COMSEC Manager
Manages the Communications Security (COMSEC) resources of an organization (CNSSI No. 4009).
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
25 | Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]). |
Knowledge |
37 | Knowledge of disaster recovery continuity of operations plans. |
Knowledge |
55 | Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data. |
Knowledge |
61 | Knowledge of incident response and handling methodologies. |
Knowledge |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
395 | Advise senior management (e.g., CIO) on risk levels and security posture. |
Task |
578 | Ensure security improvement actions are evaluated, validated, and implemented as required. |
Task |
824 | Recognize a possible security violation and take appropriate action to report the incident, as required. |
Task |
852 | Supervise or manage protective or corrective measures when an cybersecurity incident or vulnerability is discovered. |
Task |
1141A | Knowledge of an organization’s information classification program and procedures for information compromise. |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
129 | Knowledge of system life cycle management principles, including software security and usability. |
Knowledge |
143 | Knowledge of the organizationās enterprise information technology (IT) goals and objectives. |
Knowledge |
183 | Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
Skill |
299 | Knowledge of information security program management and project management principles and techniques. |
Knowledge |
325 | Knowledge of secure acquisitions (e.g., relevant Contracting Officer’s Technical Representative [COTR] duties, secure procurement, supply chain risk management). |
Knowledge |
396 | Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, and systems, and elements. |
Task |
445 | Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. |
Task |
475 | Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. |
Task |
596 | Establish overall enterprise information security architecture (EISA) with the organizationās overall security strategy. |
Task |
600 | Evaluate cost benefit, economic, and risk analysis in decision making process. |
Task |
1004 | Knowledge of critical information technology (IT) procurement requirements. |
Knowledge |
1040A | Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure. |
Knowledge |