Cybersecurity Certifications: Cybersecurity Courses, Tutorials, News, and Resources

CISSP

CISSP (Certified Information Systems Security Professional) is an independent information security certification granted by the International Information System Security Certification Consortium, also known as (ISC)².

#Job Openings Requiring CISSP*

137,140

Who is CISSP for?
The CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:

Chief Information Security Officer
Chief Information Officer
Director of Security
IT Director/Manager
Security Systems Engineer
Security Analyst
Security Manager
Security Auditor
Security Architect
Security Consultant
Network Architect

CISSP Domains
CISSP curriculum organizes the material into eight Information Security topics called domains. The eight domains are:

Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security

CISSP Requirements

To qualify for the CISSP, candidates must pass the exam and have at least five years of cumulative, paid work experience in two or more of the eight domains of the (ISC)² CISSP Common Body of Knowledge (CBK®).

A candidate who doesn’t yet have the required experience to become a CISSP may become an Associate of (ISC)² after successfully passing the CISSP exam. The Associate of (ISC)² will then have six years to earn the experience needed for CISSP certification.

`Exam Code`	NA
`#Questions (English)`	125-175
`Question Type`	Computer Adaptive Testing
`Max Time`	4 hours
`Passing Score (max 1,000)`	700
`Cost`	$125 AMF**

**Once your endorsement application has been approved, you will need to pay your first Annual Maintenance Fee (AMF). Associates of (ISC)² AMFs pay $50

Download The CISSP Guide (PDF) »

CompTIA Security+

CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.

#Job Openings Requiring Security+*

94,175

Who is Security+ for?

CompTIA Security+ is the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:

Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
Monitor and secure hybrid environments, including cloud, mobile, and IoT
Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
Identify, analyze, and respond to security events and incidents

Security+ Overview

Security+ certification covers the following topics:

Attacks, Threats and Vulnerabilities: Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events.
Operations and Incident Response: Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics.
Architecture and Design: Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks.
Governance, Risk and Compliance: Expanded to support organizational risk management and compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.
Implementation: Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.

Security+ Requirements

The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents

`Exam Code`	SY0-601
`#Questions`	90
`Question Type`	Multiple choice and performance-based
`Max Time`	90 min
`Passing Score (max 900)`	750
`Cost`	$381

Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of authentication, authorization, and access control methods.
Knowledge of applicable business processes and operations of customer organizations.
Knowledge of application vulnerabilities.
Knowledge of communication methods, principles, and concepts that support the network infrastructure.
Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
Knowledge of capabilities and requirements analysis.
Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
Knowledge of computer algorithms.
Knowledge of encryption algorithms
Knowledge of cryptography and cryptographic key management concepts
Knowledge of database systems.
Knowledge of business continuity and disaster recovery continuity of operations plans.
Knowledge of organization's enterprise information security architecture.
Knowledge of electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
Knowledge of installation, integration, and optimization of system components.
Knowledge of human-computer interaction principles.
Knowledge of Security Assessment and Authorization process.
Knowledge of industry-standard and organizationally accepted analysis principles and methods.
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge of mathematics (e.g. logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis).
Knowledge of microprocessors.
Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
Knowledge of network hardware devices and functions.
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Knowledge of operating systems.
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of parallel and distributed computing concepts.
Knowledge of remote access technology concepts.
Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
Knowledge of software engineering.
Knowledge of systems testing and evaluation methods.
Knowledge of technology integration processes.
Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
Knowledge of the systems engineering process.
Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
Knowledge of confidentiality, integrity, and availability requirements.
Knowledge of cybersecurity-enabled software products.
Knowledge of the Risk Management Framework Assessment Methodology.
Knowledge of various types of computer architectures.
Knowledge of multi-level security systems and cross domain solutions.
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of Payment Card Industry (PCI) data security standards.
Knowledge of Personal Health Information (PHI) data security standards.
Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
Knowledge of configuration management techniques.
Knowledge of current and emerging data encryption (e.g., Column and Tablespace Encryption, file and disk encryption) security features in databases (e.g. built-in cryptographic key management features).
Knowledge of N-tiered typologies (e.g. including server and client operating systems).
Knowledge of an organization's information classification program and procedures for information compromise.
Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
Knowledge of integrating the organization’s goals and objectives into the architecture.
Knowledge of organization's evaluation and validation criteria.
Knowledge of embedded systems.
Knowledge of system fault tolerance methodologies.
Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
Knowledge of demilitarized zones.
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
Knowledge of access authentication methods.
WITHDRAWN: Knowledge of basic structure, architecture, and design of modern digital and telephony networks. (See K0599)
Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Skill in applying and incorporating information technologies into proposed solutions.
Skill in designing countermeasures to identified security risks.
Skill in designing the integration of hardware and software solutions.
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Skill in design modeling and building use cases (e.g., unified modeling language).
Skill in using Virtual Private Network (VPN) devices and encryption.
Skill in writing test plans.
Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
Skill in designing multi-level security/cross domain solutions.
Skill in the use of design methods.
Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
Skill in applying security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
Skill in translating operational requirements into protection needs (i.e., security controls).
Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).
Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
Ability to communicate effectively when writing.
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
Ability to apply an organization's goals and objectives to develop and maintain architecture.
Ability to optimize systems to meet enterprise performance requirements.
Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Ability to apply secure system design tools, methods and techniques.
Ability to apply system design tools, methods, and techniques, including automated systems analysis and design tools.
Ability to design architectures and frameworks.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls.
Ability, in close coordination with system security officers, advise authorizing officials, chief information officers, senior information security officers, and the senior accountable official for risk management/risk executive (function), on a range of security-related issues (e.g. establishing system boundaries; assessing the severity of weaknesses and deficiencies in the system; plans of action and milestones; risk mitigation approaches; security alerts; and potential adverse effects of identified vulnerabilities).
Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.

Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.
Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET).
Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
Employ secure configuration management processes.
Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
Identify and prioritize critical business functions in collaboration with organizational stakeholders.
Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
Provide advice on project costs, design concepts, or design changes.
Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
Analyze candidate architectures, allocate security services, and select security mechanisms.
Develop a system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirements.
Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
Write detailed functional specifications that document the architecture development process.
Analyze user needs and requirements to plan architecture.
Develop enterprise architecture or system components required to meet user needs.
Document and update as necessary all definition and architecture activities.
Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
Translate proposed capabilities into technical requirements.
Assess and design security management functions as related to cyberspace.

CISA

ISACA's Certified Information Systems Auditor (CISA) is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems.

#Job Openings Requiring CISA*

80,685

Who is CISA for?

The CISA certification validate's one's expertise to move up in a cybersecurity career, including the following positions:

IT Auditor
Cybersecurity Engineer
Cybersecurity Analyst
Security Architect
Cybersecurity Manager

CISA Overview

The CISA job practice consists of domains, subtopics and supporting tasks representing the work performed in information systems audit, assurance and control. Below are the key domains, subtopics and tasks candidates will be tested on:
Domain 1—INFORMATION SYSTEMS AUDITING PROCESS - (21%)

Providing audit services in accordance with standards to assist organizations in protecting and controlling information systems. Domain 1 affirms your credibility to offer conclusions on the state of an organization’s IS/IT security, risk and control solutions.

A. Planning

IS Audit Standards, Guidelines, and Codes of Ethics
Business Processes
Types of Controls
Risk-Based Audit Planning
Types of Audits and Assessments

B. Execution

Audit Project Management
Sampling Methodology
Audit Evidence Collection Techniques
Data Analytics
Reporting and Communication Techniques
Quality Assurance and Improvement of the Audit Process

Domain 2—Governance and Management of IT - (17%)

Domain 2 confirms to stakeholders your abilities to identify critical issues and recommend enterprise-specific practices to support and safeguard the governance of information and related technologies.

A. IT Governance

IT Governance and IT Strategy
IT-Related Frameworks
IT Standards, Policies, and Procedures
Organizational Structure
Enterprise Architecture
Enterprise Risk Management
Maturity Models
Laws, Regulations, and Industry Standards affecting the Organization

B. IT Management

IT Resource Management
IT Service Provider Acquisition and Management
IT Performance Monitoring and Reporting
Quality Assurance and Quality Management of IT

Domain 3—Information Systems Acquisition, Development and Implementation - (12%)

A. Information Systems Acquisition and Development

Project Governance and Management
Business Case and Feasibility Analysis
System Development Methodologies
Control Identification and Design

B. Information Systems Implementation

Testing Methodologies
Configuration and Release Management
System Migration, Infrastructure Deployment, and Data Conversion
Post-implementation Review

Domain 4—INFORMATION SYSTEMS OPERATIONS AND BUSINESS RESILIENCE - (23%)

Domains 3 and 4 offer proof not only of your competency in IT controls, but also your understanding of how IT relates to business.

A. Information Systems Operations

Common Technology Components
IT Asset Management
Job Scheduling and Production Process Automation
System Interfaces
End-User Computing
Data Governance
Systems Performance Management
Problem and Incident Management
Change, Configuration, Release, and Patch Management
IT Service Level Management
Database Management

B. Business Resilience

Business Impact Analysis (BIA)
System Resiliency
Data Backup, Storage, and Restoration
Business Continuity Plan (BCP)
Disaster Recovery Plans (DRP)

Domain 5—Protection of Information Assets - (27%)

Cybersecurity now touches virtually every information systems role, and understanding its principles, best practices and pitfalls is a major focus within Domain 5.

A. Information Asset Security and Control

Information Asset Security Frameworks, Standards, and Guidelines
Privacy Principles
Physical Access and Environmental Controls
Identity and Access Managementv
Network and End-Point Security
Data Classification
Data Encryption and Encryption-Related Techniques
Public Key Infrastructure (PKI)
Web-Based Communication Techniques
Virtualized Environments
Mobile, Wireless, and Internet-of-Things (IoT) Devices

B. Security Event Management

Security Awareness Training and Programs
Information System Attack Methods and Techniques
Security Testing Tools and Techniques
Security Monitoring Tools and Techniques
Incident Response Management
Evidence Collection and Forensics

CISA Requirements

The exam is available either online with remote proctoring or in-person at a testing center. CISA requires a five (5) or more years of experience in IS/IT audit, control, assurance, or security. Experience waivers are available for a maximum of three (3) years.

`Exam Code`	NA
`#Questions`	150
`Question Type`	Multiple choice
`Max Time`	4 hours
`Passing Score (max 800)`	450
`Cost`	$575 (Member) / $760 (Nonmember)

Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of authentication, authorization, and access control methods.
Knowledge of applicable business processes and operations of customer organizations.
Knowledge of application vulnerabilities.
Knowledge of communication methods, principles, and concepts that support the network infrastructure.
Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
Knowledge of capabilities and requirements analysis.
Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
Knowledge of computer algorithms.
Knowledge of encryption algorithms
Knowledge of cryptography and cryptographic key management concepts
Knowledge of database systems.
Knowledge of business continuity and disaster recovery continuity of operations plans.
Knowledge of organization's enterprise information security architecture.
Knowledge of electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
Knowledge of installation, integration, and optimization of system components.
Knowledge of human-computer interaction principles.
Knowledge of Security Assessment and Authorization process.
Knowledge of industry-standard and organizationally accepted analysis principles and methods.
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge of mathematics (e.g. logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis).
Knowledge of microprocessors.
Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
Knowledge of network hardware devices and functions.
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Knowledge of operating systems.
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of parallel and distributed computing concepts.
Knowledge of remote access technology concepts.
Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
Knowledge of software engineering.
Knowledge of systems testing and evaluation methods.
Knowledge of technology integration processes.
Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
Knowledge of the systems engineering process.
Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
Knowledge of confidentiality, integrity, and availability requirements.
Knowledge of cybersecurity-enabled software products.
Knowledge of the Risk Management Framework Assessment Methodology.
Knowledge of various types of computer architectures.
Knowledge of multi-level security systems and cross domain solutions.
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of Payment Card Industry (PCI) data security standards.
Knowledge of Personal Health Information (PHI) data security standards.
Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
Knowledge of configuration management techniques.
Knowledge of current and emerging data encryption (e.g., Column and Tablespace Encryption, file and disk encryption) security features in databases (e.g. built-in cryptographic key management features).
Knowledge of N-tiered typologies (e.g. including server and client operating systems).
Knowledge of an organization's information classification program and procedures for information compromise.
Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
Knowledge of integrating the organization’s goals and objectives into the architecture.
Knowledge of organization's evaluation and validation criteria.
Knowledge of embedded systems.
Knowledge of system fault tolerance methodologies.
Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
Knowledge of demilitarized zones.
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
Knowledge of access authentication methods.
WITHDRAWN: Knowledge of basic structure, architecture, and design of modern digital and telephony networks. (See K0599)
Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Skill in applying and incorporating information technologies into proposed solutions.
Skill in designing countermeasures to identified security risks.
Skill in designing the integration of hardware and software solutions.
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Skill in design modeling and building use cases (e.g., unified modeling language).
Skill in using Virtual Private Network (VPN) devices and encryption.
Skill in writing test plans.
Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
Skill in designing multi-level security/cross domain solutions.
Skill in the use of design methods.
Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
Skill in applying security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
Skill in translating operational requirements into protection needs (i.e., security controls).
Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).
Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
Ability to communicate effectively when writing.
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
Ability to apply an organization's goals and objectives to develop and maintain architecture.
Ability to optimize systems to meet enterprise performance requirements.
Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Ability to apply secure system design tools, methods and techniques.
Ability to apply system design tools, methods, and techniques, including automated systems analysis and design tools.
Ability to design architectures and frameworks.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls.
Ability, in close coordination with system security officers, advise authorizing officials, chief information officers, senior information security officers, and the senior accountable official for risk management/risk executive (function), on a range of security-related issues (e.g. establishing system boundaries; assessing the severity of weaknesses and deficiencies in the system; plans of action and milestones; risk mitigation approaches; security alerts; and potential adverse effects of identified vulnerabilities).
Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.

Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.
Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET).
Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
Employ secure configuration management processes.
Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
Identify and prioritize critical business functions in collaboration with organizational stakeholders.
Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
Provide advice on project costs, design concepts, or design changes.
Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
Analyze candidate architectures, allocate security services, and select security mechanisms.
Develop a system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirements.
Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
Write detailed functional specifications that document the architecture development process.
Analyze user needs and requirements to plan architecture.
Develop enterprise architecture or system components required to meet user needs.
Document and update as necessary all definition and architecture activities.
Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
Translate proposed capabilities into technical requirements.
Assess and design security management functions as related to cyberspace.

CISSP

Security Architect

Security Architect