CISA Program Manager (Cyber)

This role leads, coordinates, communicates, integrates, and is accountable for the overall success of the program, ensuring alignment with agency or enterprise priorities.

Personnel performing this work role may unofficially or alternatively be called:

  • Compliance Manager
  • Program Lead
  • IT Governance Manager/The Chair
  • Portfolio Manager
  • IT Infrastructure/Security Manager

Skill Community: Cross Functional
Category: Oversee and Govern
Specialty Area: Program/Project Management and Acquisition
Work Role Code: 801

Core Tasks

  • Develop and maintain strategic plans. (T0066)
  • Perform needs analysis to determine opportunities for new and improved business process solutions. (T0174)
  • Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. (T0199)
  • Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. (T0277)
  • Act as a primary stakeholder in the underlying information technology (IT) operational processes and functions that support the service, provide direction and monitor all significant activities so the service is delivered successfully. (T0340)
  • Manage the internal relationship with information technology (IT) process owners supporting the service, assisting with the definition and agreement of Operating Level Agreements (OLAs). (T0379)
  • Participate in the acquisition process as necessary. (T0407)
  • Lead and oversee budget, staffing, and contracting. (T0493)

Core Competencies

  • Contracting/Procurement
  • Enterprise Architecture
  • Organizational Awareness
  • Project Management
  • Risk Management
  • Strategic Planning
  • Third Party Oversight/ Acquisition Management

Core Knowledge, Skills, Abilities (KSAs)

  • Ability to oversee the development and update of the lifecycle cost estimate. (A0039)
  • Knowledge of resource management principles and techniques. (K0072)
  • Knowledge of the organization’s enterprise information technology (IT) goals and objectives. (K0101)
  • Knowledge of the organization's core business/mission processes. (K0146)
  • Knowledge of risk threat assessment. (K0165)
  • Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). (K0200)
  • Knowledge of how to leverage government research and development centers, think tanks, academic research, and industry systems. (K0235)
  • Knowledge of information technology (IT) acquisition/procurement requirements. (K0257)
  • Knowledge of the acquisition/procurement life cycle process. (K0270)

Join the Mission

CISA is always searching for diverse, talented, and highly motivated professionals to continue its mission of securing the nation’s critical infrastructure. CISA is more than a great place to work; our workforce tackles the risks and threats that matter most to the nation, our families, and communities.

To join this mission, visit USAJOBs and/or the DHS Cybersecurity Service to view job announcements and to access the application. Be sure to tailor your resume to the specific job announcement, attach relevant documents, and complete all required assessments. 

When applying for CISA’s cyber positions, please review CISA’s cyber roles above and update your resume to align your experience with the listed competencies. Your resume must also show demonstrated cyber/IT related experience in:

  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

To receive email notifications when new CISA positions are announced, set up a “saved search” on USAJOBs with keyword “Cybersecurity and Infrastructure Security Agency.”

Individuals eligible for special hiring authorities may also be considered during CISA’s one-stop hiring events or by emailing or

Was this webpage helpful?  Yes  |  Somewhat  |  No