CISA System Testing and Evaluation Specialist

This role plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.

Personnel performing this role may unofficially or alternatively be called: 

  • Application Security Tester
  • System Evaluator
  • Security Test Engineer
  • Release Engineer
  • Acceptance Tester
  • Quality Assurance (QA) Tester
  • Software Quality Assurance (QA) Engineer
  • Software Quality Engineer
  • Testing and Evaluation Specialist

Category: Securely Provision
Specialty Area: Test and Evaluation


Core Tasks

  • Analyze the results of software, hardware, or interoperability testing. (T0426)
  • Create auditable evidence of security measures. (T0274)
  • Determine level of assurance of developed capabilities based on test results. (T0058)
  • Determine scope, infrastructure, resources, and data sample size to ensure system requirements are adequately demonstrated. (T0257)
  • Develop test plans to address specifications and requirements. (T0080)
  • Make recommendations based on test results. (T0143)
  • Perform developmental testing on systems under development. (T0511)
  • Perform interoperability testing on systems exchanging electronic information with other systems. (T0512)
  • Perform operational testing. (T0513)
  • Record and manage test data. (T0540)
  • Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements. (T0539)
  • Validate specifications and requirements for testability. (T0393)

Core Competencies

  • Information Assurance
  • Problem Solving
  • Systems Testing and Evaluation
  • Teaching Others

Core Knowledge, Skills and Abilities (KSAs)

  • Knowledge of Security Assessment and Authorization process. (K0037)
  • Ability to translate data and test results into evaluative conclusions. (A0040)
  • Knowledge of organization's evaluation and validation requirements. (K0028)
  • Skill in conducting test events. (S0015)
  • Skill in designing a data analysis structure (i.e., the types of data a test must generate and how to analyze that data). (S0021)
  • Skill in determining an appropriate level of test rigor for a given system. (S0026)
  • Skill in developing operations-based testing scenarios. (S0030)
  • Skill in systems integration testing. (S0048)
  • Skill in writing test plans. (S0061)
  • Skill in evaluating test plans for applicability and completeness. (S0082)
  • Skill in conducting Test Readiness Reviews. (S0104)
  • Skill in designing and documenting overall program Test & Evaluation strategies. (S0107)
  • Skill in identifying Test & Evaluation infrastructure (people, ranges, tools, instrumentation) requirements. (S0110)
  • Skill in managing test assets, test resources, and test personnel to ensure effective completion of test events. (S0112)
  • Skill in preparing Test & Evaluation reports. (S0115)
  • Skill in providing Test & Evaluation resource estimate. (S0117)
  • Ability to analyze test data. (A0026)
  • Ability to collect, verify, and validate test data. (A0030)
  • Knowledge of Test & Evaluation processes for learners. (K0250)

How to Apply

To apply for this work role, submit an application to one or more of CISA's vacancy announcements. Please ensure your resume has been updated to reflect your demonstrated experience performing the above tasks and describe your exposure to the listed competencies.

  1. Assign the appropriate Task ID and/or Core KSA ID to each experience statement in your resume. Task and KSA IDs are listed in parenthesis at the end of each bullet above.
  2. You must also include demonstrated experience on the four required competencies:
  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

Was this webpage helpful?  Yes  |  Somewhat  |  No