Research and Development Specialist Job Profile

What is a Research and Development Specialist?

The Research and Development Specialist conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.


Research and Development Specialist must know:

  • computer networking concepts and protocols, and network security methodologies.
  • risk management processes (e.g., methods for assessing and mitigating risk).
  • laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • cybersecurity and privacy principles.
  • cyber threats and vulnerabilities security lapses.
  • application vulnerabilities.
  • cryptography and cryptographic key management concepts
  • new and emerging information technology (IT) and cybersecurity technologies.
  • system life cycle management principles, including software security and usability.
  • Supply Chain Risk Management Practices (NIST SP 800-161)
  • information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • critical infrastructure systems with information communication technology that were designed without system security considerations.
  • hardware reverse engineering techniques.
  • middleware (e.g., enterprise service bus and message queuing).
  • networking protocols.
  • software reverse engineering techniques.
  • Extensible Markup Language (XML) schemas.
  • network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • covert communication techniques.
  • laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • forensic footprint identification.
  • mobile communications architecture.
  • operating system structures and internals (e.g., process management, directory structure, installed applications).
  • network analysis tools used to identify software communications vulnerabilities.
  • industry standard security models.
  • capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
  • hacking methodologies.
  • industry technologies’s potential cybersecurity vulnerabilities.
  • engineering concepts as applied to computer architecture and associated computer hardware/software.
  • penetration testing principles, tools, and techniques.
  • operations security.

Key skills of the Research and Development include:

  • applying and incorporating information technologies into proposed solutions.
  • creating and utilizing mathematical or statistical models.
  • using scientific rules and methods to solve problems.
  • applying the systems engineering process.
  • designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
  • applying secure coding techniques.

Research and Development must be able to:

  • identify systemic security issues based on the analysis of vulnerability and configuration data.
  • prepare and present briefings.
  • produce technical documentation.
  • identify critical infrastructure systems with information communication technology that were designed without system security co

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?