OV-PMA-002 IT Project Manager

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT)(including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life cycle.

Directly manages information technology projects.

Knowledges 29

Code Description Work Roles
K0001 Knowledge of computer networking concepts and protocols, and network security methodologies. 52
K0002 Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 52
K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 52
K0004 Knowledge of cybersecurity and privacy principles. 52
K0005 Knowledge of cyber threats and vulnerabilities. 52
K0006 Knowledge of specific operational impacts of cybersecurity lapses. 52
K0012 Knowledge of capabilities and requirements analysis. 3
K0043 Knowledge of industry-standard and organizationally accepted analysis principles and methods. 7
K0047 Knowledge of information technology (IT) architectural concepts and frameworks. 4
K0048 Knowledge of Risk Management Framework (RMF) requirements. 8
K0059 Knowledge of new and emerging information technology (IT) and cybersecurity technologies. 12
K0072 Knowledge of resource management principles and techniques. 7
K0090 Knowledge of system life cycle management principles, including software security and usability. 10
K0101 Knowledge of the organization’s enterprise information technology (IT) goals and objectives. 8
K0120 Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise. 6
K0126 Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161) 14
K0146 Knowledge of the organization's core business/mission processes. 10
K0148 Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk. 4
K0154 Knowledge of supply chain risk management standards, processes, and practices. 7
K0164 Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes). 4
K0165 Knowledge of risk/threat assessment. 5
K0169 Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. 14
K0194 Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration. 5
K0196 Knowledge of Import/Export Regulations related to cryptography and other security technologies. 3
K0198 Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions). 6
K0200 Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). 11
K0235 Knowledge of how to leverage research and development centers, think tanks, academic research, and industry systems. 5
K0257 Knowledge of information technology (IT) acquisition/procurement requirements. 5
K0270 Knowledge of the acquisition/procurement life cycle process. 5

Skills 2

Code Description Work Roles
S0038 Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system. 5
S0372 Skill to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise. 5

Abilities 4

Code Description Work Roles
A0009 Ability to apply supply chain risk management standards. 3
A0039 Ability to oversee the development and update of the life cycle cost estimate. 4
A0045 Ability to evaluate/ensure the trustworthiness of the supplier and/or product. 3
A0056 Ability to ensure security practices are followed throughout the acquisition process. 6

Tasks 25

Code Description Work Roles
T0273 Develop and document supply chain risks for critical system elements, as appropriate. 4
T0277 Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. 6
T0340 Act as a primary stakeholder in the underlying information technology (IT) operational processes and functions that support the service, provide direction and monitor all significant activities so the service is delivered successfully. 3
T0354 Coordinate and manage the overall service provided to a customer end-to-end. 3
T0370 Ensure that appropriate Service-Level Agreements (SLAs) and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service. 2
T0377 Gather feedback on customer satisfaction and internal service performance to foster continual improvement. 4
T0379 Manage the internal relationship with information technology (IT) process owners supporting the service, assisting with the definition and agreement of Operating Level Agreements (OLAs). 2
T0389 Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up. 3
T0394 Work with other service managers and product owners to balance and prioritize services to meet overall customer requirements, constraints, and objectives. 2
T0407 Participate in the acquisition process as necessary. 2
T0412 Conduct import/export reviews for acquiring systems and software. 4
T0414 Develop supply chain, system, network, performance, and cybersecurity requirements. 3
T0415 Ensure that supply chain, system, network, performance, and cybersecurity requirements are included in contract language and delivered. 4
T0481 Identify and address cyber workforce planning and management issues (e.g. recruitment, retention, and training). 3
T0493 Lead and oversee budget, staffing, and contracting. 4
T0551 Draft and publish supply chain security and risk management documents. 4
T0072 Develop methods to monitor and measure risk, compliance, and assurance efforts. 4
T0174 Perform needs analysis to determine opportunities for new and improved business process solutions. 4
T0196 Provide advice on project costs, design concepts, or design changes. 4
T0199 Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. 3
T0207 Provide ongoing optimization and problem-solving support. 4
T0208 Provide recommendations for possible improvements and upgrades. 3
T0220 Resolve conflicts in laws, regulations, policies, standards, or procedures. 6
T0223 Review or conduct audits of information technology (IT) programs and projects. 5
T0256 Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements. 5