Cyber Defense Infrastructure Support Specialist
Work Role ID: PR-INF-001Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.Category: Protect and DefendSpecialty Area: Cyber Defense Infrastructure Support
Abilities
- A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge
- K0001: Knowledge of computer networking concepts and protocols, and network security methodologies.
- K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- K0004: Knowledge of cybersecurity and privacy principles.
- K0005: Knowledge of cyber threats and vulnerabilities.
- K0006: Knowledge of specific operational impacts of cybersecurity lapses.
- K0021: Knowledge of data backup and recovery.
- K0033: Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
- K0042: Knowledge of incident response and handling methodologies.
- K0044: Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- K0058: Knowledge of network traffic analysis methods.
- K0061: Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
- K0062: Knowledge of packet-level analysis.
- K0104: Knowledge of Virtual Private Network (VPN) security.
- K0106: Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
- K0135: Knowledge of web filtering technologies.
- K0157: Knowledge of cyber defense and information security policies, procedures, and regulations.
- K0179: Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- K0205: Knowledge of basic system, network, and OS hardening techniques.
- K0258: Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).
- K0274: Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
- K0324: Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
- K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
- K0334: Knowledge of network traffic analysis (tools, methodologies, processes).
Skills
- S0007: Skill in applying host/network access controls (e.g., access control list).
- S0053: Skill in tuning sensors.
- S0054: Skill in using incident handling methodologies.
- S0059: Skill in using Virtual Private Network (VPN) devices and encryption.
- S0077: Skill in securing network communications.
- S0079: Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
- S0121: Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
- S0124: Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
- S0367: Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Tasks
- T0042: Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
- T0180: Perform system administration on specialized cyber defense applications and systems (e.g., antivirus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup, and restoration.
- T0261: Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
- T0335: Build, install, configure, and test dedicated cyber defense hardware.
- T0348: Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
- T0420: Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s).
- T0438: Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems).
- T0483: Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
- T0486: Implement Risk Management Framework (RMF)/Security Assessment and Authorization (SA&A) requirements for dedicated cyber defense systems within the enterprise, and document and maintain records for them.