Target Developer

Work Role ID: 131 | Workforce Element: Cyberspace Effects

What does this role do? Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.

CORE KSATs

KSAT ID	Description	KSAT
22	* Knowledge of computer networking concepts and protocols, and network security methodologies.	Knowledge
108	* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).	Knowledge
1056	Knowledge of operations security.	Knowledge
1157	* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.	Knowledge
1158	* Knowledge of cybersecurity principles.	Knowledge
1159	* Knowledge of cyber threats and vulnerabilities.	Knowledge
2001	Accurately characterize targets.	Task
2076	Build and maintain electronic target folders.	Task
2087	Collaborate with intelligence analysts/targeting organizations involved in related areas.	Task
2089	Collaborate with other customer, Intelligence and targeting organizations involved in related cyber areas.	Task
2121	Conduct nodal analysis.	Task
2134	Conduct target research and analysis.	Task
2170	Coordinate target vetting with appropriate partners.	Task
2249	Develop all-source intelligence targeting materials.	Task
2289	Develop measures of effectiveness and measures of performance.	Task
2429	Generate requests for information.	Task
2458	Identify critical target elements.	Task
2728	Provide aim point and re-engagement recommendations.	Task
2768	Provide targeting products and targeting support as designated.	Task
2770	Provide time sensitive targeting support.	Task
2779	Review appropriate information sources to determine validity and relevance of information gathered.	Task
2818	Sanitize and minimize information to protect sources and methods.	Task
2840	Support identification and documentation of collateral effects.	Task
2882	Work closely with planners, analysts, and collection managers to identify intelligence gaps and ensure intelligence requirements are accurate and up-to-date.	Task
3001	Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.	Ability
3002	Ability to focus research efforts to meet the customer’s decision-making needs.	Ability
3020	Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information.	Ability
3022	Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.	Ability
3039	Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.	Ability
3043	Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.	Ability
3044	Ability to exercise judgment when policies are not well-defined.	Ability
3047	Ability to function effectively in a dynamic, fast-paced environment.	Ability
3048	Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—in order to leverage analytical and technical expertise.	Ability
3052	Ability to identify intelligence gaps.	Ability
3073	Ability to recognize and mitigate cognitive biases which may affect analysis.	Ability
3074	Ability to recognize and mitigate deception in reporting and analysis.	Ability
3077	Ability to think critically.	Ability
3078	Knowledge of target methods and procedures.	Knowledge
3081	Ability to utilize multiple intelligence sources across all intelligence disciplines.	Ability
3106	Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless).	Knowledge
3161	Knowledge of collateral damage and estimating impact(s).	Knowledge
3197	Knowledge of criticality and vulnerability factors (e.g., value, recuperation, cushion, countermeasures) for target selection and applicability to the cyber domain.	Knowledge
3250	Knowledge of dynamic and deliberate targeting.	Knowledge
3271	Knowledge of internal and external partner cyber operations capabilities and tools.	Knowledge
3281	Knowledge of governing authorities for targeting.	Knowledge
3334	Knowledge of intelligence confidence levels.	Knowledge
3335	Knowledge of intelligence disciplines.	Knowledge
3342	Knowledge of intelligence support to planning, execution, and assessment.	Knowledge
3368	Knowledge of legal considerations in targeting.	Knowledge
3504	Knowledge of threat and/or target systems.	Knowledge
3527	Knowledge of target development (i.e., concepts, roles, responsibilities, products, etc.).	Knowledge
3528	Knowledge of specific target identifiers, and their usage.	Knowledge
3530	Knowledge of target list development (i.e. RTL, JTL, CTL, etc.).	Knowledge
3533	Knowledge of target vetting and validation procedures.	Knowledge
3584	Knowledge of intelligence preparation of the environment and similar processes.	Knowledge
3587	Knowledge of targeting cycles.	Knowledge
3691	Skill in assessing and/or estimating effects generated during and after cyber operations.	Skill
3788	Skill in identifying alternative analytical interpretations in order to minimize unanticipated outcomes.	Skill
3793	Skill in identifying critical target elements, to include critical target elements for the cyber domain.	Skill
3842	Skill in performing target system analysis.	Skill
3844	Skill in preparing and presenting briefings.	Skill
3851	Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.	Skill
3880	Skill in reviewing and editing target materials.	Skill
3885	Skill in fusion analysis	Skill
3893	Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).	Skill
3907	Skill in using targeting databases and software packages.	Skill
3910	Skill in using Boolean operators to construct simple and complex queries.	Skill
3920	Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).	Skill
3938	Skill in utilizing feedback in order to improve processes, products, and services.	Skill
3946	Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).	Skill
6900	* Knowledge of specific operational impacts of cybersecurity lapses.	Knowledge

ADDITIONAL KSATs

KSAT ID	Description	KSAT
52	Knowledge of human-computer interaction principles.	Knowledge
87	Knowledge of network traffic analysis methods.	Knowledge
264	Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).	Knowledge
912	Knowledge of collection management processes, capabilities, and limitations.	Knowledge
2059	Provide expertise to course of action development.	Task
2066	Provide expertise to the development of measures of effectiveness and measures of performance.	Task
2195	Maintain awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology.	Task
2243	Determine what technologies are used by a given target.	Task
2292	Develop munitions effectiveness assessment or operational assessment materials.	Task
2378	Estimate operational effects generated through cyber activities.	Task
2382	Evaluate available capabilities against desired effects in order to recommend efficient solutions.	Task
2441	Identify and evaluate threat critical capabilities, requirements, and vulnerabilities.	Task
2515	Initiate requests to guide tasking and assist with collection management.	Task
2565	Maintain target lists (i.e., RTL, JTL, CTL, etc.).	Task
2677	Perform targeting automation activities.	Task
2685	Develop website characterizations.	Task
2716	Produce target system analysis products.	Task
2730	Provide analyses and support for effectiveness assessment.	Task
2749	Provide input for targeting effectiveness assessments for leadership acceptance.	Task
2760	Provide operations and re-engagement recommendations.	Task
2767	Provide target recommendations which meet leadership objectives.	Task
3095	Knowledge of internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).	Knowledge
3107	Knowledge of a wide range of concepts associated with websites (e.g., website types, administration, functions, software systems, etc.).	Knowledge
3129	Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).	Knowledge
3137	Knowledge of basic malicious activity concepts (e.g., foot printing, scanning and enumeration).	Knowledge
3155	Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc.	Knowledge
3158	Knowledge of cyber operation objectives, policies, and legalities.	Knowledge
3173	Knowledge of operational effectiveness assessment.	Knowledge
3177	Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).	Knowledge
3188	Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).	Knowledge
3225	Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).	Knowledge
3253	Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).	Knowledge
3262	Knowledge of evolving/emerging communications technologies.	Knowledge
3274	Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber attack, cyber defense), principles, capabilities, limitations, and effects.	Knowledge
3277	Knowledge of general SCADA system components.	Knowledge
3286	Knowledge of host-based security products and how they affect exploitation and vulnerability.	Knowledge
3291	Knowledge of how internet applications work (SMTP email, web-based email, chat clients, VOIP).	Knowledge
3292	Knowledge of how modern digital and telephony networks impact cyber operations.	Knowledge
3293	Knowledge of how modern wireless communications systems impact cyber operations.	Knowledge
3298	Knowledge of how to extract, analyze, and use metadata.	Knowledge
3337	Knowledge of intelligence production processes.	Knowledge
3343	Knowledge of cyber intelligence/information collection capabilities and repositories.	Knowledge
3349	Knowledge of intrusion sets.	Knowledge
3367	Knowledge of all applicable statutes, laws, regulations and policies governing cyber targeting and exploitation.	Knowledge
3372	Knowledge of malware analysis and characteristics.	Knowledge
3419	Knowledge of organization or partner exploitation of digital networks.	Knowledge
3441	Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.	Knowledge
3446	Knowledge of analytical constructs and their use in assessing the operational environment.	Knowledge
3529	Knowledge of target estimated repair and recuperation times.	Knowledge
3535	Knowledge of TCP/IP networking protocols.	Knowledge
3539	Knowledge of telecommunications fundamentals.	Knowledge
3543	Knowledge of the basic structure, architecture, and design of modern communication networks.	Knowledge
3545	Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).	Knowledge
3561	Knowledge of the common networking and routing protocols(e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.	Knowledge
3593	Knowledge of internal and external partner intelligence processes and the development of information requirements and essential information.	Knowledge
3615	Knowledge of the structure and intent of organization specific plans, guidance and authorizations.	Knowledge
3630	Knowledge of the ways in which targets or threats use the Internet.	Knowledge
3659	Knowledge of wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems.	Knowledge
3689	Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses).	Skill
3699	Skill in conducting research using deep web.	Skill
3704	Skill in conducting non-attributable research.	Skill
3724	Skill in defining and characterizing all pertinent aspects of the operational environment.	Skill
3737	Skill in determining appropriate targeting options through the evaluation of available capabilities against desired effects.	Skill
3742	Skill in determining the physical location of network devices.	Skill
3770	Skill in evaluating available capabilities against desired effects in order to provide effective courses of action.	Skill
3772	Skill in evaluating information for reliability, validity, and relevance.	Skill
3794	Skill in identifying cyber threats which may jeopardize organization and/or partner interests.	Skill
3915	Skill in using geospatial data and applying geospatial resources.	Skill
3921	Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.	Skill
3953	Skill in writing effectiveness reports.	Skill