Executive Cyber Leader

Executes decision-making authorities and establishes vision and direction for an organization's cyber and cyber-related policies, resources, and/or operations, while maintaining responsibility for risk-related decisions affecting mission success.

Tasks

The concrete work activities defined for this role in the DCWF v5.1 spreadsheet. Core tasks are required for the role; additional tasks are associated but not mandatory.

• T1018 additional Ensure all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
• T1041 additional Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate.
• T1148 additional Develop contract language to ensure supply chain, system, network, and operational security are met.
• T1148B additional Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.
• T2058 additional Assist and advise inter-agency partners in identifying and developing best practices for facilitating operational support to achievement of organization objectives.
• T2090 additional Collaborate with other internal and external partner organizations on target access and operational issues.
• T2091 additional Collaborate with other team members or partner organizations to develop a diverse program of information materials (e.g., web pages, briefings, print materials).
• T2328 additional Develop, maintain, and assess cyber cooperation security agreements with external partners.
• T2416 additional Facilitate interactions between internal and external partner decision makers to synchronize and integrate courses of action in support of objectives.
• T2443 additional Identify and manage security cooperation priorities with external partners.
• T2558 additional Maintain relationships with internal and external partners involved in cyber planning or related areas.
• T2624 additional Conduct long-range, strategic planning efforts with internal and external partners in cyber activities.
• T2823 additional Serve as a liaison with external partners.
• T2839 additional Supervise and assign work to programmers, designers, technologists and technicians, and other engineering and scientific personnel.
• T2894 additional Collaborate across internal and/or external organizational lines to enhance collection, analysis and dissemination.
• T391 additional Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
• T392 additional Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program.
• T395 additional Advise senior management (e.g., CIO) on risk levels and security posture.
• T396 additional Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements.
• T398 additional Advocate organization's official position in legal and legislative proceedings.
• T424B additional Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities.
• T445 additional Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
• T475 additional Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
• T492A additional Design/integrate a cyber strategy that outlines the vision, mission, and goals that align with the organization's strategic plan.
• T5170 additional Coordinate with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets.
• T524 additional Develop and maintain strategic plans.
• T542A additional Develop mitigation strategies to address cost, schedule, performance, and security risks.
• T5560 additional Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization's mission, vision, and goals.
• T5763 additional Act as, or work with, counsel relating to business partner contracts.
• T5767 additional Collaborate on cyber privacy and security policies and procedures.
• T5768 additional Collaborate with cybersecurity personnel on the security risk assessment process to address privacy compliance and risk mitigation.
• T5820 additional Appoint and guide a team of IT security experts.
• T5825 additional Collaborate with key stakeholders to establish a cybersecurity risk management program
• T599 additional Evaluate contracts to ensure compliance with funding, legal, and program requirements.
• T600 additional Evaluate cost benefit, economic, and risk analysis in decision making process.
• T674 additional Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information.
• T679 additional Lead and align information technology (IT) security priorities with the security strategy.
• T680 additional Lead and oversee information security budget, staffing, and contracting.
• T680A additional Lead and oversee budget, staffing, and contracting.
• T706 additional Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, NTSM, MTOs) for the enterprise constituency.
• T711 additional Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure they provide the intended level of protection.
• T737B additional Perform an information security risk assessment.
• T797 additional Provide advice on project costs, design concepts, or design changes.
• T801 additional Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans.
• T801A additional Provide enterprise cybersecurity and supply chain risk management guidance.
• T807 additional Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
• T810 additional Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.
• T848 additional Recommend policy and coordinate review and approval.
• T852 additional Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
• T919 additional Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• T947 additional Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• T949 additional Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.
• T955B additional Review and approve a supply chain security/risk management policy.
• T962 additional Identify security requirements specific to an information technology (IT) system in all phases of the System Life Cycle.
• T963 additional Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.

Knowledge, Skills, and Abilities

KSA statements define what a person filling this role knows or can do. "Knowledge" is what they must know, "Skill" is what they can perform, and "Ability" is a durable capacity they bring to the work.

• A3011 ability core Ability to apply critical reading/thinking skills.
• A3044 ability core Ability to exercise judgment when policies are not well-defined.
• A3057 ability core Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
• A3076 ability core Ability to tailor technical and planning information to a customer’s level of understanding.
• A3077 ability core Ability to think critically.
• A3994 ability core Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.
• A6100 ability core Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
• A6920 ability core Ability to ensure information security management processes are integrated with strategic and operational planning processes.
• A6921 ability core Ability to ensure that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control.
• A6922 ability core Ability to prioritize and allocate cybersecurity resources correctly and efficiently.
• A6923 ability core Ability to relate strategy, business, and technology in the context of organizational dynamics.
• A6925 ability core Ability to understand the basic concepts and issues related to cyber and its organizational impact.
• A7110 ability core Ability to understand technology, management, and leadership issues related to organization processes and problem solving.
• K0010 knowledge core Knowledge of application vulnerabilities.
• K0105 knowledge core Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• K0150 knowledge core Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
• K015A knowledge core Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
• K0952 knowledge core Knowledge of emerging security issues, risks, and vulnerabilities.
• K0979 knowledge core Knowledge of supply chain risk management standards, processes, and practices.
• K1004A knowledge core Knowledge of information technology (IT) acquisition/procurement requirements.
• K1061A knowledge core Knowledge of the acquisition/procurement life cycle process.
• K1125 knowledge core Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
• K321A knowledge core Knowledge of industry technologies and how differences affect exploitation/vulnerabilities.
• K6926 knowledge core Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list).
• S173 skill core Skill in creating policies that reflect system security objectives.
• S6915 skill core Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience).
• S6947 skill core Skill to anticipate new security threats.
• S6948 skill core Skill to remain aware of evolving technical infrastructures.
• S6949 skill core Skill to use critical thinking to analyze organizational patterns and relationships.
• A6160 ability additional Ability to oversee the development and update of the lifecycle cost estimate.
• K0325 knowledge additional Knowledge of secure acquisitions (e.g., relevant Contracting Officer's Technical Representative [COTR] duties, secure procurement, supply chain risk management).
• K0954 knowledge additional Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.
• K0965 knowledge additional Knowledge of organization's risk tolerance and/or risk management approach.
• K1004 knowledge additional Knowledge of critical information technology (IT) procurement requirements.
• K6930 knowledge additional Knowledge of cyber competitions as a way of developing skills by providing hands-on experience in simulated, real-world situations.

Other roles in this element