Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

Research & Development Specialist

Home NICE Framework Cybersecurity Work Roles Research & Development Specialist
NICE Work Role Description:

Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.

*Certification Declaration
Certification Declaration
Each certification is mapped to the NICE Framework, which organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks.  These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas.   Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.

Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps.  The CCE® Program does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.

NICE Framework Category
CCE® Concentration Area:
Securely Provision (SP)
NICE Specialty Area:
Technology R&D (TRD)
NICE Work Role ID:
SP-TRD-001
OPM Code | DCWF Code:
661
School of Cybersecurity Training
School of Cybersecurity Training
Research & Development Specialist (SP302-RBT)
CCE® Program
Certified Expert Cyber Engineer (CECE)℠

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

ID & Description

  • K001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0009 - Knowledge of application vulnerabilities.
  • K0019 - Knowledge of cryptography and cryptographic key management concepts
  • K0059 - Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0090 - Knowledge of system life cycle management principles, including software security and usability.
  • K0126 - Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
  • K0169 - Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0170 - Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0171 - Knowledge of hardware reverse engineering techniques.
  • K0172 - Knowledge of middleware (e.g., enterprise service bus and message queuing).
  • K0174 - Knowledge of networking protocols.
  • K0175 - Knowledge of software reverse engineering techniques.
  • K0176 - Knowledge of Extensible Markup Language (XML) schemas.
  • K0179 - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0202 - Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • K0209 - Knowledge of covert communication techniques.
  • K0267 - Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • K0268 - Knowledge of forensic footprint identification.
  • K0269 - Knowledge of mobile communications architecture.
  • K0271 - Knowledge of operating system structures and internals (e.g., process management, directory structure, installed applications).
  • K0272 - Knowledge of network analysis tools used to identify software communications vulnerabilities.
  • K0288 - Knowledge of industry standard security models.
  • K0296 - Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
  • K0310 - Knowledge of hacking methodologies.
  • K0314 - Knowledge of industry technologies potential cybersecurity vulnerabilities.
  • K0321 - Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software.
  • K0342 - Knowledge of penetration testing principles, tools, and techniques.
  • K0499 - Knowledge of operations security.

ID & Description

  • S0005 - Skill in applying and incorporating information technologies into proposed solutions.
  • S0017 - Skill in creating and utilizing mathematical or statistical models.
  • S0072 - Skill in using scientific rules and methods to solve problems.
  • S0140 - Skill in applying the systems engineering process.
  • S0148 - Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
  • S0172 - Skill in applying secure coding techniques.

ID & Description

  • A0001 - Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • A0018 - Ability to prepare and present briefings.
  • A0019 - Ability to produce technical documentation.
  • A0170 - Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.

ID & Description

  • T0064 - Review and validate data mining and data warehousing programs, processes, and requirements.
  • T0249 - Research current technology to understand capabilities of required system or network.
  • T0250 - Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.
  • T0283 - Collaborate with stakeholders to identify and/or develop appropriate solutions technology.
  • T0284 - Design and develop new tools/technologies as related to cybersecurity.
  • T0327 - Evaluate network infrastructure vulnerabilities to enhance capabilities being developed.
  • T0329 - Follow software and systems engineering life cycle standards and processes.
  • T0409 - Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.
  • T0410 - Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.
  • T0411 - Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities.
  • T0413 - Develop data management capabilities (e.g., cloud-based, centralized cryptographic key management) to include support to the mobile workforce.
  • T0547 - Research and evaluate available technologies and standards to meet customer requirements.
Knowledge

ID & Description

  • K001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0009 - Knowledge of application vulnerabilities.
  • K0019 - Knowledge of cryptography and cryptographic key management concepts
  • K0059 - Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0090 - Knowledge of system life cycle management principles, including software security and usability.
  • K0126 - Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
  • K0169 - Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0170 - Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0171 - Knowledge of hardware reverse engineering techniques.
  • K0172 - Knowledge of middleware (e.g., enterprise service bus and message queuing).
  • K0174 - Knowledge of networking protocols.
  • K0175 - Knowledge of software reverse engineering techniques.
  • K0176 - Knowledge of Extensible Markup Language (XML) schemas.
  • K0179 - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0202 - Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • K0209 - Knowledge of covert communication techniques.
  • K0267 - Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • K0268 - Knowledge of forensic footprint identification.
  • K0269 - Knowledge of mobile communications architecture.
  • K0271 - Knowledge of operating system structures and internals (e.g., process management, directory structure, installed applications).
  • K0272 - Knowledge of network analysis tools used to identify software communications vulnerabilities.
  • K0288 - Knowledge of industry standard security models.
  • K0296 - Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
  • K0310 - Knowledge of hacking methodologies.
  • K0314 - Knowledge of industry technologies potential cybersecurity vulnerabilities.
  • K0321 - Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software.
  • K0342 - Knowledge of penetration testing principles, tools, and techniques.
  • K0499 - Knowledge of operations security.
Skills

ID & Description

  • S0005 - Skill in applying and incorporating information technologies into proposed solutions.
  • S0017 - Skill in creating and utilizing mathematical or statistical models.
  • S0072 - Skill in using scientific rules and methods to solve problems.
  • S0140 - Skill in applying the systems engineering process.
  • S0148 - Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
  • S0172 - Skill in applying secure coding techniques.
Abilities

ID & Description

  • A0001 - Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • A0018 - Ability to prepare and present briefings.
  • A0019 - Ability to produce technical documentation.
  • A0170 - Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Tasks

ID & Description

  • T0064 - Review and validate data mining and data warehousing programs, processes, and requirements.
  • T0249 - Research current technology to understand capabilities of required system or network.
  • T0250 - Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.
  • T0283 - Collaborate with stakeholders to identify and/or develop appropriate solutions technology.
  • T0284 - Design and develop new tools/technologies as related to cybersecurity.
  • T0327 - Evaluate network infrastructure vulnerabilities to enhance capabilities being developed.
  • T0329 - Follow software and systems engineering life cycle standards and processes.
  • T0409 - Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.
  • T0410 - Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.
  • T0411 - Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities.
  • T0413 - Develop data management capabilities (e.g., cloud-based, centralized cryptographic key management) to include support to the mobile workforce.
  • T0547 - Research and evaluate available technologies and standards to meet customer requirements.
Menu