Understanding the cybersecurity aspects of the job in sufficient depth to be effective and efficient.

Learning and teaching others about the risks, objectives, tools, controls and priorities.

Appreciating the broader implications of cybersecurity (including events, incidents and breaches) on users, colleagues, the business and society at large. 

Liaising with specialist colleagues e.g. risk and incident management, privacy officer, development teams, customer supply chain security reviewers, suppliers, facilities ...

Reporting and discussing status, progress, issues and concerns.

Describing and debating potential security improvements and handling changes.

Evaluating products (goods and services), and managing security as an integral part of the organisation's products.

Writing policies, procedures, guidelines, work instructions, scripts, utilities etc., whether specifically on cybersecurity topics or the security element of others.