Icon that says Operate and Maintain with wrench and hammer together in x shape image.

Develops and administers databases and/or data management systems that allow for the storage, query, protection, and utilization of data.

Below are the roles for this Specialty Area. Click each role to see the KSAs (Knowledge, Skills, and Abilities) and Tasks.

  • A0029: Ability to build complex data structures and high-level programming languages.
  • A0035: Ability to dissect a problem and examine the interrelationships between data that may appear unrelated.
  • A0036: Ability to identify basic common coding flaws at a high level.
  • A0041: Ability to use data visualization tools (e.g., Flare, HighCharts, AmCharts, D3.js, Processing, Google Visualization API, Tableau, Raphael.js).
  • A0066: Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Capability Indicators for Data Analyst
    Category Entry Intermediate Advanced
    Credentials/Certifications
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, organizational security, network infrastructure, mobile device integration, hardware evaluation, operating systems, technical support, managing, maintaining, troubleshooting, installing, configuring basic network infrastructure, network types, network media, switching fundamentals, TCP/IP, IP addressing and routing, WAN technologies, operating and configuring IOS devices, and managing network environments
    • Recommended: Yes
    • Example Types: N/A
    • Example Topics: Certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, and organizational security
    • Recommended: Yes
    • Example Topics: Certifications addressing security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security
    Continuous Learning
    • Recommended: Yes
    • Examples: 40 hours annually (may include mentoring, controlled exposure to more advanced work, and detailed reassignment/rotational program)
    • Recommended: Yes
    • Examples: 40 hours annually (may include mentoring Entry-level coworkers under the oversight of a supervisor)
    • Recommended: Yes
    • Examples: 40 hours annually (may include mentoring other team members)
    Education
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's or high school diploma and 4 years of experience
    • Example Topics: Statistics, economics, science (if curricula contain data analysis)
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's or high school diploma and 4 years of experience
    • Example Topics: Statistics, economics, science (if curricula contain data analysis)
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's, Master's, Ph.D.
    • Example Topics: Cybersecurity
    Experiential Learning
    • Recommended: Yes
    • Examples: 3 years of relevant experience or 1 year with a master's degree; experience with query tools, analytical and quantitative reasoning, report writing, and administrative tasks
    • Recommended: Yes
    • Examples: 5 years of relevant experience (a master's degree may substitute for 2 years of experience); experience with data analytics, predictive modeling, multiple tool databases, responding to complex questions, and operational tasks
    • Recommended: Not essential but may be beneficial
    • Examples: 10 years of experience in data analytics systems development, software engineering, systems development, predictive modeling, and understanding data storage and retrieval techniques
    Training
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Presentation skills
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Data normalization, data warehousing, and presentation skills
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Advanced analysis, advanced data mining, advanced data science, and presentation skills
  • K0001: Knowledge of computer networking concepts and protocols, and network security methodologies. 
  • K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
  • K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
  • K0004: Knowledge of cybersecurity and privacy principles. 
  • K0005: Knowledge of cyber threats and vulnerabilities. 
  • K0006: Knowledge of specific operational impacts of cybersecurity lapses. 
  • K0015: Knowledge of computer algorithms. 
  • K0016: Knowledge of computer programming principles 
  • K0020: Knowledge of data administration and data standardization policies. 
  • K0022: Knowledge of data mining and data warehousing principles. 
  • K0023: Knowledge of database management systems, query languages, table relationships, and views. 
  • K0025: Knowledge of digital rights management. 
  • K0031: Knowledge of enterprise messaging systems and associated software.
  • K0051: Knowledge of low-level computer languages (e.g., assembly languages). 
  • K0052: Knowledge of mathematics (e.g. logarithms, trigonometry, linear algebra, calculus, statistics, and operational analysis). 
  • K0056: Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). 
  • K0060: Knowledge of operating systems.
  • K0065: Knowledge of policy-based and risk adaptive access controls.
  • K0068: Knowledge of programming language structures and logic.
  • K0069: Knowledge of query languages such as SQL (structured query language).
  • K0083: Knowledge of sources, characteristics, and uses of the organization’s data assets.
  • K0095: Knowledge of the capabilities and functionality associated with various technologies for organizing and managing information (e.g., databases, bookmarking engines).
  • K0129: Knowledge of command-line tools (e.g., mkdir, mv, ls, passwd, grep). 
  • K0139: Knowledge of interpreted and compiled computer languages.
  • K0140: Knowledge of secure coding techniques.
  • K0193: Knowledge of advanced data remediation security features in databases. 
  • K0197: Knowledge of database access application programming interfaces (e.g., Java Database Connectivity [JDBC]). 
  • K0229: Knowledge of applications that can log errors, exceptions, and application faults and logging.
  • K0236: Knowledge of how to utilize Hadoop, Java, Python, SQL, Hive, and PIG to explore data.
  • K0238: Knowledge of machine learning theory and principles.
  • K0325: Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
  • K0420: Knowledge of database theory.
  • S0013: Skill in conducting queries and developing algorithms to analyze data structures.
  • S0017: Skill in creating and utilizing mathematical or statistical models.
  • S0028: Skill in developing data dictionaries.
  • S0029: Skill in developing data models.
  • S0037: Skill in generating queries and reports.
  • S0060: Skill in writing code in a currently supported programming language (e.g., Java, C++).
  • S0088: Skill in using binary analysis tools (e.g., Hexedit, command code xxd, hexdump).
  • S0089: Skill in one-way hash functions (e.g., Secure Hash Algorithm [SHA], Message Digest Algorithm [MD5]).
  • S0094: Skill in reading Hexadecimal data.
  • S0095: Skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode).
  • S0103: Skill in assessing the predictive power and subsequent generalizability of a model.
  • S0106: Skill in data pre-processing (e.g., imputation, dimensionality reduction, normalization, transformation, extraction, filtering, smoothing).
  • S0109: Skill in identifying hidden patterns or relationships.
  • S0113: Skill in performing format conversions to create a standard representation of the data.
  • S0114: Skill in performing sensitivity analysis.
  • S0118: Skill in developing machine understandable semantic ontologies.
  • S0119: Skill in Regression Analysis (e.g., Hierarchical Stepwise, Generalized Linear Model, Ordinary Least Squares, Tree-Based Methods, Logistic).
  • S0123: Skill in transformation analytics (e.g., aggregation, enrichment, processing).
  • S0125: Skill in using basic descriptive statistics and techniques (e.g., normality, model distribution, scatter plots).
  • S0126: Skill in using data analysis tools (e.g., Excel, STATA SAS, SPSS).
  • S0127: Skill in using data mapping tools.
  • S0129: Skill in using outlier identification and removal techniques.
  • S0130: Skill in writing scripts using R, Python, PIG, HIVE, SQL, etc.
  • S0160: Skill in the use of design modeling (e.g., unified modeling language).
  • S0202: Skill in data mining techniques (e.g., searching file systems) and analysis.
  • S0369: Skill to identify sources, characteristics, and uses of the organization’s data assets. 
  • T0007: Analyze and define data requirements and specifications.
  • T0008: Analyze and plan for anticipated changes in data capacity requirements.
  • T0068: Develop data standards, policies, and procedures.
  • T0146: Manage the compilation, cataloging, caching, distribution, and retrieval of data.
  • T0195: Provide a managed flow of relevant information (via web-based portals or other means) based on mission requirements.
  • T0210: Provide recommendations on new database technologies and architectures.
  • T0342: Analyze data sources to provide actionable recommendations.
  • T0347: Assess the validity of source data and subsequent findings.
  • T0349: Collect metrics and trending data.
  • T0351: Conduct hypothesis testing using statistical processes.
  • T0353: Confer with systems analysts, engineers, programmers, and others to design application.
  • T0361: Develop and facilitate data-gathering methods.
  • T0366: Develop strategic insights from large data sets.
  • T0381: Present technical information to technical and nontechnical audiences.
  • T0382: Present data in creative formats.
  • T0383: Program custom algorithms.
  • T0385: Provide actionable recommendations to critical stakeholders based on data analysis and findings.
  • T0392: Utilize technical documentation or resources to implement a new mathematical, data science, or computer science method.
  • T0402: Effectively allocate storage capacity in the design of data management systems.
  • T0403: Read, interpret, write, modify, and execute simple scripts (e.g., Perl, VBScript) on Windows and UNIX systems (e.g., those that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data).
  • T0404: Utilize different programming languages to write code, open files, read files, and write output to different files.
  • T0405: Utilize open source language such as R and apply quantitative techniques (e.g., descriptive and inferential statistics, sampling, experimental design, parametric and non-parametric tests of difference, ordinary least squares regression, general line).
  • T0460: Develop and implement data mining and data warehousing programs.
  • A0176: Ability to maintain databases. (i.e., backup, restore, delete data, transaction log files, etc.).
  • Capability Indicators for Database Administrator
    Category Entry Intermediate Advanced
    Credentials/Certifications
    • Recommended: Yes
    • Example Types: N/A
    • Example Topics: Certifications addressing network infrastructure, mobile device integration, hardware evaluation, operating systems, technical support, managing, maintaining, troubleshooting, installing, configuring basic network infrastructure, network types, network media, switching fundamentals, TCP/IP, IP addressing and routing, WAN technologies, operating and configuring IOS devices, and managing network environments, planning, security, working with databases and database objects, working with DB2 data using SQL, working with DB2 tables, views, and indexes, data concurrency
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, organizational security, access control theory, alternate network mapping techniques, authentication and password management, common types of attacks, contingency planning, critical security controls, concepts, crypto fundamentals, defense-in-depth, DNS, firewalls, honeypots, ICMP, incident handling fundamentals, intrusion detection overview, IP packets, IPS overview, IPv6, legal aspects of incident handling, Mitnick-Shimomura attack, network addressing, network fundamentals, network mapping and scanning, network protocol, policy framework, protecting data at rest, public key infrastructure (PKI), reading packets, risk management, securing server services, SIEM/Log management, steganography overview, TCP, UDP, virtual private networks, viruses and malicious code, vulnerability management overview, vulnerability scanning, web application security, auditing and forensics, network security overview, permissions and user rights, security templates and group policy, service packs, hotfixes and backups, active directory and group policy overview, wireless security, authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, cryptography, malicious code countermeasures
    • Recommended: Not essential but may be beneficial
    • Example Topics: Certifications addressing security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations, software development security, access control theory, alternate network mapping techniques, authentication and password management, common types of attacks, contingency planning, critical security controls, concepts, crypto fundamentals, defense-in-depth, DNS, firewalls, honeypots, ICMP, incident handling fundamentals, intrusion detection overview, IP packets, IPS overview, IPv6, legal aspects of incident handling, Mitnick-Shimomura attack, network addressing, network fundamentals, network mapping and scanning, network protocol, policy framework, protecting data at rest, PKI, reading packets, risk management, securing server services, SIEM/Log management, steganography overview, TCP, UDP, virtual private networks, viruses and malicious code, vulnerability management overview, vulnerability scanning, web application security, auditing and forensics, network security overview, permissions and user rights, security templates and group policy, service packs, hotfixes and backups, active directory and group policy overview, wireless security, information security governance, security program development and management, information security incident management, acquisitions, IT service management/lifecycle, change management, and project management (initiating, planning executing, monitoring and controlling, closing)
    Continuous Learning
    • Recommended: Not essential but may be beneficial
    • Examples: 40 hours annually (may include mentoring, conferences, webinars)
    • Recommended: Not essential but may be beneficial
    • Examples: 40 hours annually (may include mentoring, shadowing, conferences, webinars, or rotations)
    • Recommended: Not essential but may be beneficial
    • Examples: 40 hours annually (may include mentoring, shadowing, conferences, webinars, or rotations)
    Education
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's (2-5 years of experience in database management support may substitute education; certifications addressing planning, security, database objects, DB2 data using SQL, DB2 tables, views, and indexes, and data concurrency may substitute education)
    • Example Topics: Computer science, computer networking, information science
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's, Master's (7-18 years of experience in database management support may substitute education; certifications addressing planning, security, databases and database objects, DB2 data using SQL, DB2 tables, views, and indexes, and data concurrency may substitute education)
    • Example Topics: Computer science, computer networking, information science, networking, and/or information science
    • Recommended: Not essential but may be beneficial
    • Example Types: Master's, Ph.D. (15-20 years of experience in IT operations, data architecture, and/or infrastructure may substitute education)
    • Example Topics: IT management, information science
    Experiential Learning
    • Recommended: Not essential but may be beneficial
    • Examples: In lieu of higher education, 2-5 years of experience with enterprise server software, database management tools, database backup and recovery procedures (including development of documentation for all recurring data management tasks), and database performance tuning methodologies
    • Recommended: Not essential but may be beneficial
    • Examples: In lieu of higher education, 7-18 years of experience with database management tools, database backup and recovery procedures, including development of documentation for all recurring data management tasks, database configuration and performance tuning, developing physical models, utilizing data modeling tools, the design and implementation of data security models, enterprise server software, and policy development
    • Recommended: Not essential but may be beneficial
    • Examples: In lieu of higher education, 15-20 years of experience with IT operations, and data architecture, Infrastructure
    Training
    • Recommended: N/A
    • Example Types: N/A
    • Example Topics: N/A
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Enterprise IT environment, enterprise architecture, and data architecture
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Writing, communications, and interpersonal skills
  • K0001: Knowledge of computer networking concepts and protocols, and network security methodologies. 
  • K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
  • K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
  • K0004: Knowledge of cybersecurity and privacy principles. 
  • K0005: Knowledge of cyber threats and vulnerabilities. 
  • K0006: Knowledge of specific operational impacts of cybersecurity lapses. 
  • K0020: Knowledge of data administration and data standardization policies. 
  • K0021: Knowledge of data backup and recovery. 
  • K0022: Knowledge of data mining and data warehousing principles. 
  • K0023: Knowledge of database management systems, query languages, table relationships, and views. 
  • K0025: Knowledge of digital rights management. 
  • K0031: Knowledge of enterprise messaging systems and associated software.
  • K0056: Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). 
  • K0060: Knowledge of operating systems.
  • K0065: Knowledge of policy-based and risk adaptive access controls.
  • K0069: Knowledge of query languages such as SQL (structured query language).
  • K0083: Knowledge of sources, characteristics, and uses of the organization’s data assets.
  • K0097: Knowledge of the characteristics of physical and virtual data storage media.
  • K0197: Knowledge of database access application programming interfaces (e.g., Java Database Connectivity [JDBC]). 
  • K0260: Knowledge of Personally Identifiable Information (PII) data security standards. 
  • K0261: Knowledge of Payment Card Industry (PCI) data security standards. 
  • K0262: Knowledge of Personal Health Information (PHI) data security standards. 
  • K0277: Knowledge of current and emerging data encryption (e.g., Column and Tablespace Encryption, file and disk encryption) security features in databases (e.g. built-in cryptographic key management features). 
  • K0278: Knowledge of current and emerging data remediation security features in databases.
  • K0287: Knowledge of an organization's information classification program and procedures for information compromise. 
  • K0420: Knowledge of database theory.
  • S0002: Skill in allocating storage capacity in the design of data management systems.
  • S0013: Skill in conducting queries and developing algorithms to analyze data structures.
  • S0037: Skill in generating queries and reports.
  • S0042: Skill in maintaining databases. (i.e., backup, restore, delete data, transaction log files, etc.). 
  • S0045: Skill in optimizing database performance.
  • T0008: Analyze and plan for anticipated changes in data capacity requirements.
  • T0137: Maintain database management systems software.
  • T0139: Maintain directory replication services that enable information to replicate automatically from rear servers to forward units via optimized routing.
  • T0140: Maintain information exchanges through publish, subscribe, and alert functions that enable users to send and receive critical information as required.
  • T0146: Manage the compilation, cataloging, caching, distribution, and retrieval of data.
  • T0152: Monitor and maintain databases to ensure optimal performance.
  • T0162: Perform backup and recovery of databases to ensure data integrity.
  • T0210: Provide recommendations on new database technologies and architectures.
  • T0305: Performs configuration management, problem management, capacity management, and financial management for databases and data management systems.
  • T0306: Supports incident management, service-level management, change management, release management, continuity management, and availability management for databases and data management systems.
  • T0330: Maintain assured message delivery systems.
  • T0422: Implement data management standards, requirements, and specifications.
  • T0459: Implement data mining and data warehousing applications.
  • T0490: Install and configure database management systems and software.