Cyber Workforce Developer and Manager

Cyber Workforce Developer and Manager Work Role ID: 751 (NIST: OV-PL-001) Category/Specialty Area: Oversee & Govern / Strategic Planning and Policy Workforce Element: Cyberspace Enablers / Leadership

Develop cyberspace workforce plans, strategies and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements.


Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
320A

Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).

Knowledge
492A

Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization’s strategic plan.

Task
629A

Identify and address cyber workforce planning and management issues (e.g. recruitment, retention, and training).

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
5020

Advocate for adequate funding for cyber training resources, to include both internal and industry-provided courses, instructors, and related materials.

Task
5160

Coordinate with internal and external subject matter experts to ensure existing qualification standards reflect organizational functional requirements and meet industry standards.

Task
5230

Develop and implement standardized position descriptions based on established cyber work roles.

Task
5250

Develop cyber career field classification structure to include establishing career field entry requirements and other nomenclature such as codes and identifiers.

Task
5290

Ensure cyber career fields are managed in accordance with organizational Human Resource (HR) policies and directives.

Task
5300

Ensure cyber workforce management policies and processes comply with legal and organizational requirements regarding equal opportunity, diversity, and fair hiring/employment practices.

Task
5330

Establish and collect metrics to monitor and validate cyber workforce readiness including analysis of cyber workforce data to assess the status of positions identified, filled, and filled with qualified personnel.

Task
5350

Establish cyber career paths to allow career progression, deliberate development, and growth within and between cyber career fields.

Task
5360

Establish manpower, personnel, and qualification data element standards to support cyber workforce management and reporting requirements.

Task
5370

Establish, resource, implement, and assess cyber workforce management programs in accordance with organizational requirements.

Task
5590

Review and apply cyber career field qualification standards.

Task
5600

Review and apply organizational policies related to or having an effect on the cyber workforce.

Task
5620

Review/Assess cyber workforce effectiveness to adjust skill and/or qualification standards.

Task
5630

Support integration of qualified cyber workforce personnel into information systems lifecycle development processes.

Task
6040

Ability to assess and forecast manpower requirements to meet organizational objectives.

Ability
6100

Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.

Ability
6140

Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues.

Ability
6250

Knowledge of Workforce Framework, work roles, and associated tasks, knowledge, skills, and abilities.

Knowledge
6560

Skill in developing workforce and position qualification standards.

Skill
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
88A

Knowledge of current and emerging cyber technologies.

Knowledge
105

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Knowledge
244A

Ability to determine the validity of workforce trend data.

Ability
282A

Knowledge of emerging technologies that have potential for exploitation by adversaries.

Knowledge
297A

Knowledge of industry indicators useful for identifying technology trends.

Knowledge
336

Knowledge of the nature and function of the relevant information structure (e.g., National Information Infrastructure).

Knowledge
410A

Analyze organizational cyber policy.

Task
424B

Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities.

Task
485A

Define and integrate current and future mission environments.

Task
539

Develop policy, programs, and guidelines for implementation.

Task
565A

Draft, staff, and publish cyber policy.

Task
594

Establish and maintain communication channels with stakeholders.

Task
641

Identify organizational policy stakeholders.

Task
720A

Monitor the rigorous application of cyber policies, principles, and practices in the delivery of planning and management services.

Task
724A

Seek consensus on proposed policy changes from stakeholders.

Task
812A

Provide policy guidance to cyber management, staff, and users.

Task
838

Review existing and proposed policies with stakeholders.

Task
840A

Review, conduct, or participate in audits of cyber programs and projects.

Task
847

Serve on agency and interagency policy boards.

Task
854A

Support the CIO in the formulation of cyber-related policies.

Task
942

Knowledge of the organization’s core business/mission processes.

Knowledge
955B

Review and approve a supply chain security/risk management policy.

Task
1027A

Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy.

Task
1036

Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed.

Knowledge
5170

Coordinate with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets.

Task
5240

Develop and review recruiting, hiring, and retention procedures in accordance with current Human Resource (HR) policies.

Task
5340

Establish and oversee waiver processes for cyber career field entry and training qualification requirements.

Task
5560

Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization’s mission, vision, and goals.

Task
6270

Knowledge of full spectrum cyber capabilities.

Knowledge
6340

Knowledge of organizational human resource policies, processes, and procedures.

Knowledge
6360

Knowledge of organizational training and education policies, processes, and procedures.

Knowledge
6740

Skill in using manpower and personnel IT systems.

Skill
6800

Ability to develop career path opportunities.

Ability