CISA Information Systems Security Manager


This role is responsible for the cybersecurity of a program, organization, system, or enclave. 

Personnel performing this role may unofficially or alternatively be called:

  • Information Systems Security Officer (ISSO)
  • Cybersecurity Officer
  • Enterprise Security Officer
  • Common Control Provider
  • Security Domain Specialist
  • Information Assurance Analyst
  • Information Assurance Security Manager
  • Information Assurance Security Officer
  • Information Systems Security Specialist
     

Category: Oversee and Govern
Specialty Area: Cybersecurity Management

 

Core Tasks

  • Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk. (T0001)
  • Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. (T0003)
  • Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture. (T0005)
  • Collect and maintain data needed to meet system cybersecurity reporting. (T0024)
  • Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. (T0025)
  • Ensure that security improvement actions are evaluated, validated, and implemented as required. (T0089)
  • Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. (T0091)
  • Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). (T0092)
  • Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed. (T0097)
  • Identify alternative information security strategies to address organizational security objective. (T0106)
  • Identify information technology (IT) security program implications of new technologies or technology upgrades. (T0115)
  • Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program. (T0133)
  • Manage the monitoring of information security data sources to maintain organizational situational awareness. (T0147)
  • Oversee the information security training and awareness program. (T0157)
  • Participate in an information security risk assessment during the Security Assessment and Authorization process. (T0158)
  • Participate in the development or modification of the computer environment cybersecurity program plans and requirements. (T0159)
  • Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations. (T0192)
  • Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents. (T0211)
  • Recognize a possible security violation and take appropriate action to report the incident, as required. (T0215)
  • Recommend resource allocations required to securely operate and maintain an organization’s cybersecurity requirements. (T0219)
  • Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered. (T0229)
  • Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. (T0234)
  • Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals. (T0248)
  • Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies. (T0254)
  • Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle. (T0263)
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. (T0264)
  • Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. (T0265)
  • Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). (T0275)
  • Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. (T0280)

Core Competencies

  • Business Continuity
  • Computer Network Defense
  • Database Administration
  • Encryption
  • Enterprise Architecture
  • Information Systems/Network Security
  • Information Technology Assessment
  • Legal, Government, and Jurisprudence
  • Network Management
  • Operating Systems
  • Policy Management
  • Risk Management
  • Technology Awareness
  • Threat Analysis
  • Vulnerabilities Assessment

Core Knowledge, Skills and Abilities (KSAs)

  • Knowledge of data backup and recovery. (K0021)
  • Knowledge of business continuity and disaster recovery continuity of operations plans. (K0026)
  • Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. (K0046)
  • Knowledge of controls related to the use, processing, storage, and transmission of data. (K0622)
  • Knowledge of encryption algorithms. (K0018)
  • Knowledge of the organization’s enterprise information technology (IT) goals and objectives. (K0101)
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). (K0179)
  • Knowledge of measures or indicators of system performance and availability. (K0053)
  • Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures. (K0168)
  • Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. (K0267)
  • Knowledge of network traffic analysis methods. (K0058)
  • Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. (K0180)
  • Knowledge of server and client operating systems. (K0077)
  • Skill in creating policies that reflect system security objectives. (S0018)
  • Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. (K0169)
  • Knowledge of new and emerging information technology (IT) and cybersecurity technologies. (K0059)
  • Knowledge of current and emerging threats/threat vectors. (K0151)
  • Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). (K0040)
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). (K0070)
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. (K0106)
  • Knowledge of penetration testing principles, tools, and techniques. (K0342)

 

How to Apply

To apply for this work role, submit an application to one or more of CISA's vacancy announcements. Please ensure your resume has been updated to reflect your demonstrated experience performing the above tasks and describe your exposure to the listed competencies.

  1. Assign the appropriate Task ID and/or Core KSA ID to each experience statement in your resume. Task and KSA IDs are listed in parenthesis at the end of each bullet above.
     
  2. You must also include demonstrated experience on the four required competencies:
  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

Was this document helpful?  Yes  |  Somewhat  |  No