| 22 |
* Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
| 88A |
Knowledge of current and emerging cyber technologies. |
Knowledge |
| 108 |
* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
| 282A |
Knowledge of emerging technologies that have potential for exploitation by adversaries. |
Knowledge |
| 320A |
Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development). |
Knowledge |
| 410A |
Analyze organizational cyber policy. |
Task |
| 424B |
Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities. |
Task |
| 492A |
Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization’s strategic plan. |
Task |
| 565A |
Draft, staff, and publish cyber policy. |
Task |
| 720A |
Monitor the rigorous application of cyber policies, principles, and practices in the delivery of planning and management services. |
Task |
| 812A |
Provide policy guidance to cyber management, staff, and users. |
Task |
| 840A |
Review, conduct, or participate in audits of cyber programs and projects. |
Task |
| 854A |
Support the CIO in the formulation of cyber-related policies. |
Task |
| 1027A |
Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy. |
Task |
| 1036 |
Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed. |
Knowledge |
| 1157 |
* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
| 1158 |
* Knowledge of cybersecurity principles. |
Knowledge |
| 1159 |
* Knowledge of cyber threats and vulnerabilities. |
Knowledge |
| 5020 |
Advocate for adequate funding for cyber training resources, to include both internal and industry-provided courses, instructors, and related materials. |
Task |
| 5560 |
Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization’s mission, vision, and goals. |
Task |
| 6100 |
Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities. |
Ability |
| 6140 |
Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues. |
Ability |
| 6270 |
Knowledge of full spectrum cyber capabilities. |
Knowledge |
| 6900 |
* Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
| 6935 |
* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
| 6938 |
* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
