1037
Knowledge
Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.
Core KSAT for the following Work Roles
Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).
Responsible for the cybersecurity of a program, organization, system, or enclave.
Work that involves directly managing information technology projects to provide a unique service or product.
Manages the package of support functions required to field and maintain the readiness and operational capability of systems and components.
Additional KSAT for the following Work Roles
Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.
Manages a portfolio of IT capabilities that align with the overall needs of mission and business enterprise priorities.
Conducts evaluations of an IT program or its individual components, to determine compliance with published standards.
Leads, coordinates, communicates, integrates and is accountable for the overall success of the program, ensuring alignment with critical agency priorities.
Conducts software and systems engineering and software systems research in order to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37).
Plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.
Designs, develops, tests, and evaluates information systems throughout the systems development lifecycle.
Consults with customers to evaluate functional requirements and translate functional requirements into technical solutions.