- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of human-computer interaction principles.
- Knowledge of network traffic analysis methods.
- Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).
- Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
- Knowledge of collection management processes, capabilities, and limitations.
- Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Knowledge of website types, administration, functions, and content management system (CMS).
- Knowledge of applicable statutes, laws, regulations and policies governing cyber targeting and exploitation.
- Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
- Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc.
- Knowledge of collateral damage and estimating impact(s).
- Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
- Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
- Knowledge of criticality and vulnerability factors (e.g., value, recuperation, cushion, countermeasures) for target selection and applicability to the cyber domain.
- Knowledge of cyber intelligence/information collection capabilities and repositories.
- Knowledge of cyber operation objectives, policies, and legalities.
- Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
- Knowledge of dynamic and deliberate targeting.
- Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
- Knowledge of evolving/emerging communications technologies.
- Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
- Knowledge of general Supervisory control and data acquisition (SCADA) system components.
- Knowledge of governing authorities for targeting.
- Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability.
- Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
- Knowledge of how modern digital and telephony networks impact cyber operations.
- Knowledge of how modern wireless communications systems impact cyber operations.
- Knowledge of how to extract, analyze, and use metadata.
- Knowledge of intelligence confidence levels.
- Knowledge of intelligence disciplines.
- Knowledge of intelligence preparation of the environment and similar processes.
- Knowledge of intelligence production processes.
- Knowledge of intelligence support to planning, execution, and assessment.
- Knowledge of internal and external partner cyber operations capabilities and tools.
- Knowledge of internal and external partner intelligence processes and the development of information requirements and essential information.
- Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
- Knowledge of intrusion sets.
- Knowledge of legal considerations in targeting.
- Knowledge of malware analysis and characteristics.
- Knowledge of operational effectiveness assessment.
- Knowledge of operations security.
- Knowledge of organization or partner exploitation of digital networks.
- Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
- Knowledge of specific target identifiers, and their usage.
- Knowledge of target development (i.e., concepts, roles, responsibilities, products, etc.).
- Knowledge of target estimated repair and recuperation times.
- Knowledge of target list development (i.e. Restricted, Joint, Candidate, etc.).
- Knowledge of target methods and procedures.
- Knowledge of target vetting and validation procedures.
- Knowledge of targeting cycles.
- Knowledge of TCP/IP networking protocols.
- Knowledge of telecommunications fundamentals.
- Knowledge of the basic structure, architecture, and design of modern communication networks.
- Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
- Knowledge of the structure and intent of organization specific plans, guidance and authorizations.
- Knowledge of the ways in which targets or threats use the Internet.
- Knowledge of threat and/or target systems.
- Knowledge of wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems.
Target Developer
Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.
- Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses).
- Skill in assessing and/or estimating effects generated during and after cyber operations.
- Skill in conducting non-attributable research.
- Skill in conducting research using deep web.
- Skill in defining and characterizing all pertinent aspects of the operational environment.
- Skill in determining appropriate targeting options through the evaluation of available capabilities against desired effects.
- Skill in determining the physical location of network devices.
- Skill in evaluating available capabilities against desired effects to provide effective courses of action.
- Skill in evaluating information for reliability, validity, and relevance.
- Skill in fusion analysis
- Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.
- Skill in identifying critical target elements, to include critical target elements for the cyber domain.
- Skill in identifying cyber threats which may jeopardize organization and/or partner interests.
- Skill in performing target system analysis.
- Skill in preparing and presenting briefings.
- Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
- Skill in reviewing and editing target materials.
- Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).
- Skill in using Boolean operators to construct simple and complex queries.
- Skill in using geospatial data and applying geospatial resources.
- Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst's Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).
- Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.
- Skill in using targeting databases and software packages.
- Skill in utilizing feedback to improve processes, products, and services.
- Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
- Skill in writing effectiveness reports.
- Skill to analyze and assess internal and external partner cyber operations capabilities and tools.
- Skill to analyze and assess internal and external partner intelligence processes and the development of information requirements and essential information.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
- Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
- Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.
- Ability to focus research efforts to meet the customer's decision-making needs.
- Ability to function effectively in a dynamic, fast-paced environment.
- Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
- Ability to identify intelligence gaps.
- Ability to recognize and mitigate cognitive biases which may affect analysis.
- Ability to recognize and mitigate deception in reporting and analysis.
- Ability to think critically.
- Ability to utilize multiple intelligence sources across all intelligence disciplines.
- Ability to exercise judgment when policies are not well-defined.
- Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information.
- Accurately characterize targets.
- Provide expertise to course of action development.
- Provide expertise to the development of measures of effectiveness and measures of performance.
- Build and maintain electronic target folders.
- Collaborate with intelligence analysts/targeting organizations involved in related areas.
- Collaborate with other customer, Intelligence and targeting organizations involved in related cyber areas.
- Conduct nodal analysis.
- Conduct target research and analysis.
- Coordinate target vetting with appropriate partners.
- Maintain awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology.
- Determine what technologies are used by a given target.
- Develop all-source intelligence targeting materials.
- Develop measures of effectiveness and measures of performance.
- Develop munitions effectiveness assessment or operational assessment materials.
- Estimate operational effects generated through cyber activities.
- Evaluate available capabilities against desired effects to recommend efficient solutions.
- Generate requests for information.
- Identify and evaluate threat critical capabilities, requirements, and vulnerabilities.
- Identify critical target elements.
- Initiate requests to guide tasking and assist with collection management.
- Maintain target lists (i.e., RTL, JTL, CTL, etc.).
- Perform targeting automation activities.
- Characterize websites.
- Produce target system analysis products.
- Provide aim point and reengagement recommendations.
- Provide analyses and support for effectiveness assessment.
- Provide input for targeting effectiveness assessments for leadership acceptance.
- Provide operations and reengagement recommendations.
- Provide target recommendations which meet leadership objectives.
- Provide targeting products and targeting support as designated.
- Provide time sensitive targeting support.
- Review appropriate information sources to determine validity and relevance of information gathered.
- Sanitize and minimize information to protect sources and methods.
- Support identification and documentation of collateral effects.
- Work closely with planners, analysts, and collection managers to identify intelligence gaps and ensure intelligence requirements are accurate and up-to-date.