OG-WRL-001
Communications Security (COMSEC) Management OPM Code: 723

Provides leadership, management, direction, and advocacy so the organization may effectively manage cybersecurity-related risks to the enterprise and conduct cybersecurity work.

Responsible for managing the Communications Security (COMSEC) resources of an organization.

Code Description Work Roles
T1015 Identify roles and responsibilities for appointed Communications Security (COMSEC) personnel 1
T1016 Identify Communications Security (COMSEC) incidents 1
T1017 Report Communications Security (COMSEC) incidents 1
T1018 Identify in-process accounting requirements for Communications Security (COMSEC) 1
T1020 Determine the operational and safety impacts of cybersecurity lapses 37
T1022 Review enterprise information technology (IT) goals and objectives 9
T1023 Identify critical technology procurement requirements 11
T1058 Advise senior management on risk levels and security posture 3
T1059 Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements 5
T1060 Advise senior management on organizational cybersecurity efforts 5
T1088 Communicate the value of cybersecurity to organizational stakeholders 4
T1113 Develop the enterprise continuity of operations strategy 3
T1114 Establish the enterprise continuity of operations program 3
T1178 Determine if security improvement actions are evaluated, validated, and implemented as required 2
T1186 Establish enterprise information security architecture 2
T1300 Report cybersecurity incidents 2
T1310 Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered 3
Code Description Work Roles
K0018 Knowledge of encryption algorithms 10
K0671 Knowledge of Communications Security (COMSEC) policies and procedures 1
K0672 Knowledge of the Communications Security (COMSEC) Material Control System (CMCS) 1
K0673 Knowledge of types of Communications Security (COMSEC) incidents 1
K0674 Knowledge of computer networking protocols 40
K0675 Knowledge of risk management processes 41
K0676 Knowledge of cybersecurity laws and regulations 41
K0677 Knowledge of cybersecurity policies and procedures 41
K0678 Knowledge of privacy laws and regulations 41
K0679 Knowledge of privacy policies and procedures 41
K0680 Knowledge of cybersecurity principles and practices 40
K0681 Knowledge of privacy principles and practices 40
K0682 Knowledge of cybersecurity threats 40
K0683 Knowledge of cybersecurity vulnerabilities 40
K0684 Knowledge of cybersecurity threat characteristics 40
K0709 Knowledge of business continuity and disaster recovery (BCDR) policies and procedures 5
K0721 Knowledge of risk management principles and practices 19
K0724 Knowledge of incident response principles and practices 8
K0725 Knowledge of incident response tools and techniques 8
K0726 Knowledge of incident handling tools and techniques 8
K0731 Knowledge of systems security engineering (SSE) principles and practices 13
K0746 Knowledge of policy-based access controls 15
K0747 Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC) 15
K0749 Knowledge of process engineering principles and practices 13
K0751 Knowledge of system threats 40
K0752 Knowledge of system vulnerabilities 40
K0758 Knowledge of server administration principles and practices 13
K0765 Knowledge of software engineering principles and practices 15
K0771 Knowledge of system life cycle management principles and practices 9
K0779 Knowledge of systems engineering processes 14
K0798 Knowledge of program management principles and practices 2
K0799 Knowledge of project management principles and practices 2
K0803 Knowledge of supply chain risk management principles and practices 17
K0834 Knowledge of technology procurement principles and practices 11
K0840 Knowledge of hardware reverse engineering tools and techniques 15
K0842 Knowledge of software reverse engineering tools and techniques 15
K0851 Knowledge of reverse engineering principles and practices 15
K0865 Knowledge of data classification standards and best practices 18
K0866 Knowledge of data classification tools and techniques 18
K0928 Knowledge of systems engineering principles and practices 13
K0931 Knowledge of data-at-rest encryption (DAR) standards and best practices 2
K0932 Knowledge of cryptographic key storage systems and software 2
K0934 Knowledge of data classification policies and procedures 18
K0947 Knowledge of computer engineering principles and practices 14
K0983 Knowledge of computer networking principles and practices 39
K1014 Knowledge of network security principles and practices 40
K1050 Knowledge of critical information requirements 8
K1077 Knowledge of data security controls 6
K1084 Knowledge of data privacy controls 6
K1171 Knowledge of mission assurance practices and principles 3
K1179 Knowledge of organization's security strategy 2
Code Description Work Roles
S0486 Skill in implementing enterprise key escrow systems 2
S0574 Skill in developing security system controls 11
S0578 Skill in evaluating security designs 9
S0596 Skill in encrypting network communications 3
S0619 Skill in auditing technical systems 3
S0657 Skill in implementing Public Key Infrastructure (PKI) encryption 5
S0658 Skill in implementing digital signatures 5
S0841 Skill in identifying possible security violations 2
S0850 Skill in performing cost/benefit analysis 4
S0858 Skill in performing economic analysis 4
S0878 Skill in performing risk analysis 9