IT Investment/Portfolio Manager

Manages a portfolio of IT investments that align with the overall needs of mission and enterprise priorities.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Knowledge of cybersecurity and privacy principles.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of Risk Management Framework (RMF) requirements.
  • Knowledge of resource management principles and techniques.
  • Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
  • Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
  • Knowledge of the organization's core business/mission processes.
  • Knowledge of supply chain risk management standards, processes, and practices.
  • Knowledge of risk/threat assessment.
  • Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • Knowledge of how to leverage research and development centers, think tanks, academic research, and industry systems.
  • Knowledge of information technology (IT) acquisition/procurement requirements.
  • Knowledge of the acquisition/procurement life cycle process.
  • Skill to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise.
  • Ability to oversee the development and update of the life cycle cost estimate.
  • Resolve conflicts in laws, regulations, policies, standards, or procedures.
  • Review or conduct audits of information technology (IT) programs and projects.
  • Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
  • Develop contract language to ensure supply chain, system, network, and operational security are met.
  • Gather feedback on customer satisfaction and internal service performance to foster continual improvement.
  • Ensure that supply chain, system, network, performance, and cybersecurity requirements are included in contract language and delivered.
  • Lead and oversee budget, staffing, and contracting.
  • Draft and publish supply chain security and risk management documents.