Center for Qualified CyberSecurity Excellence & Mastery

"Where Qualified Cyber Education Happens"

SU and Security University Testing (SUT) Qualified Certificate Programs of Mastery and SUT Certifications has partnered with the National Security Workforce to place over 43 cyber security courses and corresponding SUT Qualified Certifications within the NICE Cybersecurity Framework Mapping. The SU Cybersecruity Maaping Framework Compendium below will help you identify the SU courses and SUT Qualified Certifications necessary to advance your cyber career as a Federal Employee.

Many of the courses and certifications found on the NICE Cybersecurity Framework are DoDD 8140 (DoDD 8570) compliant. Visit the DoDD 8140 resource page for the full list of associated SUT Certifications.

Cybersecurity Workforce Categories
Specialty Areas
Threat Analysis
Cyber Investigation
Collection Operations
Data Administration
Cybersecurity Defense Analysis
Risk Management
Legal Advice and Advocacy
Exploitation Analysis
Digital Forensics
Cyber Operational Planning
Knowledge Management
Cybersecurity Defense Infrastructure Support
Software Development
Training, Education, and Awareness
All-Source Analysis
Cyber Operations
Customer Service and Technical Support
Incident Response
Systems Architecture
Cybersecurity Management
Targets
Network Services
Vulnerability Assessment and Management
Technology R&D
Strategic Planning and Policy
Language Analysis
Systems Administration
Systems Requirements Planning
Executive Cyber Leadership
Systems Analysis
Test and Evaluation
Program/Project Management and Acquisition
Systems Development

 

 

100 - Analyze Back to Top

Specialty Area: Threat Analysis (TWA)
Identifies and assesses the capabilities and activities of cybersecurity criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.

Work Role: Threat/Warning Analyst (AN-TWA-001)
Develops cyber indicators to maintain awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber threat/warning assessments.

SU Training Course SUT Certification Work Role Proficiency

*QFE® Qualified/ Forensic Expert Certification Class

SUT *QFE® Qualified/ Forensic Expert Certification & Practical

4: Expert

SUT IDS III: On-site Log Analysis, Event Correlation and Response Certification Class

SUT IDS III: On-site Log Analysis, Event Correlation and Response Certification

4: Expert

Other Mapped SU Training and SUT Certifications:


100 - Analyze Back to Top

Specialty Area: Exploitation Analysis (EXP)
Analyzes collected information to identify vulnerabilities and potential for exploitation.

Work Role: Exploitation Analyst (AN-EXP-001)
Collaborates to identify access and collection gaps that can be satisfied through cyber collection and/or preparation activities. Leverages all authorized resources and analytic techniques to penetrate targeted networks.

SU Training Course SUT Certification Work Role Proficiency

Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification

3: Advanced

Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

SUT Q/SA® Qualified/ Security Analyst  Penetration Tester Certification

3: Advanced

*Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

SUT *Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

4: Expert

*Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification

SUT *Q/ND® Qualified/ Network Defender Certification  Practical

4: Expert

Other Mapped SU Training and SUT Certifications:

100 - Analyze Back to Top

Specialty Area: All-Source Analysis (ASA)
Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.

Work Role: All Source Analyst (AN-ASA-001)
Analyzes data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and
operations.

SU Training Course SUT Certification Work Role Proficiency

SU Security + Class and Certification

CompTIA  Security + Certification

2: Intermediate

IDS III: On-site Log Analysis, Event Correlation and Response Cert Class

IDS III: On-site Log Analysis, Event Correlation and Response Cert

3: Advanced

Other Mapped SU Training and SUT Certifications:

100 - Analyze Back to Top

Specialty Area: All-Source Analysis (ASA)
Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.

Work Role: Mission Assessment Specialist (AN-ASA-002)
Develops assessment plans and measures of performance/effectiveness. Conducts strategic and operational effectiveness assessments as required for cyber events. Determines whether systems performed as expected and
provides input to the determination of operational effectiveness.

SU Training Course SUT Certification Work Role Proficiency

SU Security + Class and Certification

CompTIA  Security + Certification

2: Intermediate

IDS III: On-site Log Analysis, Event Correlation and Response Cert Class

IDS III: On-site Log Analysis, Event Correlation and Response Cert

3: Advanced

Other Mapped SU Training and SUT Certifications:

100 - Analyze Back to Top

Specialty Area: Targets (TGT)
Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.

Work Role: Target Developer (AN-TGT-001)
Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.

SU Training Course SUT Certification Work Role Proficiency

SU Security + Class and Certification

SU Security + Class and Certification

2: Intermediate

Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification Class

3: Advanced

Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

SUT Q/SA® Qualified/ Security Analyst  Penetration Tester Certification

3: Advanced

*Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

SUT *Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

4: Expert

Other Mapped SU Training and SUT Certifications:

100 - Analyze Back to Top

Specialty Area: Targets (TGT)
Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.

Work Role: Target Network Analyst (AN-TGT-002)
Conducts advanced analysis of collection and open-source data to ensure target continuity; to profile targets and their activities; and develop techniques to gain more target information. Determines how targets communicate, move, operate and live based on knowledge of target technologies, digital networks, and the applications on them.

SU Training Course SUT Certification Work Role Proficiency

Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification Class

3: Advanced

Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

SUT Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

3: Advanced

Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

4: Expert

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

SUT Q/CDA Qualified/ Cyber Defense Analyst Certification Class

3: Advanced

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

SUT Q/CDA Qualified/ Cyber Defense Analyst Certification

3: Advanced

Other Mapped SU Training and SUT Certifications:

100 - Analyze Back to Top

Specialty Area: Language Analysis (LNG)
Applies language, cultural, and technical expertise to support information collection, analysis, and other cybersecurity
activities.

Work Role: Multi-Disciplined Language Analyst (AN-LNG-001)
Applies language and culture expertise with target/threat and technical knowledge to process, analyze, and/or disseminate intelligence information derived from language, voice and/or graphic material. Creates and maintains language-specific databases and working aids to support cyber action execution and ensure critical knowledge sharing. Provides subject matter expertise in foreign language-intensive or interdisciplinary projects.

SU Training Course

SUT Certification

Work Role Proficiency

 

 

 

 

 

 

Other Mapped SU Training and SUT Certifications:

 

200 - Investigate Back to Top

Specialty Area: Cyber Investigation (INV)
Applies tactics, techniques, and procedures for a full range of investigative tools and processes to include, but not limited to, interview and interrogation techniques, surveillance, counter surveillance, and surveillance detection, and appropriately balances the benefits of prosecution versus intelligence gathering.

Work Role: Cyber Crime Investigator (IN-INV-001)
Identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative
techniques.

SU Training Course SUT Certification Work Role Proficiency

*QFE® Qualified/ Forensic Expert Certification Class Practical

SUT *QFE® Qualified/ Forensic Expert Certification Class Practical

4: Expert

*Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification Class  Practical

4: Expert

Other Mapped SU Training and SUT Certifications:

200 - Investigate Back to Top

Specialty Area: Digital Forensics (FOR)
Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Work Role: Law Enforcement /Counterintelligence Forensics Analyst (IN-FOR-001)
Conducts detailed investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.

SU Training Course SUT Certification Work Role Proficiency

Q/EH® Qualified/ Ethical Hacker Certification Class

Q/EH® Qualified/ Ethical Hacker Certification Class

3: Advanced

*Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification Class  Practical

3: Advanced

*QFE® Qualified/ Forensic Expert Certification Class Practical

SUT *QFE® Qualified/ Forensic Expert Certification Class Practical

4: Expert

Other Mapped SU Training and SUT Certifications:

200 - Investigate Back to Top

Specialty Area: Digital Forensics (FOR)
Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Work Role: Cyber Defense Forensics Analyst (IN-FOR-002)
Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/ network vulnerability mitigation.

SU Training Course SUT Certification Work Role Proficiency

Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification Class

3: Advanced

*Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification Class  Practical

3: Advanced

*QFE® Qualified/ Forensic Expert Certification Class Practical

SUT *QFE® Qualified/ Forensic Expert Certification Class Practical

3: Advanced

Other Mapped SU Training and SUT Certifications:

 

300 - Collect & Operate Back to Top

Specialty Area: Collection Operations (CLO)
Executes collection using appropriate strategies and within the priorities established through the collection management process.

Work Role: All Source-Collection Manager (CO-CLO-001)
Identifies collection authorities and environment; incorporates priority information requirements into collection management; develops concepts to meet leadership's intent. Determines capabilities of available collection assets, identifies new collection capabilities; and constructs and disseminates collection plans. Monitors execution of tasked collection to ensure effective execution of the collection plan.

SU Training Course SUT Certification Work Role Proficiency

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery CPoM

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery

3: Advanced

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

3: Advanced

Other Mapped SU Training and SUT Certifications:

300 - Collect & Operate Back to Top

Specialty Area: Collection Operations (CLO)
Executes collection using appropriate strategies and within the priorities established through the collection management process.

Work Role: All Source-Collection Requirements Manager (CO-CLO-002)
Evaluates collection operations and develops effects-based collection requirements strategies using available sources and methods to improve collection. Develops, processes, validates, and coordinates submission of collection requirements. Evaluates performance of collection assets and collection operations.

SU Training Course SUT Certification Work Role Proficiency

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery CPoM

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery

3: Advanced

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

Q/CDA Qualified/ Cyber Defense Analyst Certification Class CPoM

3: Advanced

Other Mapped SU Training and SUT Certifications:

300 - Collect & Operate Back to Top

Specialty Area: Cyber Operational Planning (OPL)
Performs in-depth joint targeting and cybersecurity planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.

Work Role: Cyber Intel Planner (CO-OPL-001)
Develops detailed intelligence plans to satisfy cyber operations requirements. Collaborates with cyber operations planners to identify, validate, and levy requirements for collection and analysis. Participates in targeting selection, validation, synchronization, and execution of cyber actions. Synchronizes intelligence activities to support organization objectives in cyberspace.

SU Training Course SUT Certification Work Role Proficiency

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery CPoM

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery

3: Advanced

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

3: Advanced

Other Mapped SU Training and SUT Certifications:

300 - Collect & Operate Back to Top

Specialty Area: Cyber Operational Planning (OPL)
Performs in-depth joint targeting and cybersecurity planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.

Work Role: Cyber Ops Planner (CO-OPL-002)
Develops detailed plans for the conduct or support of the applicable range of cyber operations through collaboration with other planners, operators and/or analysts. Participates in targeting selection, validation, synchronization, and
enables integration during the execution of cyber actions.

SU Training Course SUT Certification Work Role Proficiency

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery CPoM

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery CPoM

3: Advanced

IDS II Catching the Hackers II: Systems to Defend Networks Certification Class

SUT IDS II Catching the Hackers II: Systems to Defend Networks Certification Class

3: Advanced

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

SUT Q/CDA Qualified/ Cyber Defense Analyst Certification

3: Advanced

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Master

Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery

3: Advanced

Other Mapped SU Training and SUT Certifications:

300 - Collect & Operate Back to Top

Specialty Area: Cyber Operational Planning (OPL)
Performs in-depth joint targeting and cybersecurity planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.

Work Role: Partner Integration Planner (CO-OPL-003)
Works to advance cooperation across organizational or national borders between cyber operations partners. Aids the integration of partner cyber teams by providing guidance, resources, and collaboration to develop best practices and facilitate organizational support for achieving objectives in integrated cyber actions.

SU Training Course SUT Certification Work Role Proficiency

*Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification Class  Practical

3: Advanced

Other Mapped SU Training and SUT Certifications:

300 - Collect & Operate Back to Top

Specialty Area: Cyber Operations (OPS)
Performs activities to gather evidence on criminal or foreign intelligence entities to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support
other intelligence activities.

Work Role: Cyber Operator (CO-OPS-001)
Conducts collection, processing, and/or geolocation of systems to exploit, locate, and/or track targets of interest. Performs network navigation, tactical forensic analysis, and, when directed, executes on-net operations.

SU Training Course SUT Certification Work Role Proficiency

Q/EH® Qualified/ Ethical Hacker Certification Class

SU Q/EH® Qualified/ Ethical Hacker Certification Class

3: Advanced

Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

3: Advanced

Q/SSPT® Qualified/ Software Security Penetration Tester Certification Class

SUT Q/SSPT® Qualified/ Software Security Penetration Tester Certification

3: Advanced

*QFE® Qualified/ Forensic Expert Certification Class Practical

*QFE® Qualified/ Forensic Expert Certification Class Practical

4. Expert

Other Mapped SU Training and SUT Certifications:

 

400 - Operate & Maintain Back to Top

Specialty Area: Data Administration (DTA)
Develops and administers databases and/or data management systems that allow for the storage, query, protection, and utilization of data.

Work Role: Database Administrator (OM-DTA-001)
Administers databases and/or data management systems that allow for the secure storage, query, protection, and
utilization of data.

SU Training Course SUT Certification Work Role Proficiency

Security+

CompTIA Security+

Intermediate

How to Break  & FIX Web Security Certification Class

How to Break  & FIX Web Security Certification Class

Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Certified  Information Security Systems CISSP® Certification Class
400 - Operate & Maintain Back to Top

Specialty Area: Data Administration (DTA)
Develops and administers databases and/or data management systems that allow for the storage,
query, protection, and utilization of data.

Work Role: Data Analyst (OM-DTA-002)
Administers databases and/or data management systems that allow for the secure storage, query,
protection, and utilization of data.

SU Training Course SUT Certification Work Role Proficiency

Security+

CompTIA Security+

Intermediate

SU How to Break  & FIX Web Security Certification Class

SUT How to Break  & FIX Web Security Certification Class

Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Certified  Information Security Systems CISSP® Certification Class
400 - Operate & Maintain Back to Top

Specialty Area: Knowledge Management (KMG)
Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content.

Work Role: Knowledge Manager (OM-KMG-001)
Responsible for the management and administration of processes and tools that enable the organization to identify,
document, and access intellectual capital and information content.

SU Training Course

Certification

Work Role Proficiency

Security+

CompTIA Security+

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • SU Certified  Information Security Systems CISSP® Certification Class
400 - Operate & Maintain Back to Top

Specialty Area: Customer Service and Technical Support (STS)
Addresses problems; installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support). Typically provides initial incident information to the Incident Response (IR) Specialty.

Work Role: Technical Support Specialist (OM-STS-001)
Provides technical support to customers who need assistance utilizing client-level hardware and software in accordance with established or approved organizational process components (i.e., Master Incident Management Plan, when applicable).

SU Training Course SUT Certification Work Role Proficiency

Security+

CompTIA Security+

2: Intermediate

PowerShell Forensics Certification Class

PowerShell Forensics Certification Class

3: Advanced

Linux/UNIX® Security Certification Class

Linux/UNIX® Security Certification Class

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Certified  Information Security Systems CISSP® Certification Class
  • IDS I Catching the Hackers – Introduction to Intrusion Detection Certification Class
  • Introduction to Reverse Engineering Certification
400 - Operate & Maintain Back to Top

Specialty Area: Network Services (NET)
Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor systems) and software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems.

Work Role: Network Operations Specialist (OM-NET-001)
Plans, implements, and operates network services/systems, to include hardware and virtual environments.

SU Training Course SUT Certification Work Role Proficiency

Security+

CompTIA Security+

Intermediate

SU Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification

Advanced

SU Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

SUT Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

Expert

SU Q/PTL® Qualified/ Penetration Tester License Certification Lab Class

SUT Q/PTL® Qualified/ Penetration Tester Certification Class

4: Expert

SU *Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification &  Practical

4: Expert

Other Mapped SU Training and SUT Certifications:

400 - Operate & Maintain Back to Top

Specialty Area: Systems Administration (ADM)
Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Manages accounts, firewalls, and patches. Responsible for access control,
passwords, and account creation and administration.

Work Role: System Administrator (OM-ADM-001)
Responsible for setting up and maintaining a system or specific components of a system (e.g. for example, installing, configuring, and updating hardware and software; establishing and managing user accounts; overseeing or conducting backup and recovery tasks; implementing operational and technical security controls; and adhering to organizational security policies and procedures).

SU Training Course SUT Certification Work Role Proficiency

Security+

CompTIA Security+

2: Intermediate

SU Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification

3: Advanced

SU Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

SUT Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

3: Advanced

SU Q/PTL® Qualified/ Penetration Tester License Certification Class

SUT Q/PTL® Qualified/ Penetration Tester Certification Class

4: Expert

*Q/ND® Qualified/ Network Defender Certification Class  Practical

*Q/ND® Qualified/ Network Defender Certification &  Practical

4: Expert

*Q/FE® Qualified/ Forensic Expert Certification &  Practical

*Q/FE® Qualified/ Forensic Expert Certification &  Practical

4: Expert

Other Mapped SU Training and SUT Certifications:

  • SU Certified  Information Security Systems CISSP® Certification Class
  • - PowerShell Forensics Certification Class
  • Python Forensics Certification Class
  • SUT Qualified Forensics Expert
400 - Operate & Maintain Back to Top

Specialty Area: Systems Analysis (ANA)
Studies an organization's current computer systems and procedures, and designs information systems solutions to help the organization operate more securely, efficiently, and effectively. Brings business and information technology (IT) together by understanding the needs and limitations of both.

Work Role: Systems Security Analyst (OM-ANA-001)
Responsible for the analysis and development of the integration, testing, operations, and maintenance of systems
security.

SU Training Course SUT Certification Work Role Proficiency

SU Security+ Certification Class

 

CompTIA Security+ Security+

3: Advanced

SU CIPP® Certified Information Privacy Professional  Certification Class*

CIPP exam

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • Security+ Certified ISO 27001 SU ISMS® Lead Auditor Class
  • Certified ISO 27001 SU ISMS® Lead Implementer Certification Class

 

500 - Protect & Defend Back to Top

Specialty Area: Cybersecurity Defense Analysis (CDA)
Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.

Work Role: Cyber Defense Analyst (PR-CDA-001)
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

SU Training Course SUT Certification Work Role Proficiency

SU Security+ Certification Class

CompTIA Security+

2. Intermediate

SU Q/SA® Qualified/ Security Analyst  Penetration Tester

SU Q/SA® Qualified/ Security Analyst  Penetration Tester

3. Advanced

SU IDS I Catching the Hackers – Introduction to Intrusion Detection Certification Class

SUT Qualified Intrusion Analyst

3: Advanced

SU IDS II Catching the Hackers II: Systems to Defend Networks Certification Class

SUT Continuous Monitoring Certification

4. Expert

SU IDS III: On-site Log Analysis, Event Correlation and Response Certification Class

IDS III: On-site Log Analysis, Event Correlation and Response Certification Class

4: Expert

SU Q/CDA Qualified/ Cyber Defense Analyst Certification Class

Q/CDA Qualified/ Cyber Defense Analyst Certification Class

4: Expert

Other Mapped SU Training and SUT Certifications:

500 - Protect & Defend Back to Top

Specialty Area: Cybersecurity Defense Infrastructure Support (INF)
Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors
network to actively remediate unauthorized activities.

Work Role: Cyber Defense Infrastructure Support Specialist (PR-INF-001)
Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.

SU Training Course SUT Certification Work Role Proficiency

SU Security+ Certification Class

CompTIA Security+

2. Intermediate

SU Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification Class

3. Advanced

Other Mapped SU Training and SUT Certifications:

500 - Protect & Defend Back to Top

Specialty Area: Incident Response (CIR)
Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities.

Work Role: Cyber Defense Incident Responder (PR-CIR-001)
Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

SU Training Course SUT Certification Work Role Proficiency

SU Security + Certification Class

CompTIA Security + Certification

2. Intermediate

SU Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification Class

3. Advanced

SU QFE® Qualified/ Forensic Expert Certification Class Practical

SUT *QFE® Qualified/ Forensic Expert Certification Class Practical

3: Advanced

Other Mapped SU Training and SUT Certifications:

500 - Protect & Defend Back to Top

Specialty Area: Vulnerability Assessment and Management (VAM)
Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations.

Work Role: Vulnerability Assessment Analyst (PR-VAM-001)
Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

SU Training Course SUT Certification Work Role Proficiency

Enterprise Threat and Vulnerability Assessment

N/A

2. Intermediate

SU How to Break  & FIX Web Security Certification Class & Web App Penetration Testing

SUT How to Break  & FIX Web Security Certification Class

3. Advanced

SU Q/EH® Qualified/ Ethical Hacker Certification Class

SUT Q/EH® Qualified/ Ethical Hacker Certification Class

3: Advanced

SU Q/SA® Qualified/ Security Analyst  Certification Class

SUT Q/SA Qualified/ Security Analyst  Penetration Tester Certification Class

4: Expert

SU *Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

SUT *Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

4. Expert

Advanced Penetration Testing, Exploit Writing, and Ethical Hacking

SUT Exploit Researcher and Advanced Penetration Tester

4. Expert

Other Mapped SU Training and SUT Certifications:

 

600 - Securely Provision Back to Top

Specialty Area: Risk Management (RSK)
Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.

Work Role: Authorizing Official/Designating Representative (SP-RSK-001)
Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).

SU Training Course SUT Certification Work Role Proficiency

 

SU Security+Certification Class

CompTIA Security+

2: Intermediate

SU CISSP® Qualified Information Security Systems Professional Class 

ISC2 CISSP Information Security
Systems Professional

2. Intermediate

SU Linux/UNIX® Security Certification Class

CompTIA Linux+ Certification

2: Intermediate

600 - Securely Provision Back to Top

Specialty Area: Risk Management (RSK)
Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.

Work Role: Security Control Assessor (SP-RSK-002)
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).

SU Training Course

SUT Certification

Work Role Proficiency

SU Security+ Certification Class

CompTIA Security+

2: Intermediate

SU CISSP®Qualified Information Security Systems Professional Class

ISC2 CISSP Information Security
Systems Professional

2. Intermediate

SU Linux/UNIX® Security Certification Class

CompTIA Linux+

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • Forensics, Incident Handling / Q/FE: SUT Qualified/Forensics Expert
  • and Q/SA – Q/PTL Qualified/Security Analyst & Q/PTL Qualified/ Penetration Tester License
  • Ethical Hacking / Q/EH: SUT Qualified Ethical Hacker
600 - Securely Provision Back to Top

Specialty Area: Software Development (DEV)
Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs
following software assurance best practices.

Work Role: Secure Software Developer (SP-DEV-001)
Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or
specialized utility programs.

SU Training Course SUT Certification Work Role Proficiency

SU *Q/SSE® Qualified/ Software Security Expert Certification Class

SUT *Q/SSE® Qualified/ Software Security Expert  Certification

3: Advanced

SU Q/SSPT® Qualified/ Software Security Penetration Tester Certification Class

SUT Q/SSPT® Qualified/ Software Security Penetration Tester Certification

3: Advanced

SU How to Break & FIX Web Security Certification Class

SUT How to Break & FIX Web Security Certification

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • Fundamentals of Secure Software Programming  Certification
  • Q/SH/D® Qualified/ Software Hacker / Defender Certification
  • Q/STBP® Qualified/ Software Tester Best Practices Certification
600 - Securely Provision Back to Top

Specialty Area: Software Development (DEV)
Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs
following software assurance best practices.

Work Role: Secure Software Assessor (SP-DEV-002)
Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides
actionable results.

SU Training Course SUT Certification Work Role Proficiency

SU Fundamentals of Secure Software Programming Certification Class

SUT Secure Software Programming Certification

3: Advanced

SU Q/SA® Qualified/ Security Analyst Certification Class

SUT Q/SA® Qualified/ Security Analyst Certification

3. Advanced

SU *Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical

SUT *Q/PTL® Qualified/ Penetration Tester Workshop Practical

4. Expert

Other Mapped SU Training and SUT Certifications:

  • Q/FE® Qualified/ Forensic Expert Certification Class Practical
  • Q/ND® Qualified/ Network Defender Certification Class  Practical
600 - Securely Provision Back to Top

Specialty Area: Systems Architecture (ARC)
Develops system concepts and works on the capabilities phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.


Work Role: Enterprise Architect (SP-ARC-001)
Develops and maintains business, systems, and information processes to support enterprise mission needs; develops information technology (IT) rules and requirements that describe baseline and target architectures.

*S0374 -Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
*K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
*K0198 - Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
*K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
*K0214 - Knowledge of the Risk Management Framework Assessment Methodology.
*K0264 - Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
*S0060 - Skill in writing code in a currently supported programming language (e.g., Java, C++).
*K0030 - Knowledge of electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware).
*K0043 - Knowledge of industry-standard and organizationally accepted analysis principles and methods.
*K0024 - Knowledge of database systems.
*K0063 - Knowledge of parallel and distributed computing concepts.
*K0200 - Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
*K0291 - Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
*K0293 - Knowledge of integrating the organization’s goals and objectives into the architecture.
*S0005 - Skill in applying and incorporating information technologies into proposed solutions.
*S0122 - Skill in the use of design methods.
*A0008 - Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture.
*A0027 Ability to apply an organization's goals and objectives to develop and maintain architecture.
*A0060 Ability to build architectures and frameworks.

SU Training Course SUT Certification Work Role Proficiency

SU Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT Q/ND® Qualified/ Network Defender Certification Class  Practical

3: Advanced

SU Q/ISP Qualified/ Information Security Professional Certificate Program of Mastery

SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery

3: Expert

SU Cloud Computing Security Knowledge Certification

Cloud Computing Security Knowledge Certification

3: Advanced

600 - Securely Provision Back to Top

Specialty Area: Systems Architecture (ARC)
Develops system concepts and works on the capabilities phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.

Work Role: Security Architect (SP-ARC-002)
Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

SU Training Course SUT Certification Work Role Proficiency

SU *Q/ND® Qualified/ Network Defender Certification Class  Practical

SUT *Q/ND® Qualified/ Network Defender Certification Class  Practical

3: Advanced

SU Q/AA RMF Risk Management Framework - Qualified/ Authorization & Accreditation Class

SUT Q/AA RMF Risk Management Framework - Qualified/ Authorization & Accreditation Class

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • Security + Certification
  • SUT Q/CDA Qualified/ Cyber Defense Analyst Certification Class
  • SUT IDS II Catching the Hackers II: Systems to Defend Networks Certification Class
600 - Securely Provision Back to Top

Specialty Area: Technology R&D (TRD)
Conducts technology assessment and integration processes; provides and supports a prototype capability and/or
evaluates its utility.

Work Role: Research & Development Specialist (SP-TRD-001)
Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in
cyberspace systems.

SU Training Course

SUT Certification

Work Role Proficiency

SU Cloud Computing Security Knowledge Certification

SUT Cloud Computing Security Knowledge Certification

3: Advanced

SU How to Break  & FIX Web Security Certification Class

SUT How to Break  & FIX Web Security Certification Class

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • Security+
  • SUT Python Forensics Certification
  • Secure DevOps: A Practical Introduction
  • Cloud Security Architecture and Operations
600 - Securely Provision Back to Top

Specialty Area: Systems Requirements Planning (SRP)
Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs.

Work Role: Systems Requirements Planner (SP-SRP-001)
Consults with customers to evaluate functional requirements and translate functional requirements into technical
solutions.

SU Training Course SUT Certification Work Role Proficiency

SU Certified ISO 27001 ISMS® Lead Auditor Class

 

SUT Certified ISO 27001 SU ISMS® Lead Auditor Certification

2: Intermediate

SU Certified ISO 27001 ISMS® Lead Implementer Certification Class

SUT Certified ISO 27001 SU ISMS® Lead Implementer Certification

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • Security+ Class and Certification /  SU  CISSP® Certification Class
  • SUT Information Certified ISO 27001
  • SU ISMS® Lead Implementer Certification Class
  • SU Q/ISO Qualified/ Chief Information Security Officer Certification Class
  • SU Q/CSO Qualified/Cyber Security Officer Certification Class
600 - Securely Provision Back to Top

Specialty Area: Test and Evaluation (TST)
Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.

Work Role: System Testing and Evaluation Specialist (SP-TST-001)
Plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.

SU Training Course SUT Certification Work Role Proficiency

SU Security+ Certification Class

SU CompTIA Security+ Certification

Intermediate

SU Q/AA RMF Risk Management Framework - Qualified/ Authorization & Accreditation Class*

SUT Q/AA RMF Risk Management Framework - Qualified/ Authorization & Accreditation

Advanced

Other Mapped SU Training and SUT Certifications:

  • Security+ Class and Certification
  • Certified  Information Security Systems CISSP® Certification Class
600 - Securely Provision Back to Top

Specialty Area: Systems Development (SYS)
Works on the development phases of the systems development life cycle.

Work Role: Information Systems Security Developer (SP-SYS-001)
Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.

SU Training Course SUT Certification Work Role Proficiency

SU Q/AA RMF Risk Management Framework - Qualified/ Authorization & Accreditation Class*

SUT Q/AA RMF Risk Management Framework - Qualified/ Authorization & Accreditation

3: Advanced

SU Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class

SUT Q/SA® Qualified/ Security Analyst  Penetration Tester Certification

3: Advanced

SUF Cloud Computing Security Knowledge Certification

SUT CCSK Cloud Computing Security Knowledge Certification

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Security+ Class and CompTIA Security+ Certification
  • SU Certified  Information Security Systems CISSP® Certification Class
  • Q/SSE® Qualified/ Software Security Expert 5 Day Bootcamp  Certification
  • Q/STP® Qualified Software Testing Bootcamp Certification Class
  • How to Break  & FIX Web Security Certification, Q/EH Qualified/
  • /PTL® Qualified/ Penetration Tester License Class/ Workshop Practical
  • Ethical Hacking, and Exploitation Techniques
  • Q/CDA Qualified/ Cyber Defense Analyst Certification Class
600 - Securely Provision Back to Top

Specialty Area: Systems Development (SYS)
Works on the development phases of the systems development life cycle.

Work Role: Systems Developer (SP-SYS-002)
Designs, develops, tests, and evaluates information systems throughout the systems development life cycle.

SU Training Course SUT Certification Work Role Proficiency

*Q/SSE® Qualified/ Software Security Expert 5 Day Bootcamp  Certification Class

*Q/SSE® Qualified/ Software Security Expert 5 Day Bootcamp  Certification Class

3: Advanced

How to Break  & FIX Web Security Certification Class

How to Break  & FIX Web Security Certification Class

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Security+ Class and CompTIA Security+ Certification
  • SU Certified  Information Security Systems CISSP® Certification Class
  • How to Break & FIX Software Security Certification Class
  • Fundamentals of Secure Software Programming  Certification
  • Q/SH/D® Qualified/ Software Hacker / Defender Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Legal Advice and Advocacy (LGA)
Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain. Advocates legal and policy changes, and makes a case on behalf of client via a wide range of written and oral work products, including legal briefs and proceedings.

Work Role: Cyber Legal Advisor (OV-LGA-001)
Provides legal advice and recommendations on relevant topics related to cyber law.

SU Training Course

SUT Certification

Work Role Proficiency

SU CIPP® Certified Information Privacy Professional  Certification Class*

SU CIPP® Certified Information Privacy Professional  Certification Class*

3: Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Awareness Training Program
  • Certified ISO 27001 SU ISMS® Lead Auditor Class
  • SU Security+ Class and CompTIA Security+ Certification
  • SU Certified  Information Security Systems CISSP® Certification Class
  • Cyber Security / GISF: SUT Information Security Fundamentals for CISSP® Certification / GISP: SUT Information Security Professional
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Systems Administration (ADM)
Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Manages accounts, firewalls, and patches. Responsible for access control,
passwords, and account creation and administration.

Work Role: Privacy Officer/Privacy Compliance Manager (OV-LGA-002)
Develops and oversees privacy compliance program and privacy program staff, supporting privacy compliance, governance/policy, and incident response needs of privacy and security executives and their teams.

SU Training Course SUT Certification Work Role Proficiency

Security+ Certification

Security+ Certification

2: Intermediate

SU Training Program for CISSP® Certification

CISSP Certified Information Security
System Professional

Intermediate

SU Q/ISO Qualified/ Chief Information Security Officer Certification Class

SUT CIPP Security Leadership Certification

Advanced

Other Mapped SU Training and SUT Certifications:

  • SU Security+ Class and CompTIA Security+ Certification
  • SU Certified  Information Security Systems CISSP® Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Training, Education, and Awareness (TEA)
Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.

Work Role: Cyber Instructional Curriculum Developer (OV-TEA-001)
Develops, plans, coordinates, and evaluates cyber training/education courses, methods, and techniques based on
instructional needs.

SU Training Course SUT Certification Work Role Proficiency

SU Security+ Class and CompTIA Security+ Certification

Security+ Certification

Intermediate

SU Certified  Information Security Systems CISSP® Certification Class

Certified  Information Security Systems CISSP® Certification

2: Intermediate

Other Mapped SU Training and SUT Certifications:

700/800/900 - Oversee & Govern Back to Top

Specialty Area: Training, Education, and Awareness (TEA)
Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.

Work Role: Cyber Instructor (OV-TEA-002)
Develops and conducts training or education of personnel within cyber domain.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

CompTIA Security+

Intermediate

Advanced Security Essentials - Enterprise Defender

GCED:
SUT Qualified Enterprise Defender

Advanced

Other Mapped SU Training and SUT Certifications:

700/800/900 - Oversee & Govern Back to Top

Specialty Area: Cybersecurity Management (MGT)
Oversees the cybersecurity program of an information system or network, including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.

Work Role: Information Systems Security Manager (OV-MGT-001)
Responsible for the cybersecurity of a program, organization, system, or enclave.

SU Training Course SUT Certification Work Role Proficiency

SUT Security+ Class

CompTIA Security+ Certification

2: Intermediate

SUT Security Essentials for CISSP® Class

SUT Security Essentials for CISSP® Certification

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • SU Security + Class and Certification
  •  SUT Security Essentials for CISSP® Certification
  • SU Q/ISP® Qualified/ Information Security Professional Certificate Program of Mastery CPoM
  • Q/SA® Qualified/ Security Analyst  Penetration Tester Certification Class
  • *Q/PTL® Qualified/ Penetration Tester License Class/ Workshop Practical
  • Q/EH® Qualified/ Ethical Hacker Certification Class
  • *Q/ND® Qualified/ Network Defender Certification Class  Practical
  • *QFE® Qualified/ Forensic Expert Certification Class Practical
  • SU CISSP® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • SU Security+® CompTIA Certification Class
  • Cloud Computing Security Knowledge Certification (CCSK and CCSK Plus) Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Cybersecurity Management (MGT)
Oversees the cybersecurity program of an information system or network, including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.

Work Role: Communications Security (COMSEC) Manager (OV-MGT-002)
Individual who manages the Communications Security (COMSEC) resources of an organization (CNSSI 4009) or key
custodian for a Crypto Key Management System (CKMS).

SU Training Course SUT Certification Work Role Proficiency

SU Security+

Security+ Certification

2: Intermediate

SU CISSP® Certification class

CISSP Certified Information Security
Systems Professional

Intermediate

SU Q/ISO Qualified/ Chief Information Security Officer Certification Class

SU Q/ISO Qualified/ Chief Information Security Officer Certification Class

2: Intermediate

Other Mapped SU Training and SUT Certifications:

700/800/900 - Oversee & Govern Back to Top

Specialty Area: Strategic Planning and Policy (SPP)
Develops policies and plans and/or advocates for changes in policy that support organizational cyberspace initiatives or required changes/enhancements.

Work Role: Cyber Workforce Developer and Manager (OV-SPP-001)
Develops cyberspace workforce plans, strategies, and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

Security+ Certification

2: Intermediate

SU CISSP Certified Information Security
Systems Professional Certification class

CISSP Certified Information Security
Systems Professional

Intermediate

Other Mapped SU Training and SUT Certifications:

  • SUT Security Fundamentals for CISSP® Certification
  •  SUT Information Security Professional
  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class Certificate of Mastery CoM
  • SU Security+® CompTIA Certification Class
  • ~SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • ISSEP® ISC2® Information Security Systems Engineer Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Strategic Planning and Policy (SPP)
Develops policies and plans and/or advocates for changes in policy that support organizational cyberspace initiatives or required changes/enhancements.

Work Role: Cyber Policy and Strategy Planner (OV-SPP-002)
Develops cyberspace workforce plans, strategies, and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

Security+ Certification

2: Intermediate

SU CISSP Certified Information Security
Systems Professional Certification class

CISSP Certified Information Security
Systems Professional

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class Certificate of Mastery CoM
  • SU Security+® CompTIA Certification Class
  • ~SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • ISSEP® ISC2® Information Security Systems Engineer Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Executive Cyber Leadership (EXL)
Supervises, manages, and/or leads work and workers performing cyber and cyber-related and/or cyber operations work.

Work Role: Executive Cyber Leadership (OV-EXL-001)
Executes decision-making authorities and establishes vision and direction for an organization's cyber and cyber-related resources and/or operations.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

CompTIA Security+ Certification

2: Intermediate

SU CISSP Certified Information Security
Systems Professional Certification class

CISSP Certified Information Security
Systems Professional

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class Certificate of Mastery CoM
  • SU Security+® CompTIA Certification Class
  • ~SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • ISSEP® ISC2® Information Security Systems Engineer Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Program/Project Management (PMA) and Acquisition
Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life cycle.

Work Role: Program Manager (OV-PMA-001)
Leads, coordinates, communicates, integrates, and is accountable for the overall success of the program, ensuring
alignment with agency or enterprise priorities.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

CompTIA Security+ Certification

2: Intermediate

SU CISSP Certified Information Security Systems Professional Certification class

CISSP Certified Information Security
Systems Professional

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • SUT Certified Information Security Systems for Professionals CISSP® Certification
  • SUT Information Security Professional Communication,
    PMP® Exam Prep
  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class
  • SU Security+® CompTIA Certification Class
  • SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Program/Project Management (PMA) and Acquisition
Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life cycle.

Work Role: IT Project Manager (OV-PMA-002)
Directly manages information technology projects.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

CompTIA Security+ Certification

2: Intermediate

SU CISSP Certified Information Security Systems Professional Certification class

CISSP Certified Information Security
Systems Professional

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • SUT Certified Information Security Systems for Professionals CISSP® Certification
  • SUT PMP® Exam Prep
  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class
  • SU Security+® CompTIA Certification Class
  • SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Program/Project Management (PMA) and Acquisition
Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life cycle.

Work Role: Product Support Manager (OV-PMA-003)
Manages the package of support functions required to field and maintain the readiness and operational capability of
systems and components.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

CompTIA Security+ Certification

2: Intermediate

SU CISSP Certified Information Security Systems Professional Certification class

CISSP Certified Information Security
Systems Professional

2: Intermediate

Other Mapped SU Training and SUT Certifications:

  • SUT Certified Information Security Systems for Professionals CISSP® Certification
  • SUT Information Security Professional Communication, PMP® Exam Prep
  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class
  • SU Security+® CompTIA Certification Class
  • SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • ISSEP® ISC2® Information Security Systems Engineer Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class
700/800/900 - Oversee & Govern Back to Top

Specialty Area: Program/Project Management (PMA) and Acquisition
Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life cycle.

Work Role: IT Program Auditor (OV-PMA-005)
Conducts evaluations of an IT program or its individual components to determine compliance with published standards.

SU Training Course SUT Certification Work Role Proficiency

SU Security+

CompTIA Security+ Certification

2: Intermediate

CISSP Certified Information Security
Systems Professional

2: Intermediate

SU CASP® - CompTIA Advance Security Professional Certification Class

CASP® - CompTIA Advance Security Professional Certification Class

3 Advanced

Other Mapped SU Qualified Training and SUT Certifications:

  • SUT Certified Information Security Systems for Professionals CISSP® Certification
  • SUT  PMP® Exam Prep
  • Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class
  • Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class
  • *Q/CA RMF Qualified/ Certification & Accreditation Administrator Certification Class
  • SU Security+® CompTIA Certification Class
  • SU CISSP® ISC2® Certified Information Security Systems Professional Class
  • SU CASP® - CompTIA Advance Security Professional Certification Class
  • ISSEP® ISC2® Information Security Systems Engineer Certification Class
  • SU CISA® Certified Information Security Auditor Certification Class
  • SU CISM® Certified Information Security Manager Certification Class
  • Certified ISO 27001 SU ISMS® Lead Auditor Certification Class
  • Certified ISO 27001 SU ISMS® Lead Implementation Certification Class

Ensuring a Trained and Certified and Qualified Cybersecurity Workforce

Since our first Q/SA- Q/PTL class SU provided at SANS Orlando 1999, SU's "hands-on training" and SUT Certifications have pioneered performance based competency based cybersecurity training with practicals to validate cyber skills, going way beyond theory based classes, to learn hands-on skills necessary to defend our networks and our national critical infrastructure against foreign and domestic threats. Using the proven “Schneider Method” of stacked (successively more challenging) instructor led hands-on, competency-based cyber curricula of 72 hour classes over 2, 6, or 8 weeks to develop key cyber skills for cyber careers.

20 years of competency based experience demonstrates SU's capability to build a certified and qualified workforce focusing on advanced tactical deep knowledge; instructor and peer validated skills and real world applications needed to prove your team can meet Federal Contract requirements.

The NICE Cybersecurity Framework provides a blueprint to categorize, organize, and describe cybersecurity work into Specialty Areas, Categories and new Work Roles. Identifying the needs of a trained, certified and qualified workforce, is further by defining critical tasks, knowledge, skills and abilities (KSAs). The Cybersecurity Workforce Framework provides a common language to help define professional work requirements in cybersecurity speak on resumes, job role descriptions and career objectives’.

Using the NICE Cybersecurity Framework

SU classes and SUT Certifications are mapped to the NICE Cybersecurity Workrole Framework. For ease of use we have formatted both the downloadable .pdf and the Interactive Map utilizing the work role as the basis.

Everything you need to know about that job role, specialty area, and map to SU Instructor Led Training Courses and the affiliated SUT Certifications are located on one page or section; including the SU Course, SUT Certification, and proficiency levels. To maintain organizational integrity, SU and SUT NICE Framework approach includes only courses and certifications that mapp and made sense.

Basic Information About Proficiency Levels

Basic - Training maps to many knowledge statements, simpler skills, and tasks that are pre-requisites to an employee being effective in this job role.

Intermediate - Training maps to many mid-level knowledge, skills, abilities and tasks. Employee can be reasonably effective in this job role after receiving training.

Advanced - Maps to higher level knowledge, skills, abilities, and tasks. Employee should be very effective in this functional area after receiving training. However, some lower level, pre-requisite KSAs may not be covered by these courses.

Expert - Maps to few very specific KSAs or tasks in a highly focused area. This training assumes someone is already well trained and effective in this job role overall. It focuses on expertise in a very specific, narrow area.