| 22 |
* Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
| 52 |
Knowledge of human-computer interaction principles. |
Knowledge |
| 87 |
Knowledge of network traffic analysis methods. |
Knowledge |
| 108 |
* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
| 264 |
Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). |
Knowledge |
| 1056 |
Knowledge of operations security. |
Knowledge |
| 1157 |
* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
| 1158 |
* Knowledge of cybersecurity principles. |
Knowledge |
| 1159 |
* Knowledge of cyber threats and vulnerabilities. |
Knowledge |
| 2060A |
Maintain a common intelligence picture. |
Task |
| 2087 |
Collaborate with intelligence analysts/targeting organizations involved in related areas. |
Task |
| 2115 |
Conduct in-depth research and analysis. |
Task |
| 2288 |
Develop information requirements necessary for answering priority information requests. |
Task |
| 2379B |
Identify threats to Blue Force vulnerabilities. |
Task |
| 2429 |
Generate requests for information. |
Task |
| 2434 |
Identify threat tactics, and methodologies. |
Task |
| 2459 |
Identify intelligence gaps and shortfalls. |
Task |
| 2593 |
Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets. |
Task |
| 2594 |
Monitor and report on validated threat activities. |
Task |
| 2602 |
Monitor open source websites for hostile content directed towards organizational or partner interests. |
Task |
| 2603 |
Monitor operational environment and report on adversarial activities which fulfill leadership’s priority information requirements. |
Task |
| 2617 |
Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies). |
Task |
| 2735 |
Provide current intelligence support to critical internal/external stakeholders as appropriate. |
Task |
| 2754 |
Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations. |
Task |
| 2771 |
Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities. |
Task |
| 2789 |
Report intelligence-derived significant network events and intrusions. |
Task |
| 2881 |
Work closely with planners, intelligence analysts, and collection managers to ensure intelligence requirements and collection plans are accurate and up-to-date. |
Task |
| 3001 |
Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. |
Ability |
| 3002 |
Ability to focus research efforts to meet the customer’s decision-making needs. |
Ability |
| 3019 |
Ability to clearly articulate intelligence requirements into well-formulated research questions and data tracking variables for inquiry tracking purposes. |
Ability |
| 3022 |
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. |
Ability |
| 3039 |
Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
Ability |
| 3041 |
Ability to effectively collaborate via virtual teams. |
Ability |
| 3042 |
Ability to evaluate information for reliability, validity, and relevance. |
Ability |
| 3047 |
Ability to function effectively in a dynamic, fast-paced environment. |
Ability |
| 3048 |
Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—in order to leverage analytical and technical expertise. |
Ability |
| 3073 |
Ability to recognize and mitigate cognitive biases which may affect analysis. |
Ability |
| 3074 |
Ability to recognize and mitigate deception in reporting and analysis. |
Ability |
| 3077 |
Ability to think critically. |
Ability |
| 3078A |
Ability to think like threat actors. |
Ability |
| 3081 |
Ability to utilize multiple intelligence sources across all intelligence disciplines. |
Ability |
| 3095 |
Knowledge of internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering). |
Knowledge |
| 3098 |
Knowledge of virtualization products (Vmware, Virtual PC). |
Knowledge |
| 3106 |
Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless). |
Knowledge |
| 3107 |
Knowledge of a wide range of concepts associated with websites (e.g., website types, administration, functions, software systems, etc.). |
Knowledge |
| 3129 |
Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.). |
Knowledge |
| 3137 |
Knowledge of basic malicious activity concepts (e.g., foot printing, scanning and enumeration). |
Knowledge |
| 3154 |
Knowledge of classification and control markings standards, policies and procedures. |
Knowledge |
| 3177 |
Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.). |
Knowledge |
| 3188 |
Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.). |
Knowledge |
| 3205 |
Knowledge of current computer-based intrusion sets. |
Knowledge |
| 3218 |
Knowledge of cyber operations terminology/lexicon. |
Knowledge |
| 3225 |
Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media). |
Knowledge |
| 3253 |
Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP). |
Knowledge |
| 3262 |
Knowledge of evolving/emerging communications technologies. |
Knowledge |
| 3274 |
Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber attack, cyber defense), principles, capabilities, limitations, and effects. |
Knowledge |
| 3291 |
Knowledge of how internet applications work (SMTP email, web-based email, chat clients, VOIP). |
Knowledge |
| 3292 |
Knowledge of how modern digital and telephony networks impact cyber operations. |
Knowledge |
| 3293 |
Knowledge of how modern wireless communications systems impact cyber operations. |
Knowledge |
| 3298 |
Knowledge of how to extract, analyze, and use metadata. |
Knowledge |
| 3335 |
Knowledge of intelligence disciplines. |
Knowledge |
| 3343 |
Knowledge of cyber intelligence/information collection capabilities and repositories. |
Knowledge |
| 3358 |
Knowledge of organizational hierarchy and cyber decision making processes. |
Knowledge |
| 3374 |
Knowledge of malware. |
Knowledge |
| 3441 |
Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. |
Knowledge |
| 3539 |
Knowledge of telecommunications fundamentals. |
Knowledge |
| 3543 |
Knowledge of the basic structure, architecture, and design of modern communication networks. |
Knowledge |
| 3545 |
Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection). |
Knowledge |
| 3561 |
Knowledge of the common networking and routing protocols(e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. |
Knowledge |
| 3651 |
Knowledge of what constitutes a “threat” to a network. |
Knowledge |
| 3659 |
Knowledge of wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems. |
Knowledge |
| 3699 |
Skill in conducting research using deep web. |
Skill |
| 3704 |
Skill in conducting non-attributable research. |
Skill |
| 3756 |
Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
Skill |
| 3772 |
Skill in evaluating information for reliability, validity, and relevance. |
Skill |
| 3788 |
Skill in identifying alternative analytical interpretations in order to minimize unanticipated outcomes. |
Skill |
| 3793 |
Skill in identifying critical target elements, to include critical target elements for the cyber domain. |
Skill |
| 3794 |
Skill in identifying cyber threats which may jeopardize organization and/or partner interests. |
Skill |
| 3851 |
Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships. |
Skill |
| 3876 |
Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources. |
Skill |
| 3893 |
Skill in tailoring analysis to the necessary levels (e.g., classification and organizational). |
Skill |
| 3910 |
Skill in using Boolean operators to construct simple and complex queries. |
Skill |
| 3921 |
Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches. |
Skill |
| 3938 |
Skill in utilizing feedback in order to improve processes, products, and services. |
Skill |
| 3946 |
Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint). |
Skill |
| 6900 |
* Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
