CISA IT Project Manager

This role directly manages information technology projects.

Personnel performing this work role may unofficially or alternatively be called:

  • IT/Cybersecurity Implementation Manager
  • Project Manager
  • Program Manager
  • Product Manager
  • Portfolio Manager

Skill Community: Cross Functional
Category: Oversee and Govern
Specialty Area: Program/Project Management and Acquisition
Work Role Code: 802

Core Tasks

  • Develop methods to monitor and measure risk, compliance, and assurance efforts. (T0072)
  • Perform needs analysis to determine opportunities for new and improved business process solutions. (T0174)
  • Provide advice on project costs, design concepts, or design changes. (T0196)
  • Provide ongoing optimization and problem-solving support. (T0207)
  • Provide recommendations for possible improvements and upgrades. (T0208)
  • Review or conduct audits of information technology (IT) programs and projects. (T0223)
  • Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements. (T0256)
  • Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. (T0277)
  • Act as a primary stakeholder in the underlying information technology (IT) operational processes and functions that support the service, provide direction and monitor all significant activities so the service is delivered successfully. (T0340)
  • Coordinate and manage the overall service provided to a customer end-to-end. (T0354)
  • Ensure that appropriate Service-Level Agreements (SLAs) and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service. (T0370)
  • Gather feedback on customer satisfaction and internal service performance to foster continual improvement. (T0377)
  • Manage the internal relationship with information technology (IT) process owners supporting the service, assisting with the definition and agreement of Operating Level Agreements (OLAs). (T0379)
  • Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up. (T0389)
  • Work with other service managers and product owners to balance and prioritize services to meet overall customer requirements, constraints, and objectives. (T0394)
  • Participate in the acquisition process as necessary. (T0407)
  • Ensure that supply chain, system, network, performance, and cybersecurity requirements are included in contract language and delivered. (T0415)
  • Lead and oversee budget, staffing, and contracting. (T0493)

Core Competencies

  • Contracting/ Procurement
  • Enterprise Architecture
  • Information Technology Assessment
  • Legal, Government, and Jurisprudence
  • Organizational Awareness
  • Process Control
  • Project Management
  • Requirements Analysis
  • Risk Management
  • Strategic Planning
  • Systems Integration
  • Technology Awareness
  • Third Party Oversight/ Acquisition Management

Core Knowledge, Skills, Abilities (KSAs)

  • Knowledge of information technology (IT) acquisition/procurement requirements. (K0257)
  • Knowledge of the acquisition/procurement life cycle process. (K0270)
  • Ability to ensure security practices are followed throughout the acquisition process. (A0056)
  • Knowledge of information technology (IT) architectural concepts and frameworks. (K0047)
  • Knowledge of the organization's enterprise information technology (IT) goals and objectives. (K0101)
  • Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). (K0200)
  • Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system. (S0038)
  • Knowledge of Import/Export Regulations related to cryptography and other security technologies. (K0196)
  • Knowledge of the organization's core business/mission processes. (K0146)
  • Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions). (K0198)
  • Knowledge of resource management principles and techniques. (K0072)
  • Knowledge of capabilities and requirements analysis. (K0012)
  • Knowledge of Risk Management Framework (RMF) requirements. (K0048)
  • Knowledge of supply chain risk management standards, processes, and practices. (K0154)
  • Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. (K0169)
  • Knowledge of how to leverage research and development centers, think tanks, academic research, and industry systems. (K0235)
  • Knowledge of system life cycle management principles, including software security and usability. (K0090)
  • Knowledge of new and emerging information technology (IT) and cybersecurity technologies. (K0059)
  • Ability to oversee the development and update of the life cycle cost estimate. (A0039)
  • Ability to evaluate/ensure the trustworthiness of the supplier and/or product. (A0045)

Join the Mission

CISA is always searching for diverse, talented, and highly motivated professionals to continue its mission of securing the nation’s critical infrastructure. CISA is more than a great place to work; our workforce tackles the risks and threats that matter most to the nation, our families, and communities.

To join this mission, visit USAJOBs and/or the DHS Cybersecurity Service to view job announcements and to access the application. Be sure to tailor your resume to the specific job announcement, attach relevant documents, and complete all required assessments. 

When applying for CISA’s cyber positions, please review CISA’s cyber roles above and update your resume to align your experience with the listed competencies. Your resume must also show demonstrated cyber/IT related experience in:

  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

To receive email notifications when new CISA positions are announced, set up a “saved search” on USAJOBs with keyword “Cybersecurity and Infrastructure Security Agency.

Individuals eligible for special hiring authorities may also be considered during CISA’s one-stop hiring events or by emailing or

Was this webpage helpful?  Yes  |  Somewhat  |  No