Skip to main content
US flag signifying that this is a United States Federal Government website

Official website of the Cybersecurity and Infrastructure Security Agency

Here’s how you know

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Initiative for Cybersecurity Careers and Studies
Utility Menu - Refresh
  • About
  • Contact
  • Subscribe(link is external)
    • Beginners
    • K-12 Teachers
    • Students
    • School Administrators
    • Veterans
    • Colleges & Universities
    • Education & Training Catalog
    • CISA Learning
    • Add Your Courses to NICCS
    • Cybersecurity Workforce Development and Training
    • NICCS Training Frequently Asked Questions
    • NICE Workforce Framework for Cybersecurity (NICE Framework)
    • NICE Framework Mapping Tool
    • Cyber Career Pathways Tool
    • Career Pathways Roadmap
    • Cybersecurity Career Map
    • DHS PushButtonPD™ Tool
    • Certifications
    • Scholarships
    • Internships & Apprenticeships
    • Competitions & Games
    • Glossary
    • Additional Resources
    • News
    • Events
    • Featured Stories
  • About
  • Contact
  • Subscribe
Breadcrumb
  1. Interactive Tools
  2. NICE Workforce Framework for Cybersecurity (NICE Framework)
  3. Work Role Search
  4. Communications Security (COMSEC) Management

Communications Security (COMSEC) Management

Responsible for managing the Communications Security (COMSEC) resources of an organization.

Oversight and Governance
OG-WRL-001
  • T1015: Identify roles and responsibilities for appointed Communications Security (COMSEC) personnel
  • T1016: Identify Communications Security (COMSEC) incidents
  • T1017: Report Communications Security (COMSEC) incidents
  • T1018: Identify in-process accounting requirements for Communications Security (COMSEC)
  • T1020: Determine the operational and safety impacts of cybersecurity lapses
  • T1022: Review enterprise information technology (IT) goals and objectives
  • T1023: Identify critical technology procurement requirements
  • T1058: Advise senior management on risk levels and security posture
  • T1059: Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
  • T1060: Advise senior management on organizational cybersecurity efforts
  • T1088: Communicate the value of cybersecurity to organizational stakeholders
  • T1113: Develop the enterprise continuity of operations strategy
  • T1114: Establish the enterprise continuity of operations program
  • T1178: Determine if security improvement actions are evaluated, validated, and implemented as required
  • T1186: Establish enterprise information security architecture
  • T1300: Report cybersecurity incidents
  • T1310: Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered
  • K0018: Knowledge of encryption algorithms
  • K0671: Knowledge of Communications Security (COMSEC) policies and procedures
  • K0672: Knowledge of the Communications Security (COMSEC) Material Control System (CMCS)
  • K0673: Knowledge of types of Communications Security (COMSEC) incidents
  • K0674: Knowledge of computer networking protocols
  • K0675: Knowledge of risk management processes
  • K0676: Knowledge of cybersecurity laws and regulations
  • K0677: Knowledge of cybersecurity policies and procedures
  • K0678: Knowledge of privacy laws and regulations
  • K0679: Knowledge of privacy policies and procedures
  • K0680: Knowledge of cybersecurity principles and practices
  • K0681: Knowledge of privacy principles and practices
  • K0682: Knowledge of cybersecurity threats
  • K0683: Knowledge of cybersecurity vulnerabilities
  • K0684: Knowledge of cybersecurity threat characteristics
  • K0709: Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
  • K0721: Knowledge of risk management principles and practices
  • K0724: Knowledge of incident response principles and practices
  • K0725: Knowledge of incident response tools and techniques
  • K0726: Knowledge of incident handling tools and techniques
  • K0731: Knowledge of systems security engineering (SSE) principles and practices
  • K0746: Knowledge of policy-based access controls
  • K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
  • K0749: Knowledge of process engineering principles and practices
  • K0751: Knowledge of system threats
  • K0752: Knowledge of system vulnerabilities
  • K0758: Knowledge of server administration principles and practices
  • K0765: Knowledge of software engineering principles and practices
  • K0771: Knowledge of system life cycle management principles and practices
  • K0779: Knowledge of systems engineering processes
  • K0798: Knowledge of program management principles and practices
  • K0799: Knowledge of project management principles and practices
  • K0803: Knowledge of supply chain risk management principles and practices
  • K0834: Knowledge of technology procurement principles and practices
  • K0840: Knowledge of hardware reverse engineering tools and techniques
  • K0842: Knowledge of software reverse engineering tools and techniques
  • K0851: Knowledge of reverse engineering principles and practices
  • K0865: Knowledge of data classification standards and best practices
  • K0866: Knowledge of data classification tools and techniques
  • K0928: Knowledge of systems engineering principles and practices
  • K0931: Knowledge of data-at-rest encryption (DARE) standards and best practices
  • K0932: Knowledge of cryptographic key storage systems and software
  • K0934: Knowledge of data classification policies and procedures
  • K0947: Knowledge of computer engineering principles and practices
  • K0983: Knowledge of computer networking principles and practices
  • K1014: Knowledge of network security principles and practices
  • K1050: Knowledge of critical information requirements
  • K1077: Knowledge of data security controls
  • K1084: Knowledge of data privacy controls
  • K1171: Knowledge of mission assurance practices and principles
  • K1179: Knowledge of organization's security strategy
  • S0486: Skill in implementing enterprise key escrow systems
  • S0574: Skill in developing security system controls
  • S0578: Skill in evaluating security designs
  • S0596: Skill in encrypting network communications
  • S0619: Skill in auditing technical systems
  • S0657: Skill in implementing Public Key Infrastructure (PKI) encryption
  • S0658: Skill in implementing digital signatures
  • S0841: Skill in identifying possible security violations
  • S0850: Skill in performing cost/benefit analysis
  • S0858: Skill in performing economic analysis
  • S0878: Skill in performing risk analysis

Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 2.0.0)

Related Courses

  • Certified in the Governance of Enterprise IT (CGEIT)
    ISACA
    Online, Self-Paced
  • Certified Chief Information Security Officer (CCISO)
    EC-Council
    Online, Instructor-Led; Online, Self-Paced
  • Cybersecurity Professional Training
    ComputerMinds.com
    Classroom
  • Information Systems Security Professional
    ComputerMinds.com
    Classroom
  • Cryptography of Blockchain
    Florida Atlantic University
    Online, Instructor-Led
  • Cryptography and Information Security
    Florida Atlantic University
    Online, Instructor-Led
Search for more courses related to “Communications Security (COMSEC) Management” »
  • Work Role Categories
  • Competency Areas
  • Work Role Search
  • Task Search
  • Knowledge Search
  • Skill Search
Return to top
  • Plain Writing
  • NICCS Policy
  • Sitemap
  • Glossary
National Initiative for Cybersecurity Careers and Studies
Follow us on CISA's Social Media
Facebook
X
Instagram
LinkedIn
Contact Us
NICCS@mail.cisa.dhs.gov
Cybersecurity and Infrastructure Security Agency Seal

CISA.gov

An official website of the Cybersecurity and Infrastructure Security Agency

Identifier links
  • About CISA
  • Accessibility
  • Budget and Performance
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
Looking for U.S. government information and services?
Visit USA.gov
The Task Statements accordion was closed.

You have been selected to participate in a brief survey about your experience today with National Initiative for Cybersecurity Careers and Studies.

Would you like to participate in our survey?

If you accept you will be leaving the National Initiative for Cybersecurity Careers and Studies website and going to a third party site.
That site may have different privacy, security and accessibility policies than the National Initiative for Cybersecurity Careers and Studies site.
National Initiative for Cybersecurity Careers and Studies does not endorse any commercial products, services, programs or content on the third party website.
Thank you for visiting our site. We hope your visit was informative and enjoyable.