Executive Cyber Leader

Executive Cyber Leader Work Role ID: 901 (NIST: OV-EX-001) Workforce Element: Cyberspace Enablers / Leadership

Executes decision-making authorities and establishes vision and direction for an organization’s cyber and cyber-related policies, resources, and/or operations, while maintaining responsibility for risk-related decisions affecting mission success.


Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
10

Knowledge of application vulnerabilities.

Knowledge
15A

Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.

Knowledge
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
105

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
150

Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.

Knowledge
173

Skill in creating policies that reflect system security objectives.

Skill
321A

Knowledge of industry technologies and how differences affect exploitation/vulnerabilities.

Knowledge
391

Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.

Task
392

Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program.

Task
395

Advise senior management (e.g., CIO) on risk levels and security posture.

Task
396

Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, and systems, and elements.

Task
424B

Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities.

Task
445

Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.

Task
475

Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.

Task
492A

Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization’s strategic plan.

Task
524

Develop and maintain strategic plans.

Task
542A

Develop mitigation strategies to address cost, schedule, performance, and security risks.

Task
599

Evaluate contracts to ensure compliance with funding, legal, and program requirements.

Task
600

Evaluate cost benefit, economic, and risk analysis in decision making process.

Task
674

Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information.

Task
679

Lead and align information technology (IT) security priorities with the security strategy.

Task
680A

Lead and oversee budget, staffing, and contracting.

Task
680

Lead and oversee information security budget, staffing, and contracting.

Task
711

Monitor and evaluate the effectiveness of the enterprise’s cybersecurity safeguards to ensure they provide the intended level of protection.

Task
737B

Perform an information security risk assessment.

Task
797

Provide advice on project costs, design concepts, or design changes.

Task
801

Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans.

Task
801A

Provide enterprise cybersecurity and supply chain risk management guidance.

Task
807

Provide input on security requirements to be included in statements of work and other appropriate procurement documents.

Task
810

Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.

Task
848

Recommend policy and coordinate review and approval.

Task
852

Supervise or manage protective or corrective measures when an cybersecurity incident or vulnerability is discovered.

Task
919

Promote awareness of security issues among management and ensure sound security principles are reflected in the organization’s vision and goals.

Task
947

Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.

Task
952

Knowledge of emerging security issues, risks, and vulnerabilities.

Knowledge
962

Identify security requirements specific to an information technology (IT) system in all phases of the System Life Cycle.

Task
963

Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.

Task
979

Knowledge of supply chain risk management standards, processes, and practices.

Knowledge
1004A

Knowledge of information technology (IT) acquisition/procurement requirements.

Knowledge
1018

Ensure all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.

Task
1041

Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate.

Task
1061A

Knowledge of the acquisition/procurement life cycle process.

Knowledge
1125

Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.

Knowledge
1148B

Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.

Task
1148

Develop contract language to ensure supply chain, system, network, and operational security are met.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
2090

Collaborate with other internal and external partner organizations on target access and operational issues.

Task
2091

Collaborate with other team members or partner organizations to develop a diverse program of information materials (e.g., web pages, briefings, print materials).

Task
2416

Facilitate interactions between internal and external partner decision makers to synchronize and integrate courses of action in support of objectives.

Task
2558

Maintain relationships with internal and external partners involved in cyber planning or related areas.

Task
2624

Conduct long-range, strategic planning efforts with internal and external partners in cyber activities.

Task
2823

Serve as a liaison with external partners.

Task
2839

Supervise and assign work to programmers, designers, technologists and technicians and other engineering and scientific personnel.

Task
2894

Collaborate across internal and/or external organizational lines to enhance collection, analysis and dissemination.

Task
3011

Ability to apply critical reading/thinking skills.

Ability
3044

Ability to exercise judgment when policies are not well-defined.

Ability
3057

Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.

Ability
3076

Ability to tailor technical and planning information to a customer’s level of understanding.

Ability
3077

Ability to think critically.

Ability
3994

Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.

Ability
5170

Coordinate with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets.

Task
5560

Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization’s mission, vision, and goals.

Task
5767

Collaborate on cyber privacy and security policies and procedures.

Task
5768

Collaborate with cyber security personnel on the security risk assessment process to address privacy compliance and risk mitigation.

Task
5820

Appoint and guide a team of IT security experts.

Task
5825

Collaborate with key stakeholders to establish a cybersecurity risk management program

Task
6100

Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.

Ability
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge
6915

Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience).

Skill
6920

Ability to ensure information security management processes are integrated with strategic and operational planning processes.

Ability
6921

Ability to ensure that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control.

Ability
6922

Ability to prioritize and allocate cybersecurity resources correctly and efficiently.

Ability
6923

Ability to relate strategy, business, and technology in the context of organizational dynamics.

Ability
6925

Ability to understand the basic concepts and issues related to cyber and its organizational impact.

Ability
6926

Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list).

Knowledge
6935

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

Knowledge
6938

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge
6947

Skill to anticipate new security threats.

Skill
6948

Skill to remain aware of evolving technical infrastructures.

Skill
6949

Skill to use critical thinking to analyze organizational patterns and relationships.

Skill
7110

Ability to understand technology, management, and leadership issues related to organization processes and problem solving.

Ability

Additional KSATs

KSAT ID Description KSAT
325

Knowledge of secure acquisitions (e.g., relevant Contracting Officer’s Technical Representative [COTR] duties, secure procurement, supply chain risk management).

Knowledge
398

Advocate organization’s official position in legal and legislative proceedings.

Task
706

Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, NTSM, MTOs) for the enterprise constituency.

Task
949

Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.

Task
954

Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.

Knowledge
955B

Review and approve a supply chain security/risk management policy.

Task
965

Knowledge of organization’s risk tolerance and/or risk management approach.

Knowledge
1004

Knowledge of critical information technology (IT) procurement requirements.

Knowledge
2058

Assist and advise inter-agency partners in identifying and developing best practices for facilitating operational support to achievement of organization objectives.

Task
2328

Develop, maintain, and assess cyber cooperation security agreements with external partners.

Task
2443

Identify and manage security cooperation priorities with external partners.

Task
5763

Act as, or work with, counsel relating to business partner contracts.

Task
6160

Ability to oversee the development and update of the lifecycle cost estimate.

Ability
6930

Knowledge of cyber competitions as a way of developing skills by providing hands-on experience in simulated, real-world situations.

Knowledge