- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).
- Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
- Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Knowledge of analytic tools and techniques for language, voice and/or graphic material.
- Knowledge of approved intelligence dissemination processes.
- Knowledge of classification and control markings standards, policies and procedures.
- Knowledge of collection systems, capabilities, and processes.
- Knowledge of computer programming concepts, including computer languages, programming, testing, debugging, and file types.
- Knowledge of concepts related to websites (e.g., web servers/pages, hosting, DNS, registration, web languages such as HTML).
- Knowledge of customer information needs.
- Knowledge of cyber operation objectives, policies, and legalities.
- Knowledge of cyber operations.
- Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
- Knowledge of evolving/emerging communications technologies.
- Knowledge of how to extract, analyze, and use metadata.
- Knowledge of intelligence reporting principles, policies, procedures, and vehicles, including report formats, reportability criteria (requirements and priorities), dissemination practices, and legal authorities and restrictions.
- Knowledge of language processing tools and techniques.
- Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- Knowledge of network security implementations (e.g., host-based IDS, IPS, access control lists), including their function and placement in a network.
- Knowledge of networking and Internet communications fundamentals (i.e. devices, device configuration, hardware, software, applications, ports/protocols, addressing, network architecture and infrastructure, routing, operating systems, etc.).
- Knowledge of obfuscation techniques (e.g., TOR/Onion/anonymizers, VPN/VPS, encryption).
- Knowledge of operations security.
- Knowledge of principles and practices related to target development such as target knowledge, associations, communication systems, and infrastructure.
- Knowledge of relevant laws, regulations, and policies.
- Knowledge of specialized target language (e.g., acronyms, jargon, technical terminology, code words).
- Knowledge of target communication profiles and their key elements (e.g., target associations, activities, communication infrastructure).
- Knowledge of target communication tools and techniques.
- Knowledge of target cultural references, dialects, expressions, idioms, and abbreviations.
- Knowledge of target language(s).
- Knowledge of target or threat cyber actors and procedures.
- Knowledge of target, including related current events, communication profile, actors, and history (language, culture) and/or frame of reference.
- Knowledge of the characteristics of targeted communication networks (e.g., capacity, functionality, paths, critical nodes).
- Knowledge of the data flow from collection origin to repositories and tools.
- Knowledge of the feedback cycle in collection processes.
- Knowledge of the impact of language analysis on on-net operator functions.
- Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
- Knowledge of the request for information process.
- Knowledge of the structure, architecture, and design of modern digital and telephony networks.
- Knowledge of the structure, architecture, and design of modern wireless communications systems.
- Knowledge of transcript development processes and techniques (e.g., verbatim, gist, summaries).
- Knowledge of translation processes and techniques.
Multi-Disciplined Language Analyst
Applies language and culture expertise with target/threat and technical knowledge to process, analyze, and/or disseminate intelligence information derived from language, voice and/or graphic material. Creates and maintains language-specific databases and working aids to support cyber action execution and ensure critical knowledge sharing. Provides subject matter expertise in foreign language-intensive or interdisciplinary projects.
- Skill in analyzing language processing tools to provide feedback to enhance tool development.
- Skill in analyzing traffic to identify network devices.
- Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses).
- Skill in assessing a target's frame of reference (e.g., motivation, technical capability, organizational structure, sensitivities).
- Skill in complying with the legal restrictions for targeted information.
- Skill in conducting research using all available sources.
- Skill in conducting social network analysis.
- Skill in developing intelligence reports.
- Skill in disseminating items of highest intelligence value in a timely manner.
- Skill in evaluating and interpreting metadata.
- Skill in evaluating data sources for relevance, reliability, and objectivity.
- Skill in evaluating information for reliability, validity, and relevance.
- Skill in gisting target communications.
- Skill in identifying a target's network characteristics.
- Skill in identifying intelligence gaps and limitations.
- Skill in identifying language issues that may have an impact on organization objectives.
- Skill in identifying non-target regional languages and dialects
- Skill in interpreting traceroute results, as they apply to network analysis and reconstruction.
- Skill in managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.
- Skill in prioritizing target language material.
- Skill in providing analysis on target-related matters (e.g., language, cultural, communications).
- Skill in recognizing denial and deception techniques of the target.
- Skill in recognizing significant changes in a target's communication patterns.
- Skill in recognizing technical information that may be used for target development including intelligence development.
- Skill in synthesizing, analyzing, and prioritizing meaning across data sets.
- Skill in transcribing target language communications.
- Skill in translating target graphic and/or voice language materials.
- Skill in using non-attributable networks.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Ability to apply language and cultural expertise to analysis.
- Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
- Ability to review processed target language materials for accuracy and completeness.
- Compile, integrate, and/or interpret all-source data for intelligence or vulnerability value with respect to specific targets.
- Determine what technologies are used by a given target.
- Identify collection gaps and potential collection strategies against targets.
- Make recommendations to guide collection in support of customer requirements.
- Provide subject-matter expertise and support to planning/developmental forums and working groups as appropriate.
- Advise managers and operators on language and cultural issues that impact organization objectives.
- Analyze and process information using language and/or cultural expertise.
- Assess, document, and apply a target's motivation and/or frame of reference to facilitate analysis, targeting and collection opportunities.
- Collaborate across internal and/or external organizational lines to enhance collection, analysis and dissemination.
- Conduct all-source target research to include the use of open source materials in the target language.
- Conduct analysis of target communications to identify essential information in support of organization objectives.
- Perform quality review and provide feedback on transcribed or translated materials.
- Evaluate and interpret metadata to look for patterns, anomalies, or events, thereby optimizing targeting, analysis and processing.
- Identify cyber threat tactics and methodologies.
- Identify target communications within the global network.
- Maintain awareness of target communication tools, techniques, and the characteristics of target communication networks (e.g., capacity, functionality, paths, critical nodes) and their potential implications for targeting, collection, and analysis.
- Provide feedback to collection managers to enhance future collection and analysis.
- Perform foreign language and dialect identification in initial source data.
- Perform or support technical network analysis and mapping.
- Provide requirements and feedback to optimize the development of language processing tools.
- Perform social network analysis and document as appropriate.
- Scan, identify and prioritize target graphic (including machine-to-machine communications) and/or voice language material.
- Tip critical or time-sensitive information to appropriate customers.
- Transcribe target voice materials in the target language.
- Translate (e.g., verbatim, gist, and/or summaries) target graphic material.
- Translate (e.g., verbatim, gist, and/or summaries) target voice material.
- Identify foreign language terminology within computer programs (e.g., comments, variable names).
- Provide near-real time language analysis support (e.g., live operations).
- Identify cyber/technology-related terminology in the target language.