Back to Top

Competency Model for Cybersecurity

Wednesday, February 16, 2011
MEMORANDUM FOR: 
Chief Human Capital Officers
From: 
John Berry, Director
Subject: 
Competency Model for Cybersecurity

The U. S. Office of Personnel Management (OPM), the Chief Information Officers (CIO) Council and the Chief Human Capital Officers Council's Workforce Development Subcommittee identified cybersecurity related occupations as high priorities for Governmentwide competency models.

In November 2009, OPM initiated a Governmentwide study to identify critical competencies for cybersecurity work, working with the CIO Council and the National Initiative for Cybersecurity Education (NICE). Subject matter experts provided key insights, and employees and supervisors across the Government completed surveys to paint a comprehensive picture of cybersecurity work. We are pleased to provide the attached Cybersecurity competency model to support your human resources initiatives.

The competencies identified may be used in such agency efforts as workforce planning, training and development, performance management, recruitment, and selection. When used for selection, the competencies must be used in conjunction with the appropriate qualification standard.

Thank you for your continued support of this important project. If you have any questions regarding the competency model, please contact Andrea Bright, Manager of the Classification and Assessment Policy Group at (202) 606-3600, or e-mail competency@opm.gov.

Attachment

cc: Human Resources Directors


Cybersecurity Competencies by Grade Level

The following tables present the competencies that have been confirmed as appropriate for selection on a Governmentwide basis for cybersecurity work in the four series listed below and at the grades indicated. Agencies are responsible for conducting job analyses for work responsibilities outside the cybersecurity function. Similarly, agencies must determine the applicability of these competencies to positions which do not perform the full range of cybersecurity work. Please refer to OPM's Delegated Examining Operations Handbook for more information on conducting a job analysis.

Occupations and Grades with Confirmed Competencies

Occupations

Grades

2210 Information Technology Management Series

9, 11, 12, 13, 14, 15

0855 Electronics Engineering Series

12, 13, 14, 15

0854 Computer Engineering Series

12, 13, 14, 15

0391 Telecommunications Series

9, 11, 12, 13

 


Cybersecurity Competencies by Occupation 
2210 Information Technology Management Series

General Competencies

Grade 9

Grade 11

Grade 12

Grade 13

Grade 14

Grade 15

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Learning

·  

Memory

·  

Oral Communication

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Stress Tolerance

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Information Management

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Learning

·  

Memory

·  

Oral Communication

·  

Organizational Awareness

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Information Management

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Memory

·  

Oral Communication

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Conflict Management

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Information Management

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Memory

·  

Oral Communication

·  

Partnering

·  

Planning and Evaluating

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Administration and Management

·  

Attention to Detail

·  

Computer Skills

·  

Conflict Management

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Influencing/ Negotiating

·  

Information Management

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Memory

·  

Oral Communication

·  

Organizational Awareness

·  

Partnering

·  

Planning and Evaluating

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Strategic Thinking

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Administration and Management

·  

Attention to Detail

·  

Computer Skills

·  

Conflict Management

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

External Awareness

·  

Flexibility

·  

Human Capital Management

·  

Influencing/ Negotiating

·  

Information Management

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Managing Human Resources

·  

Oral Communication

·  

Organizational Awareness

·  

Partnering

·  

Planning and Evaluating

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Strategic Thinking

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

 

Technical Competencies

Grade 9

Grade 11

Grade 12

Grade 13

Grade 14

Grade 15

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Configuration Management

·  

Data Management

·  

Hardware

·  

Information Assurance

·  

Information Systems/ Network Security

·  

Operating Systems

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Configuration Management

·  

Data Management

·  

Encryption

·  

Hardware

·  

Information Assurance

·  

Information Systems Security Certification

·  

Information Systems/ Network Security

·  

Operating Systems

·  

Security

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Configuration Management

·  

Information Assurance

·  

Information Systems Security Certification

·  

Information Systems/ Network Security

·  

Operating Systems

·  

Security

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Configuration Management

·  

Information Assurance

·  

Information Systems Security Certification

·  

Information Systems/ Network Security

·  

Operating Systems

·  

Security

·  

Technology Awareness

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Configuration Management

·  

Enterprise Architecture

·  

Information Assurance

·  

Information Resources Strategy and Planning

·  

Information Systems Security Certification

·  

Information Systems/ Network Security

·  

Project Management

·  

Risk Management

·  

Security

·  

Technology Awareness

·  

Vulnerabilities Assessment

·  

Web Technology

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Configuration Management

·  

Encryption

·  

Enterprise Architecture

·  

Identity Management

·  

Incident Management

·  

Information Assurance

·  

Information Resources Strategy and Planning

·  

Information Systems Security Certification

·  

Information Systems/ Network Security

·  

Project Management

·  

Risk Management

·  

Security

·  

Systems Life Cycle

·  

Technology Awareness

·  

Vulnerabilities Assessment

 


Cybersecurity Competencies by Occupation 
0855 Electronics Engineering Series

General Competencies

Grade 12

Grade 13

Grade 14

Grade 15

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Learning

·  

Mathematical Reasoning

·  

Memory

·  

Oral Communication

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Stress Tolerance

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Memory

·  

Oral Communication

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Accountability

·  

Attention to Detail

·  

Computer Skills

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Memory

·  

Mental Visualization

·  

Oral Communication

·  

Partnering

·  

Planning and Evaluating

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Strategic Thinking

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

·  

Attention to Detail

·  

Computer Skills

·  

Creative Thinking

·  

Customer Service

·  

Decision Making

·  

Flexibility

·  

Integrity/Honesty

·  

Interpersonal Skills

·  

Leadership

·  

Learning

·  

Mathematical Reasoning

·  

Memory

·  

Oral Communication

·  

Organizational Awareness

·  

Partnering

·  

Planning and Evaluating

·  

Problem Solving

·  

Reading

·  

Reasoning

·  

Resilience

·  

Self-Management

·  

Strategic Thinking

·  

Stress Tolerance

·  

Teaching Others

·  

Teamwork

·  

Technical Competence

·  

Writing

 

Technical Competencies

Grade 12

Grade 13

Grade 14

Grade 15

·  

Communications Security Management

·  

Compliance

·  

Computers and Electronics

·  

Engineering and Technology

·  

Requirements Analysis

·  

Risk Management

·  

Technical Documentation

·  

Communications Security Management

·  

Engineering and Technology

·  

Communications Security Management

·  

Compliance

·  

Engineering and Technology

·  

Risk Management

·  

Security

·  

Technology Awareness

·  

Communications Security Management

·  

Compliance

·  

Computer Network Defense

·  

Computers and Electronics

·  

Engineering and Technology

·  

Enterprise Architecture

·  

Hardware

·  

Information Assurance

·  

Project Management

·  

Technology Awareness

 


Cybersecurity Competencies by Occupation 
0854 Computer Engineering Series

General Competencies

Grade 12

Grade 13

Grade 14

Grade 15

·     

Accountability

·     

Attention to Detail

·     

Computer Skills

·     

Creative Thinking

·     

Decision Making

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Learning

·     

Oral Communication

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Teamwork

·     

Technical Competence

·     

Writing

·     

Accountability

·     

Attention to Detail

·     

Computer Skills

·     

Creative Thinking

·     

Decision Making

·     

Flexibility

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Learning

·     

Oral Communication

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Teamwork

·     

Technical Competence

·     

Writing

·     

Accountability

·     

Administration and Management

·     

Attention to Detail

·     

Computer Skills

·     

Creative Thinking

·     

Customer Service

·     

Decision Making

·     

Flexibility

·     

Influencing/Negotiating

·     

Information Management

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Learning

·     

Managing Human Resources

·     

Memory

·     

Oral Communication

·     

Organizational Awareness

·     

Partnering

·     

Performance Management

·     

Planning and Evaluating

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Strategic Thinking

·     

Stress Tolerance

·     

Teaching Others

·     

Teamwork

·     

Technical Competence

·     

Writing

·     

Attention to Detail

·     

Computer Skills

·     

Creative Thinking

·     

Customer Service

·     

Decision Making

·     

External Awareness

·     

Flexibility

·     

Influencing/Negotiating

·     

Information Management

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Memory

·     

Oral Communication

·     

Partnering

·     

Planning and Evaluating

·     

Political Savvy

·     

Problem Solving

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Strategic Thinking

·     

Teamwork

·     

Technical Competence

·     

Writing

 

Technical Competencies

Grade 12

Grade 13

Grade 14

Grade 15

·     

Communications Security Management

·     

Compliance

·     

Computer Network Defense

·     

Configuration Management

·     

Data Management

·     

Encryption

·     

Enterprise Architecture

·     

Hardware

·     

Information Assurance

·     

Information Systems Security Certification

·     

Network Management

·     

Operating Systems

·     

Software Engineering

·     

Software Testing and Evaluation

·     

Systems Integration

·     

Systems Life Cycle

·     

Systems Testing and Evaluation

·     

Technical Documentation

·     

Technology Awareness

·     

Communications Security Management

·     

Computer Network Defense

·     

Hardware

·     

Information Assurance

·     

Operating Systems

·     

Requirements Analysis

·     

Risk Management

·     

Software Development

·     

Software Engineering

·     

Software Testing and Evaluation

·     

Systems Integration

·     

Communications Security Management

·     

Computer Network Defense

·     

Operating Systems

·     

Product Evaluation

·     

Project Management

·     

Requirements Analysis

·     

Risk Management

·     

Security

·     

Software Development

·     

Software Engineering

·     

Software Testing and Evaluation

·     

Systems Integration

·     

Systems Life Cycle

·     

Systems Testing and Evaluation

·     

Technical Documentation

·     

Technology Awareness

·     

Web Technology

·     

Capacity Management

·     

Capital Planning and Investment Assessment

·     

Communications Security Management

·     

Compliance

·     

Computers and Electronics

·     

Data Management

·     

Engineering and Technology

·     

Enterprise Architecture

·     

Information Assurance

·     

Information Resources Strategy and Planning

·     

Information Systems/ Network Security

·     

Information Technology Architecture

·     

Information Technology Performance Assessment

·     

Network Management

·     

Project Management

·     

Requirements Analysis

·     

Risk Management

·     

Software Development

·     

Software Engineering

·     

Software Testing and Evaluation

·     

Systems Integration

·     

Systems Testing and Evaluation

·     

Technology Awareness

·     

Telecommunications

·     

Vulnerabilities Assessment

·     

Web Technology

 


Cybersecurity Competencies by Occupation
0391 Telecommunications Series

General Competencies

Grade 9

Grade 11

Grade 12

Grade 13

·     

Accountability

·     

Administration and Management

·     

Attention to Detail

·     

Computer Skills

·     

Conflict Management

·     

Creative Thinking

·     

Customer Service

·     

Decision Making

·     

Flexibility

·     

Information Management

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Learning

·     

Memory

·     

Oral Communication

·     

Organizational Awareness

·     

Partnering

·     

Planning and Evaluating

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Stress Tolerance

·     

Teaching Others

·     

Teamwork

·     

Technical Competence

·     

Writing

·     

Accountability

·     

Attention to Detail

·     

Computer Skills

·     

Creative Thinking

·     

Customer Service

·     

Decision Making

·     

Flexibility

·     

Information Management

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Learning

·     

Memory

·     

Oral Communication

·     

Organizational Awareness

·     

Planning and Evaluating

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Stress Tolerance

·     

Teaching Others

·     

Teamwork

·     

Technical Competence

·     

Writing

·     

Accountability

·     

Attention to Detail

·     

Computer Skills

·     

Conflict Management

·     

Customer Service

·     

Decision Making

·     

Flexibility

·     

Influencing/Negotiating

·     

Information Management

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Learning

·     

Memory

·     

Oral Communication

·     

Organizational Awareness

·     

Partnering

·     

Planning and Evaluating

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Stress Tolerance

·     

Teaching Others

·     

Teamwork

·     

Technical Competence

·     

Writing

·     

Accountability

·     

Attention to Detail

·     

Computer Skills

·     

Conflict Management

·     

Creative Thinking

·     

Customer Service

·     

Decision Making

·     

Flexibility

·     

Information Management

·     

Integrity/Honesty

·     

Interpersonal Skills

·     

Leadership

·     

Learning

·     

Memory

·     

Oral Communication

·     

Organizational Awareness

·     

Problem Solving

·     

Reading

·     

Reasoning

·     

Resilience

·     

Self-Management

·     

Stress Tolerance

·     

Teaching Others

·     

Teamwork

·     

Technical Competence

·     

Writing

 

Technical Competencies

Grade 9

Grade 11

Grade 12

Grade 13

·     

Communications Security Management

·     

Compliance

·     

Information Assurance

·     

Network Management

·     

Personnel Security and Safety

·     

Physical Security

·     

Security

·     

Telecommunications

·     

Communications Security Management

·     

Compliance

·     

Information Assurance

·     

Network Management

·     

Physical Security

·     

Security

·     

Technology Awareness

·     

Telecommunications

·     

Communications Security Management

·     

Compliance

·     

Information Assurance

·     

Physical Security

·     

Security

·     

Telecommunications

·     

Capacity Management

·     

Communications Security Management

·     

Compliance

·     

Network Management

·     

Project Management

·     

Security

·     

Telecommunications

 


Cybersecurity Competency Model
Competency Importance Rankings

The table below presents the rank order of the competencies on current importance and future importance in three years based on supervisor and employee ratings.

Competencies

Current Importance

Future Importance

Integrity/Honesty

1

1

Computer Skills

2

2

Technical Competence

3

3

Teamwork

4

4

Attention to Detail

5

6

Interpersonal Skills

6

7

Communications Security Management

7

5

Self-Management

8

9

Reading

9

11

Customer Service

10

10

Information Assurance

11

8

Decision Making

12

12

Reasoning

13

15

Problem Solving

14

14

Learning

15

13

Compliance

16

16

Oral Communication

17

17

Resilience

18

20

Writing

19

19

Accountability

20

21

Computer Network Defense

21

18

Flexibility

22

22

Stress Tolerance

23

24

Creative Thinking

24

23

Security

25

26

Leadership

26

25

Organizational Awareness

27

32

Information Management

28

29

Teaching Others

29

27

Configuration Management

30

28

Memory

31

33

Information Systems/Network Security

32

31

Planning and Evaluating

33

34

Encryption

34

30

 


Cybersecurity Competency Model
General Competencies

Accountability - Holds self and others accountable for measurable high-quality, timely, and cost-effective results. Determines objectives, sets priorities, and delegates work. Accepts responsibility for mistakes. Complies with established control systems and rules.

Administration and Management - Knowledge of planning, coordination, and execution of business functions, resource allocation, and production.

Agility - Bends, stretches, twists, or reaches out with the body, arms, or legs.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Computer Skills - Uses computers, software applications, databases, and automated systems to accomplish work.

Conflict Management - Manages and resolves conflicts, grievances, confrontations, or disagreements in a constructive manner to minimize negative personal impact.

Contracting/Procurement - Knowledge of various types of contracts, techniques, or requirements (for example, Federal Acquisitions Regulations) for contracting or procurement, and contract negotiation and administration.

Creative Thinking - Uses imagination to develop new insights into situations and applies innovative solutions to problems; designs new methods where established methods and procedures are inapplicable or are unavailable.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Decision Making - Makes sound, well-informed, and objective decisions; perceives the impact and implications of decisions; commits to action, even in uncertain situations, to accomplish organizational goals; causes change.

External Awareness - Identifies and understands economic, political, and social trends that affect the organization.

Financial Management - Prepares, justifies, and/or administers the budget for program areas; plans, administers, and monitors expenditures to ensure cost-effective support of programs and policies; assesses financial condition of an organization.

Flexibility - Is open to change and new information; adapts behavior or work methods in response to new information, changing conditions, or unexpected obstacles; effectively deals with ambiguity.

Human Capital Management - Builds and manages workforce based on organizational goals, budget considerations, and staffing needs. Ensures that employees are appropriately recruited, selected, appraised, and rewarded; takes action to address performance problems. Manages a multi-sector workforce and a variety of work situations.

Influencing/Negotiating - Persuades others to accept recommendations, cooperate, or change their behavior; works with others towards an agreement; negotiates to find mutually acceptable solutions.

Information Management - Identifies a need for and knows where or how to gather information; organizes and maintains information or information management systems.

Integrity/Honesty - Contributes to maintaining the integrity of the organization; displays high standards of ethical conduct and understands the impact of violating these standards on an organization, self, and others; is trustworthy.

Interpersonal Skills - Shows understanding, friendliness, courtesy, tact, empathy, concern, and politeness to others; develops and maintains effective relationships with others; may include effectively dealing with individuals who are difficult, hostile, or distressed; relates well to people from varied backgrounds and different situations; is sensitive to cultural diversity, race, gender, disabilities, and other individual differences.

Leadership - Influences, motivates, and challenges others; adapts leadership styles to a variety of situations.

Learning - Uses efficient learning techniques to acquire and apply new knowledge and skills; uses training, feedback, or other opportunities for self-learning and development.

Managing Human Resources - Plans, distributes, coordinates, and monitors work assignments of others; evaluates work performance and provides feedback to others on their performance; ensures that staff are appropriately selected, utilized, and developed, and that they are treated in a fair and equitable manner.

Mathematical Reasoning - Solves practical problems by choosing appropriately from a variety of mathematical and statistical techniques.

Memory - Recalls information that has been presented previously.

Mental Visualization - Sees things in the mind by mentally organizing and processing symbols, pictures, graphs, objects, or other information (for example, sees a building from a blueprint, or sees the flow of work activities from reading a work plan).

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Organizational Awareness - Knows the organization's mission and functions, and how its social, political, and technological systems work and operates effectively within them; this includes the programs, policies, procedures, rules, and regulations of the organization.

Partnering - Develops networks and builds alliances; collaborates across boundaries to build strategic relationships and achieve common goals.

Perceptual Speed - Quickly and accurately sees detail in words, numbers, pictures, and graphs.

Performance Management - Knowledge of performance management concepts, principles, and practices related to planning, monitoring, rating, and rewarding employee performance.

Planning and Evaluating - Organizes work, sets priorities, and determines resource requirements; determines short- or long-term goals and strategies to achieve them; coordinates with other organizations or parts of the organization to accomplish goals; monitors progress and evaluates outcomes.

Political Savvy - Identifies the internal and external politics that impact the work of the organization. Perceives organizational and political reality and acts accordingly.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Reading - Understands and interprets written material, including technical material, rules, regulations, instructions, reports, charts, graphs, or tables; applies what is learned from written material to specific situations.

Reasoning - Identifies rules, principles, or relationships that explain facts, data, or other information; analyzes information and makes correct inferences or draws accurate conclusions.

Resilience - Deals effectively with pressure; remains optimistic and persistent, even under adversity. Recovers quickly from setbacks.

Self-Management - Sets well-defined and realistic personal goals; displays a high level of initiative, effort, and commitment towards completing assignments in a timely manner; works with minimal supervision; is motivated to achieve; demonstrates responsible behavior.

Spatial Orientation - Knows one's location in relation to the environment; determines where other objects are in relation to one's self (for example, when using a map).

Stamina - Exerts oneself physically over long periods of time without tiring (which may include performing repetitive tasks such as data entry or coding).

Strategic Thinking - Formulates effective strategies consistent with the business and competitive strategy of the organization in a global economy; examines policy issues and strategic planning with a long-term perspective; determines objectives and sets priorities; anticipates potential threats or opportunities.

Stress Tolerance - Deals calmly and effectively with high stress situations (for example, tight deadlines, hostile individuals, emergency situations, dangerous situations).

Teaching Others - Helps others learn through formal or informal methods; identifies training needs; provides constructive feedback; coaches others on how to perform tasks; acts as a mentor.

Teamwork - Encourages and facilitates cooperation, pride, trust, and group identity; fosters commitment and team spirit; works with others to achieve goals.

Technical Competence - Uses knowledge that is acquired through formal training or extensive on-the-job experience to perform one's job; works with, understands, and evaluates technical information related to the job; advises others on technical issues.

Visual Identification - Accurately identifies people, animals, or objects based on knowledge of their characteristics.

Writing - Recognizes or uses correct English grammar, punctuation, and spelling; communicates information (for example, facts, ideas, or messages) in a succinct and organized manner; produces written information, which may include technical material that is appropriate for the intended audience.

 


Cybersecurity Competency Model
Technical Competencies

Accessibility - Knowledge of tools, equipment, and technologies used to help individuals with disabilities use computer equipment and software.

Business Process Reengineering - Knowledge of methods, metrics, tools, and techniques of Business Process Reengineering.

Capacity Management - Knowledge of the principles and methods for monitoring, estimating, or reporting actual performance or the performance capability of information systems or components.

Capital Planning and Investment Assessment - Knowledge of the principles and methods of capital investment analysis or business case analysis, including return on investment analysis.

Communications Security Management - Knowledge of the principles, policies, and procedures involved in ensuring the security of communications services and data, and in maintaining the communications environment on which it resides.

Compliance - Knowledge of procedures for assessing, evaluating, and monitoring programs or projects for compliance with Federal laws, regulations, and guidance.

Computer Forensics - Knowledge of tools and techniques used in data recovery and preservation of electronic evidence.

Computer Languages - Knowledge of computer languages and their applications to enable a system to perform specific functions.

Computer Network Defense - Knowledge of defensive measures to detect, respond, and protect information, information systems, and networks from threats.

Computers and Electronics - Knowledge of electric circuit boards, processors, chips, and computer hardware and software, including applications and programming.

Configuration Management - Knowledge of the principles and methods for planning or managing the implementation, update, or integration of information systems components.

Cost-Benefit Analysis - Knowledge of the principles and methods of cost-benefit analysis, including the time value of money, present value concepts, and quantifying tangible and intangible benefits.

Criminal Investigation - Knowledge of the guidelines, regulations, and procedures associated with criminal investigation, including evidence detection and handling and drawing appropriate factual inferences and conclusions.

Criminal Law - Knowledge of state and Federal criminal laws, including procedures, regulations, guidelines, and precedents related to admissibility of evidence and prosecution.

Data Management - Knowledge of the principles, procedures, and tools of data management, such as modeling techniques, data backup, data recovery, data dictionaries, data warehousing, data mining, data disposal, and data standardization processes.

Database Administration - Knowledge of the principles, methods, and tools for automating, developing, implementing, or administering database systems.

Database Management Systems - Knowledge of the uses of database management systems and software to control the organization, storage, retrieval, security, and integrity of data.

Distributed Systems - Knowledge of the principles, theoretical concepts, and tools underlying distributed computing systems, including their associated components and communication standards.

Economics and Accounting - Knowledge of economic and accounting principles and practices, tax law and practices, the financial markets, banking, and the analysis and reporting of financial data.

Electronic Commerce (e-Commerce) - Knowledge of the principles, methods, and tools for conducting business online, including electronic data interchange.

Embedded Computers - Knowledge of specifications and uses of specialized computer systems used to control devices (for example, automobiles, helicopters), including the appropriate programming languages.

Encryption - Knowledge of procedures, tools, and applications used to keep data, or information secure, including public key infrastructure, point-to-point encryption, and smart cards.

Engineering and Technology - Knowledge of engineering concepts, principles, and practices, and of equipment, tools, mechanical devices, and their uses to produce motion, light, power, technology, and other applications.

Enterprise Architecture - Knowledge of principles, concepts, and methods of enterprise architecture to align information technology (IT) strategy, plans, and systems with the mission, goals, structure, and processes of the organization.

Forensics - Knowledge of procedures of civil, criminal, or administrative hearings, evidence collection, including the delivery and receipt of evidence, classes of evidence, and rules of evidence and legal procedures.

Hardware - Knowledge of specifications, uses, and types of computer or computer-related equipment.

Hardware Engineering - Knowledge of the principles, methods, and tools for designing, developing, and testing computer or computer-related equipment.

Human Factors - Knowledge of the principles, methods, and tools used to identify and apply information about human behavior, abilities, limitations, and other characteristics to the design of tools, machines, systems, tasks, jobs, and environments for effective human use.

Identity Management - Knowledge of methods and controls to validate the identity of individuals to verify access approval and level, and monitor activity to ensure that only authorized access is taking place.

Incident Management - Knowledge of the tactics, technologies, principles, and processes to protect, analyze, prioritize, and handle incidents.

Information Assurance - Knowledge of methods and procedures to protect information systems and data by ensuring their availability, authentication, confidentiality, and integrity.

Information Resources Strategy and Planning - Knowledge of the principles, methods, and techniques of IT assessment, planning, management, monitoring, and evaluation, such as IT baseline assessment, interagency functional analysis, contingency planning, and disaster recovery.

Information Systems Security Certification - Knowledge of the principles, methods, and tools for evaluating information systems security features against a set of specified security requirements. Includes developing security certification and accreditation plans and procedures, documenting deficiencies, reporting corrective actions, and recommending changes to improve the security of information systems.

Information Systems/Network Security - Knowledge of methods, tools, and procedures, including development of information security plans, to prevent information systems vulnerabilities, and provide or restore security of information systems and network services.

Information Technology Architecture - Knowledge of architectural methodologies used in the design and development of information systems, including the physical structure of a system's internal operations and interactions with other systems.

Information Technology Performance Assessment - Knowledge of the principles, methods, and tools (for example, surveys, system performance measures) to assess the effectiveness and practicality of IT systems.

Information Technology Research and Development - Knowledge of scientific principles, methods, and tools of basic and applied research used to conduct a systematic inquiry into a subject matter area.

Infrastructure Design - Knowledge of the architecture and topology of software, hardware, and networks, including LANS, WANS, and telecommunications systems, their components and associated protocols and standards, and how they operate and integrate with one another and with associated controlling software.

Internal Controls - Knowledge of the principles, methods, and techniques for establishing internal control activities (for example, authorizations, verifications, reconciliations), monitoring their use, and evaluating their performance (for example, identification of material weaknesses or significant deficiencies).

Knowledge Management - Knowledge of the value of collected information and the methods of sharing that information throughout an organization.

Legal, Government and Jurisprudence - Knowledge of laws, legal codes, court procedures, precedents, legal practices and documents, government regulations, executive orders, agency rules, government organization and functions, and the democratic political process.

Logical Systems Design - Knowledge of the principles and methods for designing business logic components, system processes and outputs, user interfaces, data inputs, and productivity tools (for example, computer-aided software engineering).

Modeling and Simulation - Knowledge of mathematical modeling and simulation tools and techniques to plan and conduct test and evaluation programs, characterize systems support decisions involving requirements, evaluate design alternatives, or support operational preparation.

Multimedia Technologies - Knowledge of the principles, methods, tools, and techniques to develop or apply technology using text, audio, graphics, or other media.

Network Management - Knowledge of the operation, management, and maintenance of network and telecommunication systems and linked systems and peripherals.

Object Technology - Knowledge of the principles, methods, tools, and techniques that use object-oriented languages, analysis, and design methodologies.

Operating Systems - Knowledge of computer network, desktop, and mainframe operating systems and their applications.

Operations Support - Knowledge of procedures to ensure production or delivery of products and services, including tools and mechanisms for distributing new or enhanced software.

Organizational Development - Knowledge of the principles of organizational development and change management theories, and their applications.

Personnel Security and Safety - Knowledge of methods and controls of personnel, public safety, and security operations; investigation and inspection techniques; or rules, regulations, precautions, and prevention techniques for the protection of people, data, or property.

Physical Security - Knowledge of methods and controls to protect an organization from natural or man-made threats to physical locations where information systems equipment is located or work is performed (for example, computer rooms, work locations, and equipment rooms).

Process Control - Knowledge of the principles, methods, and procedures used for the automated control of a process, including the design, development, and maintenance of associated software, hardware, and systems.

Product Evaluation - Knowledge of methods for researching and analyzing external products to determine their potential for meeting organizational standards and business needs.

Project Management - Knowledge of the principles, methods or tools for developing, scheduling, coordinating, and managing projects and resources, including monitoring and inspecting costs, work, and contractor performance.

Public Safety and Security - Knowledge of military, weaponry, and intelligence operations; public safety and security operations; occupational health and safety; investigation and inspection techniques; or rules, regulations, precautions, and prevention techniques for the protection of people, data, and property.

Quality Assurance - Knowledge of the principles, methods, and tools of quality assurance and quality control used to ensure a product fulfills functional requirements and standards.

Requirements Analysis - Knowledge of the principles and methods to identify, analyze, specify, design, and manage functional and infrastructure requirements; includes translating functional requirements into technical requirements used for logical design or presenting alternative technologies or approaches.

Risk Management - Knowledge of the principles, methods, and tools used for risk assessment and mitigation, including assessment of failures and their consequences.

Security - Knowledge of the laws, regulations, and guidelines related to securing personnel, facilities, and information, including the requirements for handling, transporting, and protecting classified information and proper reporting of security incidents.

Software Development - Knowledge of the principles, methods, and tools for designing, developing, and testing software in a given environment.

Software Engineering - Knowledge of software engineering design and development methodologies, paradigms, and tools; the software life cycle; software reusability; and software reliability metrics.

Software Testing and Evaluation - Knowledge of the principles, methods, and tools for analyzing and developing software test and evaluation procedures.

Surveillance - Knowledge of surveillance and counter-surveillance techniques, policies, and laws, including overt and covert methods and electronic, optical, and video surveillance methods and tools.

Systems Integration - Knowledge of the principles, methods, and procedures for installing, integrating, and optimizing information systems components.

Systems Life Cycle - Knowledge of systems life cycle management concepts used to plan, develop, implement, operate, and maintain information systems.

Systems Testing and Evaluation - Knowledge of the principles, methods, and tools for analyzing and developing systems test and evaluation procedures and technical characteristics of IT systems, including identifying critical operational issues.

Technical Documentation - Knowledge of procedures for developing technical and operational support documentation.

Technology Awareness - Knowledge of developments and new applications of IT (hardware, software, telecommunications), emerging technologies and their applications to business processes, and applications and implementation of information systems to meet organizational requirements.

Telecommunications - Knowledge of transmissions, broadcasting, switching, control, and operation of telecommunications systems.

Vulnerabilities Assessment - Knowledge of the principles, methods, and tools for assessing vulnerabilities, and developing or recommending appropriate mitigation countermeasures.

Web Technology - Knowledge of the principles and methods of web technologies, tools, and delivery systems, including web security, privacy policy practices, and user interface issues.