Vulnerability Assessment and Management Specialty Area Qualification Matrix

Associated Work Roles

  • Vulnerability Assessment Analyst (541)

Note: This page presents the qualification requirements at the Specialty Area level, a summary category one level above work roles. Until the qualification requirements for the Work Roles are released, please refer to the Specialty Area qualification table below for information. This table will be updated to reflect the specific Work Role requirements when the information is available.

Specialty Area Framework Category: Protect and Defend

Specialty Areas responsible for identifying, analyzing, and mitigating threats to internal information technology (IT) systems or networks.

Vulnerability Assessment and Management Description

Conducts threat and vulnerability assessments and determines deviations from acceptable configurations or policies. Assesses the level of risk and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.

Example Job/Billet Titles

  • Blue Team Technician
  • Close Access Technician
  • CNDSP AU
  • Network Security Vulnerability Technician (NSVT)
  • Penetration Tester

Master Tasks and KSAs

Detailed information on the Tasks and Knowledge, Skills and Abilities (KSAs) associated with each Marine Corps Specialty Area can be found in the Master Task & KSA List spreadsheet on the NAVIFOR website (requires credentials/CAC to access) or on the DoD Cyber Exchange website.

Initial Training

Initial training qualification for a specialty area is generally met by a High School diploma or equivalent and completion of recruit training.

Minimum Credential Requirement

You must meet one of the education, training, or certification requirements in the Qualifications Table below. See “Understanding Qualifications” on the Qualifications Table for more information on the order of precedence for the minimum credential requirement.

Qualifying Degrees

The Qualifications Table below includes college degrees in the Education section. For example, "Bachelor degree from accredited University." To view a list of degree programs that are acceptable for this Specialty Area, click List of Qualifying Degrees below or the Information icon in the Qualifications Table.

Worksheet View

Click the button to toggle in and out of the worksheet view for the qualifications table. Turning the worksheet view on will allow you to mark requirements and qualifications for your proficiency level, and then print a printer-friendly version of the matrix worksheet.

Note: The Qualification Matrix information on this page will be in a different order when printed to reduce the number of pages needed.

View Proficiency Level(s)

Qualifications Table

All qualifications have not been met.
 
Basic Intermediate Advanced
Associate Degree from accredited University Bachelor Degree from accredited University Bachelor Degree from accredited University
    Graduate Degree from accredited University
OR
 
CID M09BNW1 Cyber Network Specialist CID M09AN21 Cyber Network Supervisors (Cyber Network Sup) CID F074141 Marine Analysis and Rpting
CID N2312H1 Special Intel/ SYSADMIN/Communicator CID M09BNJ1 Cybersecurity Technician CID M09BNU1 Cyber System Chief
  CID N23CUQ1 Joint Cyber Analysis CID M09D3H1 Cybersecurity Managers
    CID N2YLE5 Joint Network Attack
OR
AND
 
Evaluation of job performance at Marine Corps Unit based off T&R events from NAVMC 3500.56A, NAVMC 3500.105A Evaluation of job performance at Marine Corps Unit based off T&R events from NAVMC 3500.56A, NAVMC 3500.105A Evaluation of job performance at Marine Corps Unit based off T&R events from NAVMC 3500.56A, NAVMC 3500.105A

Note: The Qualification Matrix information on this page will be in a different order when printed to reduce the number of pages needed.

This is an official U.S. Marine Corps websiteUpdated: August 31, 2020
TOP

Basic

Foundational understanding of computer systems and related cybersecurity software and hardware components. Ability to apply simple concepts and routine processes with frequent and specific guidance. Ability to perform successfully in routine, structured situations, or more complex situations with supervision.

Intermediate

Working knowledge and application of Information Security and security operational characteristics for a variety of computer platforms, networks, software applications, and Operating Systems. Extensive knowledge of basic concepts and processes and experience applying these with only periodic high-level guidance. Ability to perform successfully in non-routine and sometimes complicated situations.

Advanced

Application and mastery of Information Security, plans, and functions; responsible for the management of complex projects, and initiatives with large scope. An in-depth understanding of complex concepts and processes, and experience applying these with little or no guidance. Ability to provide guidance to others and to perform successfully in complex, unstructured situations.

Click link to go to CompTIA Network+ ce COOL Snapshot page.

Computing Technology Industry Association (CompTIA), Network+ ce is an intermediate skill level certification for IT technicians who can describe the features and functions of networking components and manage, maintain, troubleshoot, install, operate and configure basic network infrastructure. In addition, certification holders have a basic understanding of enterprise technologies, including cloud and virtualization technologies. Network+ ce is appropriate for computer network technicians, engineers, analysts and administrators. Although not a prerequisite, it is recommended that CompTIA Network+ ce candidates have at least nine months of experience in network support or administration or academic training, along with a CompTIA A+ ce certification.

Click link to go to Certified Information Systems Security Professional (CISSP) COOL Snapshot page.

The International Information Systems Security Certification Consortium, Inc. (ISC 2), Certified Information Systems Security Professional (CISSP) is an advanced skill level certification for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles. Candidates must have a minimum of five years cumulative paid work experience in two or more of the eight domains of the CISSP CBK. Earning a four-year college degree or regional equivalent or an additional credential from the (ISC)² approved list will satisfy one year of the required experience. Education credit will only satisfy one year of experience.

Click link to go to GIAC Certified Incident Handler (GCIH) COOL Snapshot page.

The Global Information Assurance Certification (GIAC), Certified Incident Handler (GCIH) is an intermediate skill level credential for professionals responsible for handling and responding to incidents. The GCIH certifies the ability to detect, respond to, and resolve computer security incidents using a wide range of essential security skills. GCIHs know how to manage security incidents by understanding common attack techniques, vectors and tools, as well as defend against and respond to such attacks when they occur. There are no prerequisites for this certification. Candidates must pass a written exam.

Click link to go to GIAC Security Essentials Certification (GSEC) COOL Snapshot page.

The Global Information Assurance Certification (GIAC), Security Essentials (GSEC) is an intermediate level certification that verifies a practitioner's knowledge of information security beyond basic terminology and concepts. GSECs are qualified to perform security-related hands-on IT systems roles. There are no prerequisites for the GSEC certification. Candidates must pass a written exam.

Click link to go to Systems Security Certified Practitioner (SSCP) COOL Snapshot page.

The International Information Systems Security Certification Consortium, Inc. (ISC)², Systems Security Certified Practitioner (SSCP) is an intermediate skill level certification for individuals involved in network and systems security administration responsible for developing the information security policies, standards, and procedures. Candidates manage implementation across various hardware and software programs in their organization. The SSCP is targeted toward those working towards positions such as Network Security Engineers, Security Systems Analysts, or Security Administrators. It is also appropriate for personnel in other non-security disciplines that require an understanding of security but do not have information security as a primary part of their job description, including information systems auditors; application programmers; system, network and database administrators; business unit representatives, and systems analysts. Candidates must meet work experienve requirements to be eligible for the SSCP exam. Candidates must pass a written exam.

Click link to go to CompTIA Security+ ce COOL Snapshot page.

Computing Technology Industry Association (CompTIA), Security+ ce certification designates knowledgeable professionals in the field of IT security. Security+ ce is an entry-level certification that demonstrates a candidates knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability. It is recommended that candidates hold the Network+ and two years of experience in IT administration with a security focus.

Click link to go to GIAC Certified Forensics Analyst (GCFA) COOL Snapshot page.

The Global Information Assurance Certification (GIAC), Certified Forensic Analyst (GCFA) is an advanced skill level credential for professionals working in the information security, computer forensics, and incident response fields. It certifies that candidates have the skills required to collect and analyze data from Windows and Linux computer systems. And, it demonstrates their ability to conduct formal incident investigations and handle advanced incident handling scenarios, including internal and external data breach intrusions, advanced persistent threats, anti-forensic techniques used by attackers, and complex digital forensic cases. There are no prerequisites for this certification.  Candidates must pass a written exam.

Click link to go to Certified Information Security Manager (CISM) COOL Snapshot page.

The Certified Information Security Manager (CISM) is an advanced certification for the individual who designs, builds, and manages an enterprises information security. CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents. This certification is targeted toward experienced information security managers and those who have information security management responsibilities. Five or more years of information security work experience, with a minimum of three years of information security management work experience is required.

Click link to go to CERT - Certified Computer Security Incident Handler (CSIH) COOL Snapshot page.

The CERT-Certified Computer Security Incident Handler (CSIH) certification program is targeted to computer network incident handling professionals, computer security incident response team (CSIRT) members and technical staff, system and network administrators with incident handling experience, incident handling trainers and educators, and cyber security technical staff. One or more years of experience in incident handling and/or equivalent security-related experience.

Click link to go to Certified Ethical Hacker (CEH) COOL Snapshot page.

The International Council of Electronic Commerce Consultants (EC-Council), Certified Ethical Hacker (CEH) program certifies professionals who are responsible for securing (or testing the security of) computer networks from a vendor-neutral perspective. A Certified Ethical Hacker understands how to look for the weaknesses and vulnerabilities in networks and/or computer systems, and, lawfully and at the request of an organization, uses the same tools as a malicious hacker. The CEH is appropriate for security officers, auditors, security professionals, site administrators, and others who may be concerned about the integrity of their organizations network infrastructure. Candidates must pass a written exam.

Click link to go to Certified Security Analyst (ECSA) COOL Snapshot page.

The International Council of Electronic Commerce Consultants (EC-Council), EC Council Certified Security Analyst (ECSA) credential validates the skills-based competency of a penetration tester.  The ECSA, which builds on the Certified Ethical Hacker skills, covers the testing of modern infrastructures, operating systems, and application environments. Candidates must meet a combination of training and experience requirements. Candidates must pass a written exam.

Click link to go to Licensed Penetration Tester (LPT) COOL Snapshot page.

The International Council of Electronic Commerce Consultants (EC-Council), Licensed Penetration Tester (LPT), is an advanced-level certification. LPTs have demonstrated a mastery of the skills required to conduct a full blackbox penetration test of a network. LPTs have the skills to use penetration testing methodologies, tools and techniques to design, secure, and test networks to protect an organization from threats. The LPT certification is appropriate for security officers, auditors, and security professionals. Candidates must be current holders of the Certified Ethical Hacker (CEH) and Certified Security Analyst (CSA) certifications. EC-Council does not require any additional eligibility requirements for the LPT examination. Candidates must pass a practical exam.