* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge of Risk Management Framework (RMF) requirements.

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.

Develop methods to monitor and measure risk, compliance, and assurance efforts.

Review or conduct audits of information technology (IT) programs and projects.

Skill in conducting audits or reviews of technical systems.

Conduct import/export reviews for acquiring systems and software.

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

* Knowledge of cybersecurity principles.

* Knowledge of cyber threats and vulnerabilities.

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge of industry-standard and organizationally accepted analysis principles and methods.

Knowledge of information technology (IT) architectural concepts and frameworks.

Knowledge of resource management principles and techniques.

Knowledge of system life cycle management principles, including software security and usability.

Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.

Ability to ensure security practices are followed throughout the acquisition process.

Provide ongoing optimization and problem solving support.

Provide recommendations for possible improvements and upgrades.

Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.

Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.

Knowledge of supply chain risk management standards, processes, and practices.

Knowledge of information technology (IT) acquisition/procurement requirements.

Knowledge of risk threat assessment.

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge of the acquisition/procurement life cycle process.

Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.

Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up.

Knowledge of how to leverage government research and development centers, think tanks, academic research, and industry systems.