CISA Systems Security Analyst

This role is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.

Personnel performing this work role may unofficially or alternatively be called:

  • Information Assurance Security Officer
  • Information Assurance Operational Engineer
  • Information Systems Security Engineer
  • Information Systems Security Manager
  • Information Systems Security Officer (ISSO)
  • Network Security Vulnerability Technician (NSVT)
  • Information Security Analyst / Administrator
  • Security Analyst
  • Security Engineer
  • Information Technology Specialist
  • Computer Specialist
  • System Engineer
  • Systems Security Analyst
  • Cybersecurity Specialist / Analyst
  • Senior Information Technology Systems Analyst
  • Network Field Operations

Skill Community: Cybersecurity 
Category: Operate and Maintain
Specialty Area: Systems Analysis
Work Role Code: 461

Core Tasks

  • Analyze and report organizational security posture trends. (T0469)
  • Analyze and report system security posture trends. (T0470)
  • Apply security policies to meet security objectives of the system. (T0016)
  • Assess adequate access controls based on principles of least privilege and need-to-know. (T0475)
  • Assess all the configuration management (change configuration/release management) processes. (T0344)
  • Assess the effectiveness of security controls. (T0309)
  • Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements. (T0462)
  • Ensure all systems security operations and maintenance activities are properly documented and updated as necessary. (T0085)
  • Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. (T0088)
  • Implement security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed. (T0485)
  • Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation. (T0489)
  • Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative. (T0499)
  • Plan and recommend modifications or adjustments based on exercise results or system environment. (T0187)
  • Properly document all systems security implementation, operations and maintenance activities and update as necessary. (T0194)
  • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. (T0526)
  • Verify and update security documentation reflecting the application/system security design features. (T0243)
  • Verify minimum security requirements are in place for all applications. (T0508)

Core Competencies

  • Computer Network Defense
  • Data Privacy and Protection
  • Encryption
  • Identity Management
  • Information Assurance
  • Information Systems/Network Security
  • Information Technology Assessment
  • Infrastructure Design
  • Legal, Government, and Jurisprudence
  • Operating Systems
  • Risk Management
  • Software Development
  • System Administration
  • Systems Integration
  • Systems Testing and Evaluation
  • Telecommunications
  • Vulnerability Assessment

Core Knowledge, Skills, Abilities (KSAs)

  • Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). (S0147)
  • Knowledge of Personally Identifiable Information (PII) data security standards. (K0260)
  • Knowledge of Personal Health Information (PHI) data security standards. (K0262)
  • Knowledge of encryption algorithms. (K0018)
  • Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). (K0056)
  • Skill in developing and applying security system access controls. (S0031)
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). (K0044)
  • Knowledge of an organization's information classification program and procedures for information compromise. (K0287)
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). (K0049)
  • Knowledge of security system design tools, methods, and techniques. (K0075)
  • Knowledge of security management. (K0276)
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. (K0027)
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). (K0061)
  • Knowledge of embedded systems. (K0322)
  • Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs. (K0333)
  • Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. (K0267)
  • Knowledge of operating systems. (K0060)
  • Knowledge of information technology (IT) risk management policies, requirements, and procedures. (K0263)
  • Knowledge of software engineering. (K0082)
  • Knowledge of various types of computer architectures. (K0227)
  • Knowledge of configuration management techniques. (K0275)
  • Knowledge of installation, integration, and optimization of system components. (K0035)
  • Skill in designing the integration of hardware and software solutions. (S0024)
  • Knowledge of systems security testing and evaluation methods. (K0290)
  • Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing). (K0093)
  • Knowledge of how to use network analysis tools to identify vulnerabilities. (K0339)
  • Skill in evaluating the adequacy of security designs. (S0036)
  • Skill in assessing security systems designs. (S0141)
  • Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning). (S0167)

Join the Mission

CISA is always searching for diverse, talented, and highly motivated professionals to continue its mission of securing the nation’s critical infrastructure. CISA is more than a great place to work; our workforce tackles the risks and threats that matter most to the nation, our families, and communities.

To join this mission, visit USAJOBs and/or the DHS Cybersecurity Service to view job announcements and to access the application. Be sure to tailor your resume to the specific job announcement, attach relevant documents, and complete all required assessments. 

When applying for CISA’s cyber positions, please review CISA’s cyber roles above and update your resume to align your experience with the listed competencies. Your resume must also show demonstrated cyber/IT related experience in:

  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

To receive email notifications when new CISA positions are announced, set up a “saved search” on USAJOBs with keyword “Cybersecurity and Infrastructure Security Agency.”

Individuals eligible for special hiring authorities may also be considered during CISA’s one-stop hiring events or by emailing or

Was this webpage helpful?  Yes  |  Somewhat  |  No