CISA Systems Developer

This role designs, develops, tests, and evaluates information systems throughout the systems development life cycle.

Personnel performing this work role may unofficially or alternatively be called:

  • Firewall Engineer
  • Information Assurance (IA) Developer
  • Information Assurance (IA) Engineer
  • Information Assurance (IA) Software Engineer
  • Information Systems Security Engineer
  • Program Developer
  • Security Engineer
  • Systems Engineer
  • Systems Security Engineer

Category: Securely Provision
Specialty Area: Systems Development

Core Tasks

  • Collaborate on cybersecurity designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations, high integrity and availability requirements, multilevel security/processing of multiple classification levels, and processing Sensitive Compartmented Information). (T0560)
  • Design hardware, operating systems, and software applications to adequately address requirements. (T0447)
  • Develop detailed design documentation for component and interface specifications to support system design and development. (T0464)
  • Ensure design and development activities are properly documented (providing a functional description of implementation) and updated as necessary. (T0406)
  • Implement designs for new or existing system(s). (T0488)

Core Competencies

  • Identity Management
  • Information Assurance
  • Information Systems/ Network Security
  • Infrastructure Design
  • Software Development
  • System Administration
  • Systems Integration
  • Systems Testing and Evaluation

Core Knowledge, Skills, Abilities (KSAs)

  • Knowledge of organization's enterprise information security architecture. (K0027)
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). (K0044)
  • Knowledge of information security systems engineering principles (NIST SP 800-160). (K0045)
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). (K0049)
  • Knowledge of organization's evaluation and validation requirements. (K0028)
  • Knowledge of systems testing and evaluation methods. (K0091)
  • Knowledge of various types of computer architectures. (K0227)
  • Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on (K0073)
  • Knowledge of software development models (e.g., Waterfall Model, Spiral Model). (K0081)
  • Knowledge of software engineering. (K0082)
  • Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools. (K0086)
  • Knowledge of system life cycle management principles, including software security and usability. (K0090)
  • Knowledge of the systems engineering process. (K0102)
  • Knowledge of embedded systems. (K0322)
  • Skill in developing and applying security system access controls. (S0031)

How to Apply

To apply for this work role, submit an application to one or more of CISA's vacancy announcements. Please ensure your resume has been updated to reflect your demonstrated experience performing the above tasks and describe your exposure to the listed competencies.

  1. Assign the appropriate Task ID and/or Core KSA ID to each experience statement in your resume. Task and KSA IDs are listed in parenthesis at the end of each bullet above.
  2. You must also include demonstrated experience on the four required competencies:
  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

Was this webpage helpful?  Yes  |  Somewhat  |  No