CISA Vulnerability Assessment Analyst

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Personnel performing this work role may unofficially or alternatively be called:

  • Blue Team Technician
  • Red Team Technician
  • Computer Network Defense (CND) Auditor
  • Ethical Hacker
  • Information Security Engineer
  • Internal Enterprise Auditor
  • Penetration Tester
  • Network Security Engineer
  • Reverse Engineer
  • Risk/Vulnerability Analyst
  • Technical Surveillance Countermeasures Technician
  • Vulnerability Manager

Category: Protect and Defend
Specialty Area: Vulnerability Assessment and Management

Core Tasks

  • Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives. (T0010)
  • Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions. (T0138)
  • Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing. (T0142)
  • Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions. (T0188)
  • Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications). (T0549)

Core Competencies

  • Information Systems/Network Security
  • Infrastructure Design
  • Vulnerability Assessment

Core Knowledge, Skills, Abilities (KSAs)

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). (K0179)
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). (K0061)
  • Knowledge of application vulnerabilities. (K0009)
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). (K0070)
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. (K0106)
  • Knowledge of penetration testing principles, tools, and techniques. (K0342)
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. (S0001)
  • Skill in the use of penetration testing tools and techniques. (S0051)
  • Skill in using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.). (S0081)
  • Skill in conducting application vulnerability assessments. (S0137)

How to Apply

To apply for this work role, submit an application to one or more of CISA's vacancy announcements. Please ensure your resume has been updated to reflect your demonstrated experience performing the above tasks and describe your exposure to the listed competencies.

  1. Assign the appropriate Task ID and/or Core KSA ID to each experience statement in your resume. Task and KSA IDs are listed in parenthesis at the end of each bullet above.
     
  2. You must also include demonstrated experience on the four required competencies:
  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

Was this document helpful?  Yes  |  Somewhat  |  No