Research & Development Specialist

Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.

Tasks

The concrete work activities defined for this role in the DCWF v5.1 spreadsheet. Core tasks are required for the role; additional tasks are associated but not mandatory.

• T1076 additional Collaborate with stakeholders to identify and/or develop appropriate solutions technology.
• T1077 additional Design and develop new tools/technologies as related to cybersecurity.
• T1078A additional Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.
• T1079A additional Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.
• T1147A additional Develop data management capabilities (e.g., cloud based, centralized cryptographic key management) to include support to the mobile workforce.
• T925 additional Research current technology to understand capabilities of required system or network.
• T927A additional Research and evaluate available technologies and standards to meet customer requirements.
• T934 additional Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.

Knowledge, Skills, and Abilities

KSA statements define what a person filling this role knows or can do. "Knowledge" is what they must know, "Skill" is what they can perform, and "Ability" is a durable capacity they bring to the work.

• K0088 knowledge core Knowledge of systems administration concepts.
• K0129 knowledge core Knowledge of system life cycle management principles, including software security and usability.
• S144A skill core Skill in applying the systems engineering process.
• A3068 ability additional Ability to prepare and present briefings.
• A3069 ability additional Ability to produce technical documentation.
• A4 ability additional Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• A6919 ability additional Ability to determine the best cloud deployment model for the appropriate operating environment.
• K0010 knowledge additional Knowledge of application vulnerabilities.
• K0027 knowledge additional Knowledge of cryptography and cryptographic key management concepts.
• K095A knowledge additional Knowledge of penetration testing principles, tools, and techniques.
• K1037 knowledge additional Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.
• K1038B knowledge additional Knowledge of local specialized system requirements (e.g., critical infrastructure/control systems that may not use standard information technology [IT]) for safety, performance, and reliability).
• K1040A knowledge additional Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure.
• K1056 knowledge additional Knowledge of operations security.
• K1062 knowledge additional Knowledge of software reverse engineering techniques.
• K1072 knowledge additional Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth, Zero Trust).
• K1125 knowledge additional Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
• K1135 knowledge additional Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
• K1142A knowledge additional Knowledge of industry standard security models.
• K321A knowledge additional Knowledge of industry technologies and how differences affect exploitation/vulnerabilities.
• S0155 skill additional Skill in monitoring and optimizing system/server performance.
• S172 skill additional Skill in creating and utilizing mathematical or statistical models.
• S180A skill additional Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
• S383 skill additional Skill in using scientific rules and methods to solve problems.
• S6942 skill additional Skill in designing or implementing cloud computing deployment models.

EWU courses that develop this role

Other roles in this element