Attention: CISA Learning is now available for External Users! The Federal Virtual Training Environment (FedVTE) has been permanently decommissioned and replaced by CISA Learning. Please reference the CISA Learning page for the latest information. Please note: CISA Users should wait to access CISA Learning until the system is ready for internal use in the coming days.

OG-WRL-003

Cybersecurity Workforce Management

Responsible for developing cybersecurity workforce plans, assessments, strategies, and guidance, including cybersecurity-related staff training, education, and hiring processes. Makes adjustments in response to or in anticipation of changes to cybersecurity-related policy, technology, and staffing needs and requirements.Authors mandated workforce planning strategies to maintain compliance with legislation, regulation, and policy.

Task statements

T0116: Identify organizational policy stakeholders
T0226: Serve on agency and interagency policy boards
T0437: Correlate training and learning to business or mission requirements
T1020: Determine the operational and safety impacts of cybersecurity lapses
T1022: Review enterprise information technology (IT) goals and objectives
T1025: Implement organizational training and education policies and procedures
T1028: Research new vulnerabilities in emerging technologies
T1036: Integrate leadership priorities
T1038: Integrate organization objectives in intelligence collection
T1056: Acquire resources to support cybersecurity program goals and objectives
T1059: Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
T1060: Advise senior management on organizational cybersecurity efforts
T1088: Communicate the value of cybersecurity to organizational stakeholders
T1107: Evaluate functional requirements
T1113: Develop the enterprise continuity of operations strategy
T1114: Establish the enterprise continuity of operations program
T1158: Develop cybersecurity implementation policies and guidelines
T1184: Establish stakeholder communication channels
T1185: Maintain stakeholder communication channels
T1227: Manage cybersecurity budget, staffing, and contracting
T1306: Conduct technology program and project audits
T1335: Promote cybersecurity awareness to management
T1336: Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
T1357: Determine if cybersecurity requirements have been successfully implemented
T1358: Determine the effectiveness of organizational cybersecurity policies and procedures
T1394: Develop independent cybersecurity audit processes for application software, networks, and systems
T1395: Implement independent cybersecurity audit processes for application software, networks, and systems
T1396: Oversee independent cybersecurity audits
T1397: Determine if research and design processes and procedures are in compliance with cybersecurity requirements
T1398: Determine if research and design processes and procedures are accurately followed by cybersecurity staff when performing their day-to-day activities
T1436: Acquire adequate funding for cybersecurity training
T1446: Conduct learning needs assessments
T1447: Identify training requirements
T1449: Determine if qualification standards meet organizational functional requirements and comply with industry standards
T1450: Allocate and distribute human capital assets
T1459: Develop standardized cybersecurity position descriptions using the NICE Framework
T1460: Develop recruiting, hiring, and retention processes
T1461: Determine cybersecurity position requirements
T1462: Develop cybersecurity training policies and procedures
T1464: Determine if cybersecurity workforce management policies and procedures comply with legal and organizational requirements
T1466: Establish cybersecurity workforce readiness metrics
T1467: Establish waiver processes for cybersecurity career field entry and training qualification requirements
T1468: Establish organizational cybersecurity career pathways
T1469: Develop cybersecurity workforce reporting requirements
T1470: Establish cybersecurity workforce management programs
T1471: Assess cybersecurity workforce management programs
T1476: Promote awareness of cybersecurity policy and strategy among management
T1478: Determine cybersecurity career field qualification requirements
T1479: Determine organizational policies related to or influencing the cyber workforce
T1482: Conduct cybersecurity workforce assessments
T1483: Integrate cybersecurity workforce personnel into information systems life cycle development processes
T1492: Integrate laws and regulations into policy
T1518: Develop organizational cybersecurity strategy
T1543: Develop cybersecurity policies and procedures
T1552: Identify cyber workforce planning and management issues
T1553: Address cyber workforce planning and management issues
T1605: Advise management, staff, and users on cybersecurity policy
T1623: Develop supply chain cybersecurity risk management policy

Knowledge statements

K0640: Knowledge of the organizational cybersecurity workforce
K0644: Knowledge of cybersecurity operation policies and procedures
K0648: Knowledge of career paths
K0649: Knowledge of organizational career progressions
K0652: Knowledge of workforce trends
K0674: Knowledge of computer networking protocols
K0675: Knowledge of risk management processes
K0676: Knowledge of cybersecurity laws and regulations
K0677: Knowledge of cybersecurity policies and procedures
K0678: Knowledge of privacy laws and regulations
K0679: Knowledge of privacy policies and procedures
K0680: Knowledge of cybersecurity principles and practices
K0681: Knowledge of privacy principles and practices
K0682: Knowledge of cybersecurity threats
K0683: Knowledge of cybersecurity vulnerabilities
K0684: Knowledge of cybersecurity threat characteristics
K0691: Knowledge of cyber defense tools and techniques
K0692: Knowledge of vulnerability assessment tools and techniques
K0743: Knowledge of new and emerging technologies
K0751: Knowledge of system threats
K0752: Knowledge of system vulnerabilities
K0754: Knowledge of resource management principles and practices
K0773: Knowledge of telecommunications principles and practices
K0803: Knowledge of supply chain risk management principles and practices
K0818: Knowledge of new and emerging cybersecurity risks
K0820: Knowledge of supply chain risks
K0825: Knowledge of threat vector characteristics
K0828: Knowledge of supply chain risk management standards and best practices
K0831: Knowledge of network attack vectors
K0838: Knowledge of supply chain risk management policies and procedures
K0881: Knowledge of learning assessment tools and techniques
K0887: Knowledge of training policies and procedures
K0892: Knowledge of cyber defense laws and regulations
K0893: Knowledge of training systems and software
K0902: Knowledge of the NIST Workforce Framework for Cybersecurity (NICE Framework)
K0908: Knowledge of human resources policies and procedures
K0943: Knowledge of industry indicators
K0962: Knowledge of targeting laws and regulations
K0963: Knowledge of exploitation laws and regulations
K0969: Knowledge of cyber-attack tools and techniques
K0983: Knowledge of computer networking principles and practices
K0990: Knowledge of cyber operations principles and practices
K1014: Knowledge of network security principles and practices
K1023: Knowledge of network exploitation tools and techniques
K1098: Knowledge of personnel systems and software
K1137: Knowledge of cybersecurity requirements
K1140: Knowledge of cybersecurity workforce policies and procedures
K1171: Knowledge of mission assurance practices and principles
K1180: Knowledge of organizational cybersecurity goals and objectives
K1183: Knowledge of organizational cybersecurity policies and procedures
K1184: Knowledge of organizational cybersecurity workforce requirements
K1186: Knowledge of organizational human resource (HR) policies and procedures
K1206: Knowledge of research and design processes and procedures
K1209: Knowledge of risk mitigation principles and practices

Skill statements

S0393: Skill in developing assessments
S0394: Skill in developing security assessments
S0396: Skill in forecasting requirements
S0397: Skill in assessing requirements
S0398: Skill in analyzing organizational objectives
S0406: Skill in developing policy plans
S0410: Skill in creating career path definitions
S0411: Skill in developing career paths
S0422: Skill in evaluating workforce trends
S0497: Skill in developing client organization profiles
S0515: Skill in identifying partner capabilities
S0519: Skill in detecting exploitation activities
S0633: Skill in developing position qualification requirements
S0647: Skill in managing a workforce
S0686: Skill in performing risk assessments
S0821: Skill in collaborating with internal and external stakeholders
S0850: Skill in performing cost/benefit analysis
S0858: Skill in performing economic analysis
S0878: Skill in performing risk analysis
S0892: Skill in performing trend analysis

Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)