CISA Systems Security Analyst

This role is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.

Personnel performing this work role may unofficially or alternatively be called:

  • Information Assurance Security Officer
  • Information Assurance Operational Engineer
  • Information Systems Security Engineer
  • Information Systems Security Manager
  • Information Systems Security Officer (ISSO)
  • Network Security Vulnerability Technician (NSVT)
  • Information Security Analyst / Administrator
  • Security Analyst
  • Security Engineer
  • Information Technology Specialist
  • Computer Specialist
  • System Engineer
  • Systems Security Analyst
  • Cybersecurity Specialist / Analyst
  • Senior Information Technology Systems Analyst
  • Network Field Operations

Category: Operate and Maintain
Specialty Area: Systems Analysis

Core Tasks

  • Analyze and report organizational security posture trends. (T0469)
  • Analyze and report system security posture trends. (T0470)
  • Apply security policies to meet security objectives of the system. (T0016)
  • Assess adequate access controls based on principles of least privilege and need-to-know. (T0475)
  • Assess all the configuration management (change configuration/release management) processes. (T0344)
  • Assess the effectiveness of security controls. (T0309)
  • Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements. (T0462)
  • Ensure all systems security operations and maintenance activities are properly documented and updated as necessary. (T0085)
  • Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. (T0088)
  • Implement security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed. (T0485)
  • Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation. (T0489)
  • Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative. (T0499)
  • Plan and recommend modifications or adjustments based on exercise results or system environment. (T0187)
  • Properly document all systems security implementation, operations and maintenance activities and update as necessary. (T0194)
  • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. (T0526)
  • Verify and update security documentation reflecting the application/system security design features. (T0243)
  • Verify minimum security requirements are in place for all applications. (T0508)

Core Competencies

  • Computer Network Defense
  • Data Privacy and Protection
  • Encryption
  • Identity Management
  • Information Assurance
  • Information Systems/Network Security
  • Information Technology Assessment
  • Infrastructure Design
  • Legal, Government, and Jurisprudence
  • Operating Systems
  • Risk Management
  • Software Development
  • System Administration
  • Systems Integration
  • Systems Testing and Evaluation
  • Telecommunications
  • Vulnerability Assessment

Core Knowledge, Skills, Abilities (KSAs)

  • Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). (S0147)
  • Knowledge of Personally Identifiable Information (PII) data security standards. (K0260)
  • Knowledge of Personal Health Information (PHI) data security standards. (K0262)
  • Knowledge of encryption algorithms. (K0018)
  • Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). (K0056)
  • Skill in developing and applying security system access controls. (S0031)
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). (K0044)
  • Knowledge of an organization's information classification program and procedures for information compromise. (K0287)
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). (K0049)
  • Knowledge of security system design tools, methods, and techniques. (K0075)
  • Knowledge of security management. (K0276)
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. (K0027)
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). (K0061)
  • Knowledge of embedded systems. (K0322)
  • Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs. (K0333)
  • Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. (K0267)
  • Knowledge of operating systems. (K0060)
  • Knowledge of information technology (IT) risk management policies, requirements, and procedures. (K0263)
  • Knowledge of software engineering. (K0082)
  • Knowledge of various types of computer architectures. (K0227)
  • Knowledge of configuration management techniques. (K0275)
  • Knowledge of installation, integration, and optimization of system components. (K0035)
  • Skill in designing the integration of hardware and software solutions. (S0024)
  • Knowledge of systems security testing and evaluation methods. (K0290)
  • Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing). (K0093)
  • Knowledge of how to use network analysis tools to identify vulnerabilities. (K0339)
  • Skill in evaluating the adequacy of security designs. (S0036)
  • Skill in assessing security systems designs. (S0141)
  • Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning). (S0167)

How to Apply

To apply for this work role, submit an application to one or more of CISA's vacancy announcements. Please ensure your resume has been updated to reflect your demonstrated experience performing the above tasks and describe your exposure to the listed competencies.

  1. Assign the appropriate Task ID and/or Core KSA ID to each experience statement in your resume. Task and KSA IDs are listed in parenthesis at the end of each bullet above.
     
  2. You must also include demonstrated experience on the four required competencies:
  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

Was this document helpful?  Yes  |  Somewhat  |  No