Cyber Workforce Developer and Manager

Develop cyberspace workforce plans, strategies and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements.

Tasks

The concrete work activities defined for this role in the DCWF v5.1 spreadsheet. Core tasks are required for the role; additional tasks are associated but not mandatory.

• T1027A additional Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy.
• T410A additional Analyze organizational cyber policy.
• T424B additional Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities.
• T485A additional Define and integrate current and future mission environments.
• T492A additional Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization's strategic plan.
• T5020 additional Advocate for adequate funding for cyber training resources, to include both internal and industry-provided courses, instructors, and related materials.
• T5160 additional Coordinate with internal and external subject matter experts to ensure existing qualification standards reflect organizational functional requirements and meet industry standards.
• T5170 additional Coordinate with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets.
• T5230 additional Develop and implement standardized position descriptions based on established cyber work roles.
• T5240 additional Develop and review recruiting, hiring, and retention procedures in accordance with current Human Resource (HR) policies.
• T5250 additional Develop cyber career field classification structure to include establishing career field entry requirements and other nomenclature such as codes and identifiers.
• T5290 additional Ensure cyber career fields are managed in accordance with organizational Human Resource (HR) policies and directives.
• T5330 additional Establish and collect metrics to monitor and validate cyber workforce readiness including analysis of cyber workforce data to assess the status of positions identified, filled, and filled with qualified personnel.
• T5340 additional Establish and oversee waiver processes for cyber career field entry and training qualification requirements.
• T5350 additional Establish cyber career paths to allow career progression, deliberate development, and growth within and between cyber career fields.
• T5360 additional Establish manpower, personnel, and qualification data element standards to support cyber workforce management and reporting requirements.
• T5370 additional Establish, resource, implement, and assess cyber workforce management programs in accordance with organizational requirements.
• T539 additional Develop policy, programs, and guidelines for implementation.
• T5560 additional Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization's mission, vision, and goals.
• T5590 additional Review and apply cyber career field qualification standards.
• T5600 additional Review and apply organizational policies related to or having an effect on the cyber workforce.
• T5620 additional Review/Assess cyber workforce effectiveness to adjust skill and/or qualification standards.
• T5630 additional Support integration of qualified cyber workforce personnel into information systems lifecycle development processes.
• T565A additional Draft, staff, and publish cyber policy.
• T594 additional Establish and maintain communication channels with stakeholders.
• T629A additional Identify and address cyber workforce planning and management issues (e.g. recruitment, retention, and training).
• T641 additional Identify organizational policy stakeholders.
• T720A additional Monitor the rigorous application of cyber policies, principles, and practices in the delivery of planning and management services.
• T724A additional Seek consensus on proposed policy changes from stakeholders.
• T812A additional Provide policy guidance to cyber management, staff, and users.
• T838 additional Review existing and proposed policies with stakeholders.
• T840A additional Review, conduct, or participate in audits of cyber programs and projects.
• T847 additional Serve on agency and interagency policy boards.
• T854A additional Support the CIO in the formulation of cyber-related policies.
• T955B additional Review and approve a supply chain security/risk management policy.

Knowledge, Skills, and Abilities

KSA statements define what a person filling this role knows or can do. "Knowledge" is what they must know, "Skill" is what they can perform, and "Ability" is a durable capacity they bring to the work.

• A6040 ability core Ability to assess and forecast manpower requirements to meet organizational objectives.
• A6100 ability core Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
• A6140 ability core Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues.
• K320A knowledge core Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).
• K6250 knowledge core Knowledge of Workforce Framework, work roles, and associated tasks, knowledge, skills, and abilities.
• S6560 skill core Skill in developing workforce and position qualification standards.
• A244A ability additional Ability to determine the validity of workforce trend data.
• A6800 ability additional Ability to develop career path opportunities.
• K0105 knowledge additional Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• K0336 knowledge additional Knowledge of the nature and function of the relevant information structure (e.g., National Information Infrastructure).
• K088A knowledge additional Knowledge of current and emerging cyber technologies.
• K0942 knowledge additional Knowledge of the organization's core business/mission processes.
• K1036 knowledge additional Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed.
• K282A knowledge additional Knowledge of emerging technologies that have potential for exploitation by adversaries.
• K297A knowledge additional Knowledge of industry indicators useful for identifying technology trends.
• K6270 knowledge additional Knowledge of full spectrum cyber capabilities.
• K6340 knowledge additional Knowledge of organizational human resource policies, processes, and procedures.
• K6360 knowledge additional Knowledge of organizational training and education policies, processes, and procedures.
• S6740 skill additional Skill in using manpower and personnel IT systems.

Other roles in this element