- T0235: Translate functional requirements into technical solutions
- T1019: Determine special needs of cyber-physical systems
- T1020: Determine the operational and safety impacts of cybersecurity lapses
- T1022: Review enterprise information technology (IT) goals and objectives
- T1023: Identify critical technology procurement requirements
- T1026: Determine procurement requirements
- T1031: Implement intelligence collection requirements
- T1097: Determine functional requirements and specifications
- T1107: Evaluate functional requirements
- T1115: Oversee the development of design solutions
- T1127: Define project scope and objectives
- T1139: Develop systems design procedures and processes
- T1217: Determine if system analysis meets cybersecurity requirements
- T1243: Oversee configuration management
- T1244: Develop configuration management recommendations
- T1259: Identify opportunities for new and improved business process solutions
- T1283: Develop cybersecurity use cases
- T1366: Identify supply chain risks for critical system elements
- T1367: Document supply chain risks for critical system elements
- T1392: Develop user experience requirements
- T1393: Document user experience requirements
- T1408: Develop quality standards
- T1409: Document quality standards
- T1423: Create system security concept of operations (ConOps) documents
- T1430: Determine if system components can be aligned
- T1431: Integrate system components
- T1527: Define baseline system security requirements
- T1534: Develop cost estimates for new or modified systems
- T1573: Determine if developed solutions meet customer requirements
- K0018: Knowledge of encryption algorithms
- K0055: Knowledge of microprocessors
- K0674: Knowledge of computer networking protocols
- K0675: Knowledge of risk management processes
- K0676: Knowledge of cybersecurity laws and regulations
- K0677: Knowledge of cybersecurity policies and procedures
- K0678: Knowledge of privacy laws and regulations
- K0679: Knowledge of privacy policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0681: Knowledge of privacy principles and practices
- K0682: Knowledge of cybersecurity threats
- K0683: Knowledge of cybersecurity vulnerabilities
- K0684: Knowledge of cybersecurity threat characteristics
- K0685: Knowledge of access control principles and practices
- K0686: Knowledge of authentication and authorization tools and techniques
- K0687: Knowledge of business operations standards and best practices
- K0690: Knowledge of requirements analysis principles and practices
- K0698: Knowledge of cryptographic key management principles and practices
- K0715: Knowledge of resiliency and redundancy principles and practices
- K0721: Knowledge of risk management principles and practices
- K0727: Knowledge of analysis standards and best practices
- K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
- K0729: Knowledge of non-repudiation principles and practices
- K0730: Knowledge of cyber safety principles and practices
- K0731: Knowledge of systems security engineering (SSE) principles and practices
- K0733: Knowledge of information technology (IT) architecture models and frameworks
- K0736: Knowledge of information technology (IT) security principles and practices
- K0742: Knowledge of identity and access management (IAM) principles and practices
- K0743: Knowledge of new and emerging technologies
- K0744: Knowledge of operating system (OS) systems and software
- K0745: Knowledge of parallel and distributed computing principles and practices
- K0746: Knowledge of policy-based access controls
- K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
- K0748: Knowledge of Privacy Impact Assessment (PIA) principles and practices
- K0749: Knowledge of process engineering principles and practices
- K0751: Knowledge of system threats
- K0752: Knowledge of system vulnerabilities
- K0755: Knowledge of configuration management (CM) tools and techniques
- K0756: Knowledge of security management principles and practices
- K0757: Knowledge of system design tools and techniques
- K0758: Knowledge of server administration principles and practices
- K0759: Knowledge of client and server architecture
- K0765: Knowledge of software engineering principles and practices
- K0768: Knowledge of automated systems analysis tools and techniques
- K0769: Knowledge of system design standards and best practices
- K0771: Knowledge of system life cycle management principles and practices
- K0772: Knowledge of systems testing and evaluation tools and techniques
- K0773: Knowledge of telecommunications principles and practices
- K0779: Knowledge of systems engineering processes
- K0803: Knowledge of supply chain risk management principles and practices
- K0820: Knowledge of supply chain risks
- K0828: Knowledge of supply chain risk management standards and best practices
- K0834: Knowledge of technology procurement principles and practices
- K0838: Knowledge of supply chain risk management policies and procedures
- K0839: Knowledge of critical infrastructure systems and software
- K0840: Knowledge of hardware reverse engineering tools and techniques
- K0842: Knowledge of software reverse engineering tools and techniques
- K0848: Knowledge of network systems management principles and practices
- K0849: Knowledge of network systems management tools and techniques
- K0851: Knowledge of reverse engineering principles and practices
- K0865: Knowledge of data classification standards and best practices
- K0866: Knowledge of data classification tools and techniques
- K0872: Knowledge of service management principles and practices
- K0873: Knowledge of service management standards and best practices
- K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
- K0892: Knowledge of cyber defense laws and regulations
- K0920: Knowledge of risk management policies and procedures
- K0928: Knowledge of systems engineering principles and practices
- K0934: Knowledge of data classification policies and procedures
- K0942: Knowledge of cryptology principles and practices
- K0947: Knowledge of computer engineering principles and practices
- K0952: Knowledge of information theory principles and practices
- K0962: Knowledge of targeting laws and regulations
- K0963: Knowledge of exploitation laws and regulations
- K0983: Knowledge of computer networking principles and practices
- K1014: Knowledge of network security principles and practices
- K1050: Knowledge of critical information requirements
- K1077: Knowledge of data security controls
- K1084: Knowledge of data privacy controls
- K1086: Knowledge of design modeling
- K1122: Knowledge of configuration management principles and practices
- K1128: Knowledge of customer requirements
- K1213: Knowledge of security requirements
- K1227: Knowledge of systems architecture
- K1228: Knowledge of systems development
- S0066: Skill in identifying gaps in technical capabilities
- S0465: Skill in identifying critical infrastructure systems
- S0466: Skill in identifying systems designed without security considerations
- S0497: Skill in developing client organization profiles
- S0515: Skill in identifying partner capabilities
- S0551: Skill in applying information technologies into proposed solutions
- S0554: Skill in performing systems analysis
- S0555: Skill in performing capabilities analysis
- S0556: Skill in performing requirements analysis
- S0590: Skill in building use cases
- S0654: Skill in conducting system reviews
- S0673: Skill in translating operational requirements into security controls
- S0674: Skill in installing system and component upgrades
- S0675: Skill in optimizing system performance
- S0724: Skill in managing client relationships
- S0759: Skill in identifying requirements
- S0801: Skill in assessing partner operations capabilities
- S0822: Skill in collaborating with stakeholders
- S0824: Skill in communicating with customers
- S0830: Skill in conducting feasibility studies
- S0870: Skill in performing needs analysis
- S0878: Skill in performing risk analysis
- S0886: Skill in performing system analysis
- S0891: Skill in performing trade-off analysis
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 2.0.0)