Cyber Policy and Strategy Planner

Work Role ID: 752  |  Workforce Element: Cyberspace Enablers (Support) Leadership

What does this work role do? Develops cyberspace plans, strategy and policy to support and align with organizational cyberspace missions and initiatives.

CORE KSATs
KSAT ID Description KSAT
22 * Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge
88A Knowledge of current and emerging cyber technologies. Knowledge
108 * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge
282A Knowledge of emerging technologies that have potential for exploitation by adversaries. Knowledge
320A Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development). Knowledge
410A Analyze organizational cyber policy. Task
424B Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities. Task
492A Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization’s strategic plan. Task
565A Draft, staff, and publish cyber policy. Task
720A Monitor the rigorous application of cyber policies, principles, and practices in the delivery of planning and management services. Task
812A Provide policy guidance to cyber management, staff, and users. Task
840A Review, conduct, or participate in audits of cyber programs and projects. Task
854A Support the CIO in the formulation of cyber-related policies. Task
1027A Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy. Task
1036 Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed. Knowledge
1157 * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. Knowledge
1158 * Knowledge of cybersecurity principles. Knowledge
1159 * Knowledge of cyber threats and vulnerabilities. Knowledge
5020 Advocate for adequate funding for cyber training resources, to include both internal and industry-provided courses, instructors, and related materials. Task
5560 Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization’s mission, vision, and goals. Task
6100 Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities. Ability
6140 Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues. Ability
6270 Knowledge of full spectrum cyber capabilities. Knowledge
6900 * Knowledge of specific operational impacts of cybersecurity lapses. Knowledge
6935 * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). Knowledge
6938 * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. Knowledge
ADDITIONAL KSATs
KSAT ID Description KSAT
105 Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Knowledge
244 Ability to determine the validity of technology trend data. Ability
297A Knowledge of industry indicators useful for identifying technology trends. Knowledge
336 Knowledge of the nature and function of the relevant information structure (e.g., National Information Infrastructure). Knowledge
485A Define and integrate current and future mission environments. Task
539 Develop policy, programs, and guidelines for implementation. Task
594 Establish and maintain communication channels with stakeholders. Task
724A Seek consensus on proposed policy changes from stakeholders. Task
838 Review existing and proposed policies with stakeholders. Task
847 Serve on agency and interagency policy boards. Task
942 Knowledge of the organization’s core business/mission processes. Knowledge
1125 Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration. Knowledge
5300 Ensure cyber workforce management policies and processes comply with legal and organizational requirements regarding equal opportunity, diversity, and fair hiring/employment practices. Task
5620 Review/Assess cyber workforce effectiveness to adjust skill and/or qualification standards. Task
6210 Knowledge of cloud service models and possible limitations for an incident response. Knowledge
6410 Knowledge of strategic theory and practice. Knowledge