Non Gamstop Casinos

Template B
Career Cluster: CYBERSECURITY

Critical Work Function: A. Provide Data/Information Assurance

KEY ACTIVITY Performance Indicator
How do we know when the key activity is performed well?
Technical Knowledge
Skills, Abilities, Tools
Employabilty Skills
SCANS Skills and Foundational Abilities
A1
Gather and document data/information assurance requirements
  • Relevant information and requirements are completely accurate and thoroughly documented
  • Sources of information are trustworthy and current
  • Requirements are attainable within applicable time, technology, and cost constraints
  • Data/information requirements are reviewed and approved by relevant stakeholders
  • Requirements meet applicable internal and external standards and practices
  • Requirements are periodically reviewed against performance standards and emerging security specifications
  • Knowledge of internal and external data/information assurance standards, recommendations, and practices
  • Knowledge of trustworthy sources and relevant standards
  • Knowledge of relevant and applicable technologies and business practices
  • Ability to collect, analyze, interpret, and present security specifications in the data assurance environment
  • Ability to identify key sources of information
  • Ability to analyze information for accuracy and consistency
  • Ability to ask relevant questions
  • Ability to accurately summarize and document information
A2
Develop data/information assurance plans and implementation strategies
  • Plans address critical confidentiality, integrity, and availability requirements
  • Plans provide realistic methods to meet security specifications and data requirements
  • Plans identify and prescribe appropriate training and implementation processes and methods
  • Plans and strategies are consistent with relevant policies, practices, and standards
  • Implementation strategies support customer requirements and business objectives
  • Plans and strategies support current technologies and accommodate future technological development
  • Plans and strategies are developed in the context of ethical and societal norms and expectations
  • Knowledge of relevant policies, practices, and standards
  • Ability to determine customer requirements in the context of business goals and risk analysis
  • Knowledge of current and emerging security tools, technologies, and practices
  • Knowledge of security-related ethical and societal norms and expectations
  • Ability to interpret and present security data assurance plans and strategies in the data assurance environment
  • Ability to synthesize and organize information
  • Ability to manage resources and timelines to maximize effectiveness
  • Ability to assume responsibility for accomplishing team goals
  • Ability to create detailed supporting documents
A3
Review and test plans and strategies for compliance with applicable regulations and standards
  • Plans and strategies meet specifications of applicable regulations and standards
  • Compliance is reviewed in the context of risk analysis, cost benefit analysis, and implementation feasibility
  • Appropriate recommendations follow review and testing processes
  • Regulations and standards are regularly monitored for updates and revisions
  • Knowledge of applicable business policies and analysis tools
  • Knowledge of applicable security regulations and standards
  • Ability to perform compliance reviews and analysis
  • Ability to formulate and present security/data assurance plans, strategies, and recommendations
  • Ability to generate/evaluate solutions
  • Ability to compare multiple viewpoints and relate intent to desired results
  • Ability to identify key sources of information
  • Ability to pose critical questions
A4
Implement data/information assurance plans and strategies
  • Data/information assurance plans and strategies are implemented according to requirements, specifications, timelines, and relevant decision points
  • Implementation schedule and expectations are communicated to relevant stakeholders
  • Implementation includes appropriate transition and contingency plans
  • Plans and strategies are implemented with minimal disruptions
  • Implementation includes applicable orientation and training
  • Knowledge of implementation planning processes, procedures, and requirements
  • Knowledge of security tools and technologies
  • Knowledge of training processes and procedures
  • Ability to develop and implement transition and contingency plans
  • Ability to synthesize information
  • Ability to create detailed supporting documentation
  • Ability to organize and present information to users and analyze group/individual response
  • Ability to create and develop new rules/principles
A5
Monitor performance to ensure integrity and confidentiality
  • Security data is collected, and documented and analyzed
  • Security breaches are detected and reported according to applicable practices and procedures
  • Security issues are quickly identified, escalated appropriately, and resolved
  • Monitoring process includes routine and nonroutine self-tests and audits
  • Knowledge of data collection and analysis practices and techniques
  • Knowledge of detection tools and reporting practices
  • Knowledge of security testing and security auditing methods
  • Ability to gather, summarize, and present performance data
  • Ability to establish rapport with co-workers and customers and modify actions to environment
  • Ability to analyze organization of information
  • Ability to compare and interpret multiple viewpoints
  • Ability to pose critical questions
  • Ability to read and follow written instructions
  • Ability to recognize ethical issues
  • Ability to maintain confidentiality
A6
Maintain and update data/information assurance plans and strategies as appropriate
  • Plans and strategies are regularly reviewed for update and revision
  • Plans and strategies are evaluated against current and emerging security criteria, regulations, and standards
  • Revised plans and strategies are appropriately communicated and effectively integrated
  • Security policies and requirements are regularly reviewed in the maintenance and upgrade process
  • Knowledge of applicable security/data assurance regulations, standards, and practices
  • Ability to analyze and recommend changes in security policies and practices
  • Ability to organize and present technical data
  • Ability to create detailed supporting documents
  • Ability to create data gathering process
  • Ability to create plan to monitor and correct system
  • Ability to analyze client/user needs and evaluate effectiveness of solutions
  • Ability to devise/implement plan of action

Critical Work Function: B. Ensure Infrastructure and Network Security

KEY ACTIVITY Performance Indicator
How do we know when the key activity is performed well?
Technical Knowledge
Skills, Abilities, Tools
Employabilty Skills
SCANS Skills and Foundational Abilities
B1.
Gather data and analyze security requirements
  • Security data requirements include devices, topology, and intrusion detection
  • Sources and methods for gathering requirements are trustworthy and current
  • Data is gathered continuously in a cost-effective manner
  • Security requirements reflect current and emerging data/information assurance standards, regulations, and practices
  • Requirements are analyzed relative to applicable time, technology, and cost constraints
  • Knowledge of network architecture and applicable security products and practices
  • Knowledge of security devices, topology, and intrusion detection
  • Knowledge of information gathering methods, procedures, and practices
  • Ability to analyze and apply security standards, regulations, and practices
  • Ability to identify key sources of information
  • Ability to ask relevant questions
  • Ability to accurately summarize and document information
  • Ability to recommend an ethical course of action
  • Ability to pose critical questions
B2.
Identify, analyze, and evaluate infrastructure and network vulnerabilities
  • Infrastructure and network devices and software are benchmarked against known limitations and vulnerabilities
  • Corrective plan is developed and implemented based on the benchmarking data
  • Appropriate policies and procedures are developed for access control and authentication
  • Physical security issues are identified and resolved
  • Routine updates and upgrades are implemented per established procedures
  • Relevant infrastructure, topology, and hardware information is appropriately logged and maintained
  • Knowledge of network architecture, topology, devices, and software
  • Knowledge of access control and authentication methods and protocols
  • Ability to gather and evaluate technical data and maintain appropriate records
  • Knowledge of applicable physical security requirements and practices
  • Ability to analyze information for accuracy and consistency
  • Ability to evaluate system configuration
  • Ability to use prior training/experience to predict outcomes
  • Ability to analyze, interpret and summarize information
  • Ability to present complex ideas and information
B3.
Develop critical situation contingency plans and disaster recovery plan
  • Plans appropriately prioritize criticality, time, cost and human resource requirements
  • Plans reflect realistic scenarios for recovery and restoration
  • Plans are effectively disseminated and continuously improved
  • Knowledge of contingency and disaster recovery planning processes and practices
  • Knowledge of network architecture and topology
  • Ability to understand the IT mission and isolate critical performance elements
  • Ability to predict outcomes/results based on prior knowledge
  • Ability to create detailed supporting documentation and write technical documents for a variety of audiences
  • Ability to analyze system configuration/stability
  • Ability to analyze, interpret and summarize information
B4.
Implement/ test contingency and backup plans and coordinate with stakeholders
  • Contingency and backup plans are validated through successful operational testing
  • Contingency plans and procedures are routinely practiced, reviewed, and refined
  • Contingency and backup plans are implemented with appropriate participation of, and minimal disruption to, users
  • Testing results in greater organizational awareness, readiness, and responsiveness
  • Contingency and backup plans are effectively communicated to internal and external stakeholders
  • Knowledge of contingency and backup plan development, testing, and implementation
  • Knowledge of networking and general systems security
  • Ability to analyze technical problems and develop appropriate solutions
  • Knowledge of local and wide area networking environments
  • Ability to develop and implement backup communication and coordination plans
  • Ability to systematically organize information
  • Ability to evaluate critically of problems, identify possible causes and propose solutions
  • Ability to communicate effectively with clients/users
  • Ability to document findings in detailed supporting documents
B5.
Monitor, report, and resolve security problems
  • Security problems are detected quickly and reported accurately
  • Monitoring includes all relevant devices, software, and points of access
  • Security problems are resolved effectively and measures are taken to preclude recurrence
  • Problem resolutions provide for improved detection and deterrence
  • Knowledge of security detection and deterrence methods and strategies
  • Knowledge of security monitoring practices and procedures
  • Knowledge of problem escalation and resolution methods
  • Ability to integrate multiple items of data and synthesize information
  • Ability to interpret information, prepare basic summaries/reports and select method of communication
  • Ability to present results clearly and concisely
  • Ability to probe for underlying issues and pose critical questions
  • Ability to determine system components to be modified or improved

Critical Work Function: C. Develop, Manage, and Enforce Security Policies

KEY ACTIVITY Performance Indicator
How do we know when the key activity is performed well?
Technical Knowledge
Skills, Abilities, Tools
Employabilty Skills
SCANS Skills and Foundational Abilities
C1.
Perform research and analyze requirements
  • Sources and methods for gathering requirements are trustworthy and current
  • Security requirements are consistent with all applicable standards, laws, and regulations
  • Requirements are analyzed relative to applicable time, technology, and cost constraints
  • Requirements include feasibility analysis and recommendations for implementation and enforcement
  • Requirements are regularly researched, reviewed, updated, and approved by relevant stakeholders
  • Knowledge of applicable standards, laws, and regulations
  • Knowledge of information gathering methods, procedures, and practices
  • Ability to collect, analyze, interpret, and present security requirements in the data assurance environment
  • Knowledge of applicable conditions and limitations relative to security policy development
  • Ability to identify key sources of information
  • Ability to analyze information for accuracy and consistency
  • Ability to work cooperatively with others and contribute ideas, suggestions and assistance
  • Ability to pose critical questions
  • Ability to accurately summarize and document information
C2.
Develop, assess, and document security policies, practices, and procedures
  • Policies are developed and documented according to applicable practices and procedures
  • Policies are assessed for feasibility of application and enforcement
  • Policies reflect system and infrastructure capabilities
  • Assessment includes accommodation for emerging trends and technologies
  • Knowledge of policy development practices and methodology
  • Knowledge of system and infrastructure architecture and capabilities
  • Knowledge of emerging tools and technologies in security and data assurance
  • Ability to create detailed supporting documents
  • Ability to use prior training/experience to predict outcomes
  • Ability to interpret data/information
  • Ability to present complex information/ideas and analyze group/individual response
C3.
Disseminate policies and implementation practices and procedures
  • Security policies and practices are clear, pertinent, and effectively communicated to all staff and stakeholders
  • Policy implementation includes opportunities for review, feedback, and revision
  • Policy enforcement is visible, fair, and consistent with applicable laws, practices, and institutional guidelines
  • Knowledge of project planning and implementation
  • Knowledge of cybersecurity policy enforcement methods and practices
  • Ability to effectively communicate data assurance and information security concepts, procedures, and regulations to a variety of audiences
  • Knowledge of documentation dissemination, revision, and control techniques
  • Ability to present security tradeoffs and risks and pose critical questions
  • Ability to willingly help others and establish rapport with coworkers and customers
  • Ability to identify and project resource needs
  • Ability to create detailed supporting documents
C4.
Implement, enforce, and monitor security policies, practices, and procedures
  • Security policies and procedures provide for performance audits and effectiveness reviews
  • Stakeholders agree to follow security implementation guidelines and procedures
  • Enforcement is visible, fair, and consistently follows applicable laws, practices, and regulations
  • Security policies, practices, and procedures are routinely followed and upheld
  • Data is continuously gathered on the performance and effectiveness of security plans and operations
  • Knowledge of performance audit and policy review techniques
  • Knowledge of system security processes and procedures
  • Knowledge of organizational, legal, and regulatory issues surrounding security policy enforcement
  • Knowledge of evaluation criteria relevant to information assurance and data systems security
  • Ability to apply systems performance and audit data for policy compliance
  • Ability to formulate plan of action and predict outcomes
  • Ability to organize and present technical information to non-technical users and analyze group/individual response
  • Ability to assess and modify policies/procedures
  • Ability to plan according to resource constraints and requirements

Critical Work Function: D. Perform Security Education and Training

KEY ACTIVITY Performance Indicator
How do we know when the key activity is performed well?
Technical Knowledge
Skills, Abilities, Tools
Employabilty Skills
SCANS Skills and Foundational Abilities
D1.
Identify and assess education and training requirements for all constituents
  • Requirements reflect immediate training and education needs
  • Requirements include long term and strategic IT workforce development goals
  • Requirements are periodically reviewed for currency and applicability
  • Requirements include appropriate assessments and certifications
  • Knowledge of training and professional development methods and practices
  • Knowledge of industry and enterprise IT workforce development trends and needs
  • Ability to develop and maintain education and training plans
  • Knowledge of skill and competency assessment methods and tools
  • Ability to analyze relationship between parts/whole
  • Ability to create organized and detailed supporting documents
  • Ability to assess and recommend training alternatives
  • Ability to understand constraints, generate alternatives, consider risks, evaluate options and formulate action plans
  • Ability to predict outcomes/results based on experience or prior knowledge
D2.
Identify resources and support materials
  • Resources and source materials are current
  • Resources and source materials are based on industry-derived standards
  • Resources and source materials reflect acceptable quality of instructional design
  • Resources and source materials support desired learner outcomes, competencies, skills assessments and certifications
  • Knowledge of sources of applicable training and educational resources and materials
  • Ability to assess and determine quality and suitability of education and training resources and source materials
  • Knowledge of outcomes assessment and certification
  • Ability to research additional information sources
  • Ability to follow rules and procedures
  • Ability to compile multiple viewpoints
  • Ability to be creative in identifying and locating sources of information
D3.
Design and develop education and training plans and strategies
  • Plans and strategies support enterprise skill development needs
  • Plans and strategies reflect accepted industry practices and policies
  • Plans and strategies result in consistent outcomes
  • Plans and strategies support immediate IT workforce skill needs and future IT workforce development goals
  • Knowledge of IT workforce professional development planning processes
  • Ability to accurately determine current and future needs
  • Knowledge of enterprise and business goals and strategies
  • Knowledge IT and security policies, methods, practices and strategies
  • Knowledge of budgetary and contractual aspects of workforce professional development
  • Ability to analyze and respond to client/user needs
  • Ability to work cooperatively with others and contribute ideas, suggestions and assistance
  • Ability to compare multiple viewpoints and relate intent to desired results
  • Ability to organize and present complex information to users
D4.
Deliver education and training
  • Education and training programs are delivered in a timely manner
  • Education and training programs are delivered within budget
  • Education and training programs are convenient and accessible
  • Education and training programs result in expected outcomes, skills, and knowledge gains
  • Knowledge of education and training program development and delivery
  • Knowledge of training program budgeting and accounting
  • Knowledge of learner and environmental variability
  • Knowledge of education and training program outcomes assessment
  • Ability to gather, analyze and categorize information
  • Ability to present complex ideas/information and analyze responses
  • Ability to listen attentively and compare multiple viewpoints
  • Ability to speak clearly and present well-organized presentations
  • Ability to identify training needs and conduct task-specific training
D5.
Assess results and determine followup requirements
  • Education and training programs result in appropriate or required credentials and / or certifications
  • Education and training programs are routinely evaluated with regard to needs, outcomes, and cost
  • Education and training program requirements are periodically reviewed with stakeholders and systematically revised as needed
  • Knowledge of applicability of appropriate degrees, certificates, and certifications
  • Ability to comprehensively evaluate education and training programs
  • Knowledge of IT education and training program development, delivery, and evaluation
  • Ability to present and discuss IT workforce education, training and professional development programs to non-technical audiences
  • Ability to use logic to draw conclusions from available information
  • Ability to analyze information and formulate proposals
  • Ability to analyze goals/constraints and examine proposed modifications and improvements
  • Ability to present recommendations in a clear, concise and persuasive manner
  • Ability to evaluate/adjust plan of action

Critical Work Function: E. Develop and Implement Physical Security, Deterrence, and Detection

KEY ACTIVITY Performance Indicator
How do we know when the key activity is performed well?
Technical Knowledge
Skills, Abilities, Tools
Employabilty Skills
SCANS Skills and Foundational Abilities
E1.
Identify and assess current and anticipated security risks and vulnerabilities
  • Security risks are assessed using appropriate standards and practices
  • Security risks assessments include a variety of scenarios
  • Assumptions are tested and verified
  • Risk assessments include provisions for prevention as well as detection
  • Knowledge of IT physical security standards and practices
  • Ability to apply imagination and abstract reasoning to security problems
  • Knowledge of theoretical and operational security systems performance and application
  • Knowledge of prevention strategies and practices relating to IT systems
  • Ability to recognize ethical issues
  • Ability to use prior training/experience to predict outcomes
  • Ability to troubleshoot system malfunction and/or failure
  • Ability to distinguish trends in performance and diagnose performance deviations
  • Ability to analyze possible cause of problems and recommend action plans for resolution
E2.
Research and evaluate alternative current and emerging practices, tools, and technologies
  • Appropriate literature is continuously reviewed to determine current and emerging practices, tools and technologies
  • Methods are developed and implemented to routinely share information with appropriate stakeholders
  • Policies are developed and followed that ensure routine evaluation of currently used technologies and practices
  • Routine security audits are performed
  • Security audit findings and outcomes result in appropriate action
  • Knowledge of relevant IT security information resources
  • Knowledge of security systems evaluation and assessment
  • Ability to develop, monitor, and implement IT physical security policies and plans
  • Knowledge of applicable business practices
  • Knowledge of enterprise risks, vulnerabilities, and budgets
  • Ability to formulate approaches and generate unique solutions
  • Ability to compose well-organized presentations and debate issues
  • Ability to adapt principles to new applications and judge logical consistency
E3.
Select and apply relevant tools to meet security goals and requirements
  • Alternative technologies and methods are explored for effectiveness, benefits, and cost
  • Alternative tools are evaluated completely and accurately
  • New tools and technologies are evaluated for compatibility with applicable existing systems and practices
  • All stakeholders agree to selection criteria and selection process
  • Knowledge of sources of information on emerging IT and physical security technologies, tools, and methods
  • Ability to perform cost/benefit, ROI, and technical evaluations
  • Knowledge of options for technology use
  • Knowledge of enterprise IT and physical security systems
  • Ability to present IT physical and systems security information to diverse stakeholders
  • Ability to compare multiple viewpoints
  • Ability to demonstrate honesty and trustworthiness
  • Ability to analyze information and formulate proposals
  • Ability to communicate/present in a clear and concise manner
  • Ability to critically investigate various security tools
E4.
Monitor, evaluate, and test security conditions and environment
  • Policies are developed and implemented that allow detection of ordinary and non-ordinary occurrences
  • Policies are developed and disseminated that effectively communicate deterrence and detection practices and procedures
  • Normal conditions are monitored with minimal intrusion
  • Periodic tests are conducted to determine effectiveness of monitoring and deterrence practices
  • Routine environmental scans are conducted to expose need for changes to security practices and procedures
  • Knowledge of development and implementation effective security deterrence and detection policies
  • Ability to effectively and unobtrusively monitor and enforce IT physical and system security
  • Knowledge of physical security systems testing and evaluation
  • Ability to effectively communicate plans and implement procedures across organizational boundaries
  • Ability to devise and implement plan of action
  • Ability to create plan to monitor and correct system
  • Ability to responsibly challenge unethical practices/decision
  • Ability to monitor and interpret trends in technology and industry
  • Ability to evaluate and interpret data
E5.
Implement, extend, and refine physical security plans and practices
  • Physical security plans are implemented with minimal intrusion
  • Data regarding effectiveness of physical security practices is routinely gathers from all stakeholders
  • Physical security plans are regularly reviewed and evaluated against emerging trends and practices
  • Physical security plans and practices are regularly updated and improved
  • Knowledge of security plan development, implementation, and extension practices and methods
  • Ability to gather and present user and stakeholder data
  • Knowledge of information resources relevant to IT physical security practices and trends
  • Ability to develop, implement, and maintain continuous improvement plans for physical security
  • Ability to analyze security problems and recommend solutions
  • Ability to implement and evaluate/adjust plan of action
  • Ability to use previous training/experiences to predict outcomes
  • Ability to organize and clearly present complex information

Critical Work Function: F. Perform System Design and Analysis

KEY ACTIVITY Performance Indicator
How do we know when the key activity is performed well?
Technical Knowledge
Skills, Abilities, Tools
Employabilty Skills
SCANS Skills and Foundational Abilities
F1.
Define current systems-level requirements, and forecast future needs and trends
  • Current systems level security requirements are defined according to industry standard terms and metrics
  • Current systems level requirements accurately reflect organizational needs and current operational conditions
  • Current systems level requirements are complete and accurate and can serve as the foundation for forecasting future needs
  • Forecasts of future systems level needs and trends reflect enterprise goals and requirements
  • Forecasts of future systems level needs and trends include applicable emerging technologies and practices
  • Forecasts of future systems level needs and trends embrace changing legal, agency, or policy considerations
  • Knowledge of relevant industry terminology and metrics
  • Knowledge of business rules, budgets, and operations
  • Ability to develop and present systems level security planning forecasts
  • Knowledge of relevant resources regarding applicable legal, agency, and policy developments and recommendations
  • Knowledge of relevant resources regarding emerging systems level IT security technology and trends
  • Ability to develop and present IT security information to diverse and non-technical stakeholders
  • Ability to follow policies, procedures, and regulations, pay attention to detail and follow up on assigned tasks
  • Ability to compare multiple viewpoints
  • Ability to examine information for relevance and accuracy and adapt principles/rules to new applications
  • Ability to develop forecasts and evaluate scenarios
F2.
Evaluate current and emerging tools and technologies
  • Current tools and technologies are evaluated according to industry standard benchmarks and metrics
  • Current tools and technologies adequately meet organizational needs and current operational conditions
  • Current tools and technologies provide organizational framework for the implementation of emerging technologies and tools
  • Emerging tools and technologies are evaluated according to industry standard benchmarks and metrics
  • Evaluation of emerging technologies provides basis for implementation plan
  • Knowledge of relevant industry benchmarks and metrics
  • Knowledge of business rules, budgets, and operations
  • Knowledge of relevant resources regarding emerging IT security tools and technologies
  • Ability to develop evaluation rationale and develop implementation recommendations or plans
  • Ability to examine data for relevance/accuracy and present complex ideas/information
  • Ability to analyze and understand system organization and configuration
  • Ability to use logic to draw conclusions from available information and make recommendations
  • Ability to stay current on cutting edge tools and technologies
  • Ability to clarify, interpret, and influence communication
F3.
Evaluate organization¦s security strategies
  • Security strategies reflect relevant technology, tools, and practices
  • Security strategies support organization goals and mission
  • Security strategies include clearly stated outcomes and evaluation criteria
  • Security strategies allow for response to unforeseen events
  • Security strategies conform to applicable laws, agency regulations, relevant recommendations and applicable evaluation criteria
  • Knowledge of IT security technology, tools, and practices
  • Knowledge of business rules and practices
  • Knowledge of criteria used to develop and evaluate IT security strategic plans
  • Knowledge of security laws, agency regulations, and bureaucratic recommendations
  • Ability to compare multiple viewpoints and relate intent to desired results
  • Ability to interpret and analyze information
  • Ability to adapt rules/principles to new applications
  • Ability to evaluate and communicate security strategies
  • Ability to generate unique solutions, formulate new ideas, and recommend new directions and processes
F4.
Make recommendations regarding organization¦s investment in security
  • Security recommendations are complete and accurately reflect organizational requirements and goals
  • Recommendations are communicated appropriately
  • Recommendations include risk assessment and cost/benefit analysis
  • Security recommendations are compatible with operational systems and technology strategic plans
  • Knowledge of business rules and practices
  • Knowledge of IT strategic planning
  • Ability to assess, categorize, and rank risks, benefits, and costs
  • Knowledge of systems and enterprise level IT systems operation and technology
  • Ability to analyze goals/constraints and examine proposed modifications and improvements
  • Ability to pose critical questions, formulate proposals, and create original documents
  • Ability to adapt technology for complex alternative uses and evaluate application of technology
  • Ability to forecast future security needs
F5.
Coordinate systems testing and integration
  • Tests are appropriately designed and accurately measure required operational characteristics
  • Testers are properly identified and trained
  • Test results are documented in accordance with applicable procedures
  • Test results are appropriately disseminated and reviewed
  • Knowledge of IT security systems testing tools, processes and procedures
  • Knowledge of system operational characteristics and measurement
  • Ability to identify and train qualified testers
  • Knowledge of test documentation practices
  • Ability to understand continuous improvement process and analyze goals/constraints
  • Ability to summarize and translate mathematical data
  • Ability to detect underlying issues and resolve technical conflicts
  • Ability to analyze systems operation, monitor systems, distinguish trends in performance, and evaluate systems performance
  • Ability to create detailed supporting documents
F6.
Audit and maintain systems performance and ensure future readiness
  • Systems audits are conducted in accordance with organizational procedures
  • Systems audits reflect applicable industry practices and recommendations
  • Systems audits are reviewed and acted upon by appropriate stakeholders
  • Systems readiness plans reflect anticipated growth
  • Systems readiness considerations are included in IT strategic plans
  • Readiness plans include all human and capital resource requirements
  • Knowledge of systems performance and readiness audit procedures and techniques
  • Knowledge of applicable industry performance audit standards and practices
  • Ability to assess and determine anticipated systems growth needs
  • Knowledge of IT strategic planning and organizational and enterprise level IT issues and trends
  • Knowledge of business forecasting processes, tools, and techniques
  • Knowledge of applicable information resources for IT and information assurance strategic planning
  • Ability to analyze and adjust goals
  • Ability to integrated multiple items of data and contrast conflicting data
  • Ability to align resources with testing and integration needs
  • Ability to solicit and accept feedback
  • Ability to plan and communicate effectively