View Position Qualification

13-509-1254

Name

Data Administration Specialist

Status

Published

Version

1.3

Updated

12/2/2019 4:33:45 PM

Original Release

11/07/2017

Last Major Release

12/02/2019

NQS Position

Resource Category

Cybersecurity

Primary Core Capability

Cybersecurity

Secondary Core Capability

Resource Kind

Personnel

Overall Function

The Data Administration Specialist mitigates and responds to immediate and potential cyber threats.

Single resource

In conjunction with a NIMS typed team

NIMS Typed Team

Cyber Incident Response Team

In conjunction with a NIMS typed unit

NIMS Typed Unit

Description Notes

Not Specified

Supporting Core Capabilities
None

Types
Type	Description
Type 1	The Data Administration Specialist: 1. Develops and administers databases and data management systems that allow storage, query, and use of data 2. Responds to crises or urgent situations within the pertinent domain to respond to and mitigate immediate and potential cyber threats as part of the NIMS Type 1 Cyber Incident Response Team

Education

Not Specified

Component Types
Type	Criteria
Type 1	Not Specified

Training

Not Specified

Component Types
Type	Criteria
Type 1	Completion of the following 1. IS-100: Introduction to Incident Command System, ICS-100 2. IS-200: Basic Incident Command System for Initial Response, ICS-200 3. IS-700: National Incident Management System, An Introduction 4. IS-800: National Response Framework, An Introduction 5. Database Administration Principles 6. Information Security Fundamentals and Essentials

Experience

The knowledge, skills, and abilities align with the National Initiative for Cyber Education (NICE) National Cybersecurity Workforce Framework.

Type 1

Agency Having Jurisdiction (AHJ)-documented and validated knowledge, skills, and abilities demonstrated in the following areas: 1. Data administration and data standardization policies and standards 2. Data backup, types of backups, and recovery concepts and tools 3. Data types: structured, unstructured, binary large object 4. Data mining and data warehousing principles 5. Different technologies for data storage including tape, optical, or disk 6. Data storage area networks (SAN) and the data file system tools 7. Network attached storage technologies 8. Database management systems, query languages, table relationships, and views 9. Digital rights management 10. Enterprise messaging systems and associated software 11. Network access, identity, and access management 12. Operating systems 13. Policy-based and risk adaptive access controls 14. Query languages such as Structured Query Language (SQL) 15. Sources, characteristics, and uses of the organization’s data assets 16. Characteristics of physical and virtual data storage media 17. Database theory 18. Personally Identifiable Information (PII) and Payment Card Industry (PCI) data security standards 19. Database misconfiguration and vulnerabilities 20. Different database models such as relational versus object oriented 21. Industry standard database products, 22. Database encryption types 23. Database logging capabilities and techniques 24. Allocating storage capacity in the design of data management systems 25. Conducting queries and developing algorithms to analyze data structures 26. Designing and implementing databases and systems 27. Developing data dictionaries, models, and repositories 28. Generating queries and reports 29. Optimizing database performance 30. Data recovery mechanisms from various storage formats 31. Network attached storage technologies AHJ-validated experience demonstrated in the following areas: 1. Analyzing and defining data needs, specifications, and planning for anticipated changes in data capacity needs 2. Developing and implementing data mining and data warehousing programs 3. Network attached storage technologies 4. Developing data standards, policies, and procedures 5. Installing and configuring database management systems software 6. Maintaining database management systems software 7. Maintaining directory replication services that enable information to replicate automatically via optimized routing 8. Maintaining information exchanges through publish, subscribe, and alert functions that enable users to send and receive critical information 9. Managing the compilation, cataloging, caching, distribution, and retrieval of data 10. Monitoring and maintaining databases to ensure optimal performance 11. Performing backup and recovery of databases to ensure data integrity 12. Providing a managed flow of relevant information via web-based portals or other means, based on mission needs 13. Providing recommendations on new database technologies and architectures

Physical/Medical Fitness

The NIMS Guideline for the National Qualification System (NQS) defines Physical/Medical Fitness levels for NIMS positions.

Component Types
Type	Criteria
Type 1	Light

Currency

Provider must carry out and use any background checks as applicable law specifies. This may include a background check completed within past 12 months; sex-offender registry check; and a local, state, and a local, state, and national criminal history.

Component Types
Type	Criteria
Type 1	1. Functions in this position during an operational incident, planned event, exercise, drill, or simulation at least once every year 2. Background checks as applicable law permits and requires 3. Active security clearance

Professional and Technical Licenses and Certifications

Not Specified

Component Types
Type	Criteria
Type 1	1. Technical qualifications equivalent to Department of Defense Directive (DoDD) 8570 Level 2 certification 2. Database Administrator Certification (DAC) 3. Information Assurance Certification (IAC)

Composition and Ordering Specifications
Specification
Discuss logistics for deploying this position, such as working conditions, length of deployment, security, lodging, transportation, and meals, prior to deployment

1083

Notes

References
Reference
FEMA, NIMS 508: Cyber Incident Response Team
FEMA, National Incident Management System (NIMS), October 2017
FEMA, NIMS Guideline for NQS, November 2017
FEMA, National Response Framework, June 2016
National Initiative for Cybersecurity Education, National Cybersecurity Workforce Framework, v.2, May 2014
Department of Defense Directive (DoDD), 8570 and Global Assurance Information Certification (GAIC), January 2014

Version	Publish Date	Document Type
Published Versions
1.3	12/2/2019 4:33:45 PM	PDF
1.2	11/28/2018 5:34:51 PM	PDF
1.1	9/28/2018 5:15:15 PM	PDF
1.0	11/7/2017 3:50:13 PM	PDF