OG-WRL-015
Technology Portfolio Management OPM Code: 804

Provides leadership, management, direction, and advocacy so the organization may effectively manage cybersecurity-related risks to the enterprise and conduct cybersecurity work.

Responsible for managing a portfolio of technology investments that align with the overall needs of mission and enterprise priorities.

Code Description Work Roles
T0220 Resolve conflicts in laws, regulations, policies, standards, or procedures 5
T1020 Determine the operational and safety impacts of cybersecurity lapses 37
T1026 Determine procurement requirements 9
T1227 Manage cybersecurity budget, staffing, and contracting 8
T1306 Conduct technology program and project audits 7
T1369 Determine if acquisitions, procurement, and outsourcing efforts address cybersecurity requirements 6
T1394 Develop independent cybersecurity audit processes for application software, networks, and systems 7
T1395 Implement independent cybersecurity audit processes for application software, networks, and systems 7
T1396 Oversee independent cybersecurity audits 7
T1397 Determine if research and design processes and procedures are in compliance with cybersecurity requirements 7
T1398 Determine if research and design processes and procedures are accurately followed by cybersecurity staff when performing their day-to-day activities 7
T1399 Develop supply chain, system, network, and operational security contract language 5
T1472 Gather customer satisfaction and service performance feedback 4
T1498 Determine if cybersecurity requirements included in contracts are delivered 4
T1621 Prepare supply chain security reports 4
T1622 Prepare risk management reports 4
Code Description Work Roles
K0498 Knowledge of operational planning processes 6
K0674 Knowledge of computer networking protocols 40
K0675 Knowledge of risk management processes 41
K0676 Knowledge of cybersecurity laws and regulations 41
K0677 Knowledge of cybersecurity policies and procedures 41
K0678 Knowledge of privacy laws and regulations 41
K0679 Knowledge of privacy policies and procedures 41
K0680 Knowledge of cybersecurity principles and practices 40
K0681 Knowledge of privacy principles and practices 40
K0682 Knowledge of cybersecurity threats 40
K0683 Knowledge of cybersecurity vulnerabilities 40
K0684 Knowledge of cybersecurity threat characteristics 40
K0721 Knowledge of risk management principles and practices 19
K0734 Knowledge of Risk Management Framework (RMF) requirements 14
K0735 Knowledge of risk management models and frameworks 13
K0751 Knowledge of system threats 40
K0752 Knowledge of system vulnerabilities 40
K0754 Knowledge of resource management principles and practices 7
K0803 Knowledge of supply chain risk management principles and practices 17
K0820 Knowledge of supply chain risks 18
K0828 Knowledge of supply chain risk management standards and best practices 16
K0835 Knowledge of risk assessment principles and practices 8
K0836 Knowledge of threat assessment principles and practices 7
K0838 Knowledge of supply chain risk management policies and procedures 13
K0922 Knowledge of the acquisition life cycle models and frameworks 7
K0983 Knowledge of computer networking principles and practices 39
K1014 Knowledge of network security principles and practices 40
K1137 Knowledge of cybersecurity requirements 11
K1180 Knowledge of organizational cybersecurity goals and objectives 11
K1206 Knowledge of research and design processes and procedures 7
Code Description Work Roles
S0687 Skill in performing administrative planning activities 9
S0811 Skill in managing intelligence collection requirements 5