| 345 |
Knowledge of web mail collection, searching/analyzing techniques, tools, and cookies. |
Knowledge |
| 363 |
Skill in identifying gaps in technical capabilities. |
Skill |
| 912 |
Knowledge of collection management processes, capabilities, and limitations. |
Knowledge |
| 915 |
Knowledge of front-end collection systems, including traffic collection, filtering, and selection. |
Knowledge |
| 2029A |
Apply and utilize authorized cyber capabilities to enable access to targeted networks. |
Task |
| 2033 |
Apply cyber collection, environment preparation and engagement expertise to enable new exploitation and/or continued collection operations, or in support of customer requirements. |
Task |
| 2040 |
Apply and obey applicable statutes, laws, regulations and policies. |
Task |
| 2072 |
Perform analysis for target infrastructure exploitation activities. |
Task |
| 2090 |
Collaborate with other internal and external partner organizations on target access and operational issues. |
Task |
| 2095 |
Communicate new developments, breakthroughs, challenges and lessons learned to leadership, and internal and external customers. |
Task |
| 2102 |
Conduct analysis of physical and logical digital technologies (e.g., wireless, SCADA, telecom) to identify potential avenues of access. |
Task |
| 2114 |
Conduct independent in-depth target and technical analysis including target-specific information (e.g., cultural, organizational, political) that results in access. |
Task |
| 2419 |
Collaborate with developers, conveying target and technical knowledge in tool requirements submissions, to enhance tool development. |
Task |
| 2461 |
Identify gaps in our understanding of target technology and developing innovative collection approaches. |
Task |
| 2490 |
Identify, locate, and track targets via geospatial analysis techniques. |
Task |
| 2534 |
Lead or enable exploitation operations in support of organization objectives and target requirements. |
Task |
| 2542 |
Maintain awareness of advancements in hardware and software technologies (e.g., attend training or conferences, reading) and their potential implications. |
Task |
| 2608 |
Monitor target networks to provide indications and warning of target communications changes or processing failures. |
Task |
| 2714 |
Produce network reconstructions. |
Task |
| 3001 |
Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. |
Ability |
| 3039 |
Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
Ability |
| 3043 |
Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products. |
Ability |
| 3055B |
Knowledge of basic implants. |
Knowledge |
| 3055A |
Ability to select the appropriate implant to achieve operational goals. |
Ability |
| 3101 |
Ability to expand network access by conducting target analysis and collection in order to identify targets of interest. |
Ability |
| 3113 |
Knowledge of target intelligence gathering and operational preparation techniques and life cycles. |
Knowledge |
| 3139 |
Knowledge of basic principles of the collection development processes (e.g., Dialed Number Recognition, Social Network Analysis). |
Knowledge |
| 3146 |
Knowledge of both internal and external customers and partner organizations, including information needs, objectives, structure, capabilities, etc. |
Knowledge |
| 3155 |
Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc. |
Knowledge |
| 3166 |
Knowledge of collection searching/analyzing techniques and tools for chat/buddy list, emerging technologies, VOIP, Media Over IP, VPN, VSAT/wireless, web mail and cookies. |
Knowledge |
| 3181 |
Knowledge of common reporting databases and tools. |
Knowledge |
| 3201 |
Knowledge of all relevant reporting and dissemination procedures. |
Knowledge |
| 3226 |
Knowledge of data flow process for terminal or environment collection. |
Knowledge |
| 3256 |
Knowledge of terminal or environmental collection (process, objectives, organization, targets, etc.). |
Knowledge |
| 3261 |
Knowledge of evasion strategies and techniques. |
Knowledge |
| 3296 |
Knowledge of how to collect, view, and identify essential information on targets of interest from metadata (e.g., email, http). |
Knowledge |
| 3349 |
Knowledge of intrusion sets. |
Knowledge |
| 3367 |
Knowledge of all applicable statutes, laws, regulations and policies governing cyber targeting and exploitation. |
Knowledge |
| 3386 |
Knowledge of midpoint collection (process, objectives, organization, targets, etc.). |
Knowledge |
| 3432 |
Knowledge of identification and reporting processes. |
Knowledge |
| 3454 |
Knowledge of products and nomenclature of major vendors (e.g., security suites – Trend Micro, Symantec, McAfee, Outpost, Panda, Kaspersky) and how differences affect exploitation/vulnerabilities. |
Knowledge |
| 3474 |
Knowledge of scripting |
Knowledge |
| 3505 |
Knowledge of strategies and tools for target research. |
Knowledge |
| 3525 |
Knowledge of organizational and partner policies, tools, capabilities, and procedures. |
Knowledge |
| 3542 |
Knowledge of the basic structure, architecture, and design of converged applications. |
Knowledge |
| 3622 |
Knowledge of organizational and partner authorities, responsibilities, and contributions to achieving objectives. |
Knowledge |
| 3637 |
Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications). |
Knowledge |
| 3678 |
Skill in analyzing traffic to identify network devices. |
Skill |
| 3715 |
Skill in creating and extracting important information from packet captures. |
Skill |
| 3718A |
Skill in creating collection requirements in support of data acquisition activities. |
Skill |
| 3718 |
Skill in creating plans in support of remote operations. |
Skill |
| 3726 |
Skill in depicting source or collateral data on a network map. |
Skill |
| 3741 |
Skill in determining the effect of various router and firewall configurations on traffic patterns and network performance in both LAN and WAN environments. |
Skill |
| 3774 |
Skill in evaluating accesses for intelligence value. |
Skill |
| 3803 |
Skill in identifying, locating, and tracking targets via geospatial analysis techniques |
Skill |
| 3810 |
Skill in interpreting compiled and interpretive programming languages. |
Skill |
| 3812 |
Skill in interpreting metadata and content as applied by collection systems. |
Skill |
| 3814 |
Skill in using trace route tools and interpreting the results as they apply to network analysis and reconstruction. |
Skill |
| 3818 |
Skill in generating operation plans in support of mission and target requirements. |
Skill |
| 3828 |
Skill in navigating network visualization software. |
Skill |
| 3837 |
Skill in performing data fusion from existing intelligence for enabling new and continued collection. |
Skill |
| 3860 |
Skill in recognizing and interpreting malicious network activity in traffic. |
Skill |
| 3863 |
Skill in recognizing midpoint opportunities and essential information. |
Skill |
| 3874 |
Skill in researching vulnerabilities and exploits utilized in traffic. |
Skill |
| 3894 |
Skill in target development in direct support of collection operations. |
Skill |
| 3913 |
Skill in using databases to identify target-relevant information. |
Skill |
| 3923 |
Skill in using non-attributable networks. |
Skill |
| 3950 |
Skill in writing (and submitting) requirements to meet gaps in technical capabilities. |
Skill |
