The Information Systems Security Manager is responsible for the cybersecurity program of an organization.
| SN | Code | Category | Responsibilities | |
|---|---|---|---|---|
| 1 | 1 | T0001 | Tasks | Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk. |
| 2 | 2 | T0002 | Tasks | Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program. |
| 3 | 3 | T0003 | Tasks | Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. |
| 4 | 4 | T0004 | Tasks | Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements. |
| 5 | 5 | T0005 | Tasks | Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture. |
| 6 | 6 | T0024 | Tasks | Collect and maintain data needed to meet system cybersecurity reporting. |
| 7 | 7 | T0025 | Tasks | Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. |
| 8 | 8 | T0044 | Tasks | Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. |
| 9 | 9 | T0089 | Tasks | Ensure that security improvement actions are evaluated, validated, and implemented as required. |
| 10 | 10 | T0091 | Tasks | Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. |
| 11 | 11 | T0092 | Tasks | Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). |
| 12 | 12 | T0093 | Tasks | Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. |
| 13 | 13 | T0095 | Tasks | Establish overall enterprise information security architecture (EISA) with the organization’s overall security strategy. |
| 14 | 14 | T0097 | Tasks | Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed. |
| 15 | 15 | T0099 | Tasks | Evaluate cost/benefit, economic, and risk analysis in decision-making process. |
| 16 | 16 | T0106 | Tasks | Identify alternative information security strategies to address organizational security objective. |
| 17 | 17 | T0115 | Tasks | Identify information technology (IT) security program implications of new technologies or technology upgrades. |
| 18 | 18 | T0130 | Tasks | Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information. |
| 19 | 19 | T0132 | Tasks | Interpret and/or approve security requirements relative to the capabilities of new information technologies. |
| 20 | 20 | T0133 | Tasks | Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program. |
| 21 | 21 | T0134 | Tasks | Lead and align information technology (IT) security priorities with the security strategy. |
| 22 | 22 | T0135 | Tasks | Lead and oversee information security budget, staffing, and contracting. |
| 23 | 23 | T0147 | Tasks | Manage the monitoring of information security data sources to maintain organizational situational awareness. |
| 24 | 24 | T0148 | Tasks | Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, NTSM, MTOs) for the enterprise constituency. |
| 25 | 25 | T0149 | Tasks | Manage threat or target analysis of cyber defense information and production of threat information within the enterprise. |
| 26 | 26 | T0151 | Tasks | Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. |
| 27 | 27 | T0157 | Tasks | Oversee the information security training and awareness program. |
| 28 | 28 | T0158 | Tasks | Participate in an information security risk assessment during the Security Assessment and Authorization process. |
| 29 | 29 | T0159 | Tasks | Participate in the development or modification of the computer environment cybersecurity program plans and requirements. |
| 30 | 30 | T0192 | Tasks | Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations. |
| 31 | 31 | T0199 | Tasks | Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. |
| 32 | 32 | T0206 | Tasks | Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. |
| 33 | 33 | T0211 | Tasks | Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents. |
| 34 | 34 | T0213 | Tasks | Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to higher headquarters. |
| 35 | 35 | T0215 | Tasks | Recognize a possible security violation and take appropriate action to report the incident, as required. |
| 36 | 36 | T0219 | Tasks | Recommend resource allocations required to securely operate and maintain an organization’s cybersecurity requirements. |
| 37 | 37 | T0227 | Tasks | Recommend policy and coordinate review and approval. |
| 38 | 38 | T0229 | Tasks | Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered. |
| 39 | 39 | T0234 | Tasks | Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. |
| 40 | 40 | T0239 | Tasks | Use federal and organization-specific published documents to manage operations of their computing environment system(s). |
| 41 | 41 | T0248 | Tasks | Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals. |
| 42 | 42 | T0254 | Tasks | Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies. |
| 43 | 43 | T0255 | Tasks | Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk. |
| 44 | 44 | T0256 | Tasks | Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements. |
| 45 | 45 | T0263 | Tasks | Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle. |
| 46 | 46 | T0264 | Tasks | Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. |
| 47 | 47 | T0265 | Tasks | Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. |
| 48 | 48 | T0275 | Tasks | Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). |
| 49 | 49 | T0276 | Tasks | Participate in the acquisition process as necessary, following appropriate supply chain risk management practices. |
| 50 | 50 | T0277 | Tasks | Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. |
| 51 | 51 | T0280 | Tasks | Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. |
| 52 | 52 | T0281 | Tasks | Forecast ongoing service demands and ensure that security assumptions are reviewed as necessary. |
| 53 | 53 | T0282 | Tasks | Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate. |
| 54 | 54 | K0001 | Knowledge | Knowledge of computer networking concepts and protocols, and network security methodologies. |
| 55 | 55 | K0002 | Knowledge | Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
| 56 | 56 | K0003 | Knowledge | Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
| 57 | 57 | K0004 | Knowledge | Knowledge of cybersecurity and privacy principles. |
| 58 | 58 | K0005 | Knowledge | Knowledge of cyber threats and vulnerabilities. |
| 59 | 59 | K0006 | Knowledge | Knowledge of specific operational impacts of cybersecurity lapses. |
| 60 | 60 | K0008 | Knowledge | Knowledge of applicable business processes and operations of customer organizations. |
| 61 | 61 | K0018 | Knowledge | Knowledge of encryption algorithms |
| 62 | 62 | K0021 | Knowledge | Knowledge of data backup and recovery. |
| 63 | 63 | K0026 | Knowledge | Knowledge of business continuity and disaster recovery continuity of operations plans. |
| 64 | 64 | K0033 | Knowledge | Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). |
| 65 | 65 | K0038 | Knowledge | Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data. |
| 66 | 66 | K0040 | Knowledge | Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). |
| 67 | 67 | K0042 | Knowledge | Knowledge of incident response and handling methodologies. |
| 68 | 68 | K0043 | Knowledge | Knowledge of industry-standard and organizationally accepted analysis principles and methods. |
| 69 | 69 | K0046 | Knowledge | Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. |
| 70 | 70 | K0048 | Knowledge | Knowledge of Risk Management Framework (RMF) requirements. |
| 71 | 71 | K0053 | Knowledge | Knowledge of measures or indicators of system performance and availability. |
| 72 | 72 | K0054 | Knowledge | Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities. |
| 73 | 73 | K0058 | Knowledge | Knowledge of network traffic analysis methods. |
| 74 | 74 | K0059 | Knowledge | Knowledge of new and emerging information technology (IT) and cybersecurity technologies. |
| 75 | 75 | K0061 | Knowledge | Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). |
| 76 | 76 | K0070 | Knowledge | Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). |
| 77 | 77 | K0072 | Knowledge | Knowledge of resource management principles and techniques. |
| 78 | 78 | K0076 | Knowledge | Knowledge of server administration and systems engineering theories, concepts, and methods. |
| 79 | 79 | K0077 | Knowledge | Knowledge of server and client operating systems. |
| 80 | 80 | K0087 | Knowledge | Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design. |
| 81 | 81 | K0090 | Knowledge | Knowledge of system life cycle management principles, including software security and usability. |
| 82 | 82 | K0092 | Knowledge | Knowledge of technology integration processes. |
| 83 | 83 | K0101 | Knowledge | Knowledge of the organization’s enterprise information technology (IT) goals and objectives. |
| 84 | 84 | K0106 | Knowledge | Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. |
| 85 | 85 | K0121 | Knowledge | Knowledge of information security program management and project management principles and techniques. |
| 86 | 86 | K0126 | Knowledge | Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161) |
| 87 | 87 | K0149 | Knowledge | Knowledge of organization's risk tolerance and/or risk management approach. |
| 88 | 88 | K0150 | Knowledge | Knowledge of enterprise incident response program, roles, and responsibilities. |
| 89 | 89 | K0151 | Knowledge | Knowledge of current and emerging threats/threat vectors. |
| 90 | 90 | K0163 | Knowledge | Knowledge of critical information technology (IT) procurement requirements. |
| 91 | 91 | K0167 | Knowledge | Knowledge of system administration, network, and operating system hardening techniques. |
| 92 | 92 | K0168 | Knowledge | Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures. |
| 93 | 93 | K0169 | Knowledge | Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. |
| 94 | 94 | K0170 | Knowledge | Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations. |
| 95 | 95 | K0179 | Knowledge | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
| 96 | 96 | K0180 | Knowledge | Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
| 97 | 97 | K0199 | Knowledge | Knowledge of security architecture concepts and enterprise architecture reference models (e.g., Zachman, Federal Enterprise Architecture [FEA]). |
| 98 | 98 | K0260 | Knowledge | Knowledge of Personally Identifiable Information (PII) data security standards. |
| 99 | 99 | K0261 | Knowledge | Knowledge of Payment Card Industry (PCI) data security standards. |
| 100 | 100 | K0262 | Knowledge | Knowledge of Personal Health Information (PHI) data security standards. |
| 101 | 101 | K0267 | Knowledge | Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. |
| 102 | 102 | K0287 | Knowledge | Knowledge of an organization's information classification program and procedures for information compromise. |
| 103 | 103 | K0332 | Knowledge | Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
| 104 | 104 | K0342 | Knowledge | Knowledge of penetration testing principles, tools, and techniques. |
| 105 | 105 | K0622 | Knowledge | Knowledge of controls related to the use, processing, storage, and transmission of data. |
| 106 | 106 | K0624 | Knowledge | Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list) |
| 107 | 107 | S0018 | Skills | Skill in creating policies that reflect system security objectives. |
| 108 | 108 | S0027 | Skills | Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
| 109 | 109 | S0086 | Skills | Skill in evaluating the trustworthiness of the supplier and/or product. |
| 110 | 110 | A0128 | Abilities | Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. |
| 111 | 111 | A0161 | Abilities | Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). |
| 112 | 112 | A0170 | Abilities | Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations. |
0 Comments
oldest
newest
most voted
Inline Feedbacks
View all comments