Program Manager

Work Role ID: 801 | Workforce Element: Cyberspace Enablers (Support) Acquisition

What does this work role do? Leads, coordinates, communicates, integrates and is accountable for the overall success of the program, ensuring alignment with critical agency priorities.

CORE KSATs

KSAT ID	Description	KSAT
22	* Knowledge of computer networking concepts and protocols, and network security methodologies.	Knowledge
108	* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).	Knowledge
143	Knowledge of the organization’s enterprise information technology (IT) goals and objectives.	Knowledge
801	Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans.	Task
1004A	Knowledge of information technology (IT) acquisition/procurement requirements.	Knowledge
1018	Ensure all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.	Task
1021	Knowledge of risk threat assessment.	Knowledge
1133	Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).	Knowledge
1157	* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.	Knowledge
1158	* Knowledge of cybersecurity principles.	Knowledge
1159	* Knowledge of cyber threats and vulnerabilities.	Knowledge
5010	Act as a primary stakeholder in the underlying information technology (IT) operational processes and functions that support the service, provide direction and monitor all significant activities so the service is delivered successfully.	Task
5410	Manage the internal relationship with information technology (IT) process owners supporting the service, assisting with the definition and agreement of operating level agreements (OLAs).	Task
6290	Knowledge of how to leverage government research and development centers, think tanks, academic research, and industry systems.	Knowledge
6900	* Knowledge of specific operational impacts of cybersecurity lapses.	Knowledge
6935	* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).	Knowledge
6938	* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.	Knowledge

ADDITIONAL KSATs

KSAT ID	Description	KSAT
68	Knowledge of information technology (IT) architectural concepts and frameworks.	Knowledge
69A	Knowledge of risk management processes and requirements per the Risk Management Framework (RMF).	Knowledge
69	Knowledge of Risk Management Framework (RMF) requirements.	Knowledge
107	Knowledge of resource management principles and techniques.	Knowledge
129	Knowledge of system life cycle management principles, including software security and usability.	Knowledge
203	Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.	Skill
296	Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.	Knowledge
325A	Ability to ensure security practices are followed throughout the acquisition process.	Ability
524	Develop and maintain strategic plans.	Task
537	Develop methods to monitor and measure risk, compliance, and assurance efforts.	Task
629A	Identify and address cyber workforce planning and management issues (e.g. recruitment, retention, and training).	Task
680A	Lead and oversee budget, staffing, and contracting.	Task
760	Perform needs analysis to determine opportunities for new and improved business process solutions.	Task
834	Resolve conflicts in laws, regulations, policies, standards, or procedures.	Task
840B	Review or conduct audits of programs and projects.	Task
942	Knowledge of the organization’s core business/mission processes.	Knowledge
949	Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.	Task
954	Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.	Knowledge
955A	Draft and publish supply chain security and risk management documents.	Task
979	Knowledge of supply chain risk management standards, processes, and practices.	Knowledge
1003	Develop and document supply chain risks for critical system elements, as appropriate.	Task
1005	Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).	Knowledge
1017A	Participate in the acquisition process as necessary.	Task
1037	Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.	Knowledge
1039A	Ability to evaluate/ensure the trustworthiness of the supplier and/or product.	Ability
1061A	Knowledge of the acquisition/procurement life cycle process.	Knowledge
1122	Ability to apply supply chain risk management standards.	Ability
1125	Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.	Knowledge
1127	Knowledge of Import/Export Regulations related to cryptography and other security technologies.	Knowledge
1130	Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).	Knowledge
1143A	Conduct import/export reviews for acquiring systems and software.	Task
1148A	Develop supply chain, system, network, performance, and cyber security requirements.	Task
1148B	Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.	Task
1148	Develop contract language to ensure supply chain, system, network, and operational security are met.	Task
5150	Coordinate and manage the overall service provided to a customer end-to-end.	Task
5380	Gather feedback on customer satisfaction and internal service performance to foster continual improvement.	Task
6160	Ability to oversee the development and update of the lifecycle cost estimate.	Ability