Research and Development Specialist Job Profile

What is a Research and Development Specialist?

The Research and Development Specialist conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.

Certification

Research and Development Specialist must know:

  • computer networking concepts and protocols, and network security methodologies.
  • risk management processes (e.g., methods for assessing and mitigating risk).
  • laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • cybersecurity and privacy principles.
  • cyber threats and vulnerabilities security lapses.
  • application vulnerabilities.
  • cryptography and cryptographic key management concepts
  • new and emerging information technology (IT) and cybersecurity technologies.
  • system life cycle management principles, including software security and usability.
  • Supply Chain Risk Management Practices (NIST SP 800-161)
  • information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • critical infrastructure systems with information communication technology that were designed without system security considerations.
  • hardware reverse engineering techniques.
  • middleware (e.g., enterprise service bus and message queuing).
  • networking protocols.
  • software reverse engineering techniques.
  • Extensible Markup Language (XML) schemas.
  • network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • covert communication techniques.
  • laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • forensic footprint identification.
  • mobile communications architecture.
  • operating system structures and internals (e.g., process management, directory structure, installed applications).
  • network analysis tools used to identify software communications vulnerabilities.
  • industry standard security models.
  • capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
  • hacking methodologies.
  • industry technologies’s potential cybersecurity vulnerabilities.
  • engineering concepts as applied to computer architecture and associated computer hardware/software.
  • penetration testing principles, tools, and techniques.
  • operations security.

Key skills of the Research and Development include:

  • applying and incorporating information technologies into proposed solutions.
  • creating and utilizing mathematical or statistical models.
  • using scientific rules and methods to solve problems.
  • applying the systems engineering process.
  • designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
  • applying secure coding techniques.

Research and Development must be able to:

  • identify systemic security issues based on the analysis of vulnerability and configuration data.
  • prepare and present briefings.
  • produce technical documentation.
  • identify critical infrastructure systems with information communication technology that were designed without system security co

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel