| 22 |
* Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
| 52 |
Knowledge of human-computer interaction principles. |
Knowledge |
| 87 |
Knowledge of network traffic analysis methods. |
Knowledge |
| 108 |
* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
| 264 |
Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). |
Knowledge |
| 1157 |
* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
| 1158 |
* Knowledge of cybersecurity principles. |
Knowledge |
| 1159 |
* Knowledge of cyber threats and vulnerabilities. |
Knowledge |
| 2063 |
Assist in the coordination, validation, and management of all-source collection requirements, plans, and/or activities. |
Task |
| 2108 |
Conduct end-of-operations assessments. |
Task |
| 2115 |
Conduct in-depth research and analysis. |
Task |
| 2121 |
Conduct nodal analysis. |
Task |
| 2134 |
Conduct target research and analysis. |
Task |
| 2289 |
Develop measures of effectiveness and measures of performance. |
Task |
| 2378 |
Estimate operational effects generated through cyber activities. |
Task |
| 2379A |
Identify threat vulnerabilities. |
Task |
| 2429 |
Generate requests for information. |
Task |
| 2593 |
Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets. |
Task |
| 2594 |
Monitor and report on validated threat activities. |
Task |
| 2603 |
Monitor operational environment and report on adversarial activities which fulfill leadership’s priority information requirements. |
Task |
| 2730 |
Provide analyses and support for effectiveness assessment. |
Task |
| 2745 |
Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations. |
Task |
| 2747 |
Provide input and assist in post-action effectiveness assessments. |
Task |
| 2748 |
Provide input and assist in the development of plans and guidance. |
Task |
| 3002 |
Ability to focus research efforts to meet the customer’s decision-making needs. |
Ability |
| 3022 |
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. |
Ability |
| 3039 |
Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
Ability |
| 3044 |
Ability to exercise judgment when policies are not well-defined. |
Ability |
| 3047 |
Ability to function effectively in a dynamic, fast-paced environment. |
Ability |
| 3048 |
Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—in order to leverage analytical and technical expertise. |
Ability |
| 3073 |
Ability to recognize and mitigate cognitive biases which may affect analysis. |
Ability |
| 3077 |
Ability to think critically. |
Ability |
| 3078A |
Ability to think like threat actors. |
Ability |
| 3079 |
Ability to understand objectives and effects. |
Ability |
| 3098 |
Knowledge of virtualization products (Vmware, Virtual PC). |
Knowledge |
| 3106 |
Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless). |
Knowledge |
| 3107 |
Knowledge of a wide range of concepts associated with websites (e.g., website types, administration, functions, software systems, etc.). |
Knowledge |
| 3129 |
Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.). |
Knowledge |
| 3137 |
Knowledge of basic malicious activity concepts (e.g., foot printing, scanning and enumeration). |
Knowledge |
| 3154 |
Knowledge of classification and control markings standards, policies and procedures. |
Knowledge |
| 3177 |
Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.). |
Knowledge |
| 3188 |
Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.). |
Knowledge |
| 3225 |
Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media). |
Knowledge |
| 3253 |
Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP). |
Knowledge |
| 3262 |
Knowledge of evolving/emerging communications technologies. |
Knowledge |
| 3291 |
Knowledge of how internet applications work (SMTP email, web-based email, chat clients, VOIP). |
Knowledge |
| 3292 |
Knowledge of how modern digital and telephony networks impact cyber operations. |
Knowledge |
| 3293 |
Knowledge of how modern wireless communications systems impact cyber operations. |
Knowledge |
| 3298 |
Knowledge of how to extract, analyze, and use metadata. |
Knowledge |
| 3374 |
Knowledge of malware. |
Knowledge |
| 3441 |
Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. |
Knowledge |
| 3539 |
Knowledge of telecommunications fundamentals. |
Knowledge |
| 3543 |
Knowledge of the basic structure, architecture, and design of modern communication networks. |
Knowledge |
| 3545 |
Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection). |
Knowledge |
| 3561 |
Knowledge of the common networking and routing protocols(e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. |
Knowledge |
| 3651 |
Knowledge of what constitutes a “threat” to a network. |
Knowledge |
| 3691 |
Skill in assessing and/or estimating effects generated during and after cyber operations. |
Skill |
| 3756 |
Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
Skill |
| 3770 |
Skill in evaluating available capabilities against desired effects in order to provide effective courses of action. |
Skill |
| 3772 |
Skill in evaluating information for reliability, validity, and relevance. |
Skill |
| 3788 |
Skill in identifying alternative analytical interpretations in order to minimize unanticipated outcomes. |
Skill |
| 3794 |
Skill in identifying cyber threats which may jeopardize organization and/or partner interests. |
Skill |
| 3844 |
Skill in preparing and presenting briefings. |
Skill |
| 3851 |
Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships. |
Skill |
| 3878 |
Skill in reviewing and editing assessment products. |
Skill |
| 3893 |
Skill in tailoring analysis to the necessary levels (e.g., classification and organizational). |
Skill |
| 3921 |
Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches. |
Skill |
| 3946 |
Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint). |
Skill |
| 6900 |
* Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
