How to Apply

To apply for this work role, submit an application to one or more of CISA's vacancy announcements. Please ensure your resume has been updated to reflect your demonstrated experience performing the above tasks and describe your exposure to the listed competencies.

  1. Assign the appropriate Task ID and/or Core KSA ID to each experience statement in your resume. Task and KSA IDs are listed in parenthesis at the end of each bullet above.
     
  2. You must also include demonstrated experience on the four required competencies:
  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

Was this document helpful?  Yes  |  Somewhat  |  No