Records: 456 | Showing 1-30 | [+]
| View | Acquire and maintain a working knowledge of relevant laws, regulations, policies, standards, or procedures |
|
| View | Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support IT security goals and objectives and reduce overall organizational risk |
|
| View | Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program |
|
| View | Administer Computer Network Defense test bed and test and evaluate new Computer Network Defense applications, rules/signatures, access controls, and configurations of Computer Network Defense service provider managed platforms |
|
| View | Administer the indexing/cataloguing, storage, and access of organizational documents |
|
| View | Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's IA posture |
|
| View | Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, and systems, and elements |
|
| View | Advise senior management (e.g., CIO) on risk levels and security posture |
|
| View | Advocate organization's official position in legal and legislative proceedings |
|
| View | Analyze and define data requirements and specifications |
|
| View | Analyze and plan for anticipated changes in data capacity requirements |
|
| View | Analyze computer systems activity |
|
| View | Analyze computer-generated threats |
|
| View | Analyze design constraints, analyze trade-offs and detailed system and security design, and consider lifecycle support |
|
| View | Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information |
|
| View | Analyze information to determine, recommend, and plan the development of a new application or modification of an existing application |
|
| View | Analyze information with other relevant data sources to develop a common operational picture of criminal and foreign threats to information infrastructure |
|
| View | Analyze organizational information security policy |
|
| View | Analyze site/enterprise Computer Network Defense policies and configurations and evaluate compliance with regulations and enterprise directives |
|
| View | Analyze the results of end-to-end testing (e.g., software, hardware, transport, seams, interfaces, etc.) |
|
| View | Analyze user needs and requirements to plan and conduct system security development |
|
| View | Analyze user needs and requirements to plan system architecture |
|
| View | Analyze user needs and software requirements to determine feasibility of design within time and cost constraints |
|
| View | Apply assessment data of identified threats in decision making |
|
| View | Apply coding and testing standards, apply security testing tools (including "'fuzzing" static-analysis code scanning tools), and conduct code reviews |
|
| View | Apply defensive functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities of supply chain vulnerabilities |
|
| View | Apply secure code documentation |
|
| View | Apply security policies to applications that interface with one another, such as Business-to-Business (B2B) applications |
|
| View | Apply security policies to meet security objectives of the system |
|
| View | Apply service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements |
|
Official website of the Department of Homeland Security