Skill ID: S0001

Skill Description: Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.

Work Roles with this Skill:

Work Role ID: OV-TEA-002
Work Roles: Cyber Instructor
Work Role Description: Develops and conducts training or education of personnel within cyber domain.
Category: Oversee and Govern
Specialty Area(s): Training, Education, and Awareness
Work Role ID: PR-VAM-001
Work Roles: Vulnerability Assessment Analyst
Work Role Description: Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Category: Protect and Defend
Specialty Area(s): Vulnerability Assessment and Management
Work Role ID: SP-DEV-001
Work Roles: Software Developer
Work Role Description: Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.
Category: Securely Provision
Specialty Area(s): Software Development
Work Role ID: SP-DEV-002
Work Roles: Secure Software Assessor
Work Role Description: Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
Category: Securely Provision
Specialty Area(s): Software Development
Work Role ID: SP-RSK-002
Work Roles: Security Control Assessor
Work Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
Category: Securely Provision
Specialty Area(s): Risk Management
Work Role ID: SP-SYS-001
Work Roles: Information Systems Security Developer
Work Role Description: Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
Category: Securely Provision
Specialty Area(s): Systems Development

The NICE Framework data presented on these pages was last updated by NIST on July 7, 2020 and will be updated when the official Revision 1 data is released.