- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of human-computer interaction principles.
- Knowledge of network traffic analysis methods.
- Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
- Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Knowledge of possible circumstances that would result in changing collection management authorities.
- Knowledge of asset availability, capabilities and limitations.
- Knowledge of available databases and tools necessary to assess appropriate collection tasking.
- Knowledge of collaborative tools and environments.
- Knowledge of collection capabilities and limitations.
- Knowledge of collection capabilities, accesses, performance specifications, and constraints utilized to satisfy collection plan.
- Knowledge of collection management tools.
- Knowledge of collection planning process and collection plan.
- Knowledge of collection strategies.
- Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
- Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
- Knowledge of criteria for evaluating collection products.
- Knowledge of current collection requirements.
- Knowledge of current computer-based intrusion sets.
- Knowledge of cyber lexicon/terminology
- Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
- Knowledge of database administration and maintenance.
- Knowledge of different organization objectives at all levels, including subordinate, lateral and higher.
- Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
- Knowledge of evolving/emerging communications technologies.
- Knowledge of fundamental cyber concepts, principles, limitations, and effects.
- Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability.
- Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
- Knowledge of how modern digital and telephony networks impact cyber operations.
- Knowledge of how modern wireless communications systems impact cyber operations.
- Knowledge of how to establish priorities for resources.
- Knowledge of how to extract, analyze, and use metadata.
- Knowledge of indications and warning.
- Knowledge of information needs.
- Knowledge of internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
- Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
- Knowledge of key cyber threat actors and their equities.
- Knowledge of key factors of the operational environment and threat.
- Knowledge of leadership's Intent and objectives.
- Knowledge of malware.
- Knowledge of methods for ascertaining collection asset posture and availability.
- Knowledge of non-traditional collection methodologies.
- Knowledge of ongoing and future operations.
- Knowledge of operational asset constraints.
- Knowledge of operational planning processes.
- Knowledge of organization formats of resource and asset readiness reporting, its operational relevance and intelligence collection impact.
- Knowledge of organization objectives and associated demand on collection management.
- Knowledge of organizational priorities, legal authorities and requirements submission processes.
- Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
- Knowledge of priority information, how it is derived, where it is published, how to access, etc.
- Knowledge of production exploitation and dissemination needs and architectures.
- Knowledge of research strategies and knowledge management.
- Knowledge of risk management and mitigation strategies.
- Knowledge of tasking mechanisms.
- Knowledge of tasking processes for organic and subordinate collection assets.
- Knowledge of tasking, collection, processing, exploitation and dissemination.
- Knowledge of the available tools and applications associated with collection requirements and collection management.
- Knowledge of the basic structure, architecture, and design of modern communication networks.
- Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- Knowledge of the capabilities and limitations of new and emerging collection capabilities, accesses and/or processes.
- Knowledge of the capabilities, limitations and tasking methodologies of internal and external collections as they apply to planned cyber activities.
- Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
- Knowledge of the existent tasking, collection, processing, exploitation and dissemination architecture.
- Knowledge of the factors of threat that could impact collection operations.
- Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
- Knowledge of the organization's established format for collection plan.
- Knowledge of the organization's planning, operations and targeting cycles.
- Knowledge of the organizational plans/directives/guidance that describe objectives.
- Knowledge of the organizational policies/procedures for temporary transfer of collection authority.
- Knowledge of the POC's, databases, tools and applications necessary to establish environment preparation and surveillance products.
- Knowledge of the priority information requirements from subordinate, lateral and higher levels of the organization.
- Knowledge of the request for information process.
- Knowledge of the systems/architecture/communications used for coordination.
- Knowledge of tipping, cueing, mixing, and redundancy.
- Knowledge of virtualization products (VMware, Virtual PC).
- Knowledge of what constitutes a threat? to a network.
- Knowledge of who the organization's operational planners are, how and where they can be contacted, and what are their expectations.
All Source-Collection Manager
Identifies collection authorities and environment; incorporates priority information requirements into collection management; develops concepts to meet leadership's intent. Determines capabilities of available collection assets, identifies new collection capabilities; and constructs and disseminates collection plans. Monitors execution of tasked collection to ensure effective execution of the collection plan.
- Skill in information prioritization as it relates to operations.
- Skill to access information on current assets available, usage.
- Skill to access the databases where plans/directives/guidance are maintained.
- Skill to apply the capabilities, limitations and tasking methodologies of available platforms, sensors, architectures and apparatus as they apply to organization objectives.
- Skill to articulate a needs statement/requirement and integrate new and emerging collection capabilities, accesses and/or processes into collection operations.
- Skill to associate Intelligence gaps to priority information requirements and observables.
- Skill to compare indicators/observables with requirements.
- Skill to determine feasibility of collection.
- Skill to develop a collection plan that clearly shows the discipline that can be used to collect the information needed.
- Skill to ensure that the collection strategy leverages all available resources.
- Skill to evaluate factors of the operational environment to objectives, and information requirements.
- Skill to evaluate the capabilities, limitations and tasking methodologies of organic, theater, national, coalition and other collection capabilities.
- Skill to extract information from available tools and applications associated with collection requirements and collection operations management.
- Skill to identify and apply tasking, collection, processing, exploitation and dissemination to associated collection disciplines.
- Skill to identify Intelligence gaps.
- Skill to identify when priority information requirements are satisfied.
- Skill to interpret readiness reporting, its operational relevance and intelligence collection impact.
- Skill to optimize collection system performance through repeated adjustment, testing, and re-adjustment.
- Skill to prepare and deliver reports, presentations and briefings, to include using visual aids or presentation technology.
- Skill to review performance specifications and historical information about collection assets.
- Skill to translate the capabilities, limitations and tasking methodologies of organic, theater, national, coalition and other collection capabilities.
- Skill to use collaborative tools and environments for collection operations.
- Skill to analyze and assess internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
- Ability to apply collaborative skills and strategies.
- Ability to apply critical reading/thinking skills.
- Ability to coordinate and collaborate with analysts regarding surveillance requirements and essential information development.
- Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.
- Ability to correctly employ each organization or element into the collection plan and matrix.
- Adjust collection operations or collection plan to address identified issues/challenges and to synchronize collections with overall operational requirements.
- Analyze feedback to determine extent to which collection products and services are meeting requirements.
- Analyze plans, directives, guidance and policy for factors that would influence collection management's operational structure and requirement s (e.g., duration, scope, communication requirements, interagency/international agreements).
- Assess and apply operational environment factors and risks to collection management process.
- Assess performance of collection assets against prescribed specifications.
- Compare allocated and available assets to collection demand as expressed through requirements.
- Compile lessons learned from collection management activity's execution of organization collection objectives.
- Consider efficiency and effectiveness of collection assets and resources if/when applied against priority information requirements.
- Construct collection plans and matrixes using established guidance and procedures.
- Coordinate resource allocation of collection assets against prioritized collection requirements with collection discipline leads.
- Coordinate inclusion of collection plan in appropriate documentation.
- Re-task or re-direct collection assets and resources.
- Determine course of action for addressing changes to objectives, guidance, and operational environment.
- Determine existing collection management webpage databases, libraries and storehouses.
- Determine how identified factors affect the tasking, collection, processing, exploitation and dissemination architecture's form and function.
- Determine organizations and/or echelons with collection authority over all accessible collection assets.
- Develop a method for comparing collection reports to outstanding requirements to identify information gaps.
- Develop coordinating instructions by collection discipline for each phase of an operation.
- Allocate collection assets based on leadership's guidance, priorities, and/or operational emphasis.
- Disseminate tasking messages and collection plans.
- Establish alternative processing, exploitation and dissemination pathways to address identified issues or problems.
- Establish processing, exploitation and dissemination management activity using approved guidance and/or procedures.
- Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers.
- Formulate collection strategies based on knowledge of available intelligence discipline capabilities and gathering methods that align multi-discipline collection capabilities and accesses with targets and their observables.
- Identify collaboration forums that can serve as mechanisms for coordinating processes, functions, and outputs with specified organizations and functional groups.
- Identify coordination requirements and procedures with designated collection authorities.
- Identify issues or problems that can disrupt and/or degrade processing, exploitation and dissemination architecture effectiveness.
- Identify potential collection disciplines for application against priority information requirements.
- Identify and mitigate risks to collection management ability to support the plan, operations and target cycle.
- Issue requests for information.
- Link priority collection requirements to optimal assets and resources.
- Monitor completion of reallocated collection efforts.
- Monitor operational status and effectiveness of the processing, exploitation and dissemination architecture.
- Monitor the operational environment for potential factors and risks to the collection operation management process.
- Optimize mix of collection assets and resources to increase effectiveness and efficiency against essential information associated with priority intelligence requirements.
- Prioritize collection requirements for collection platforms based on platform capabilities.
- Provide advice/assistance to operations and intelligence decision makers with reassignment of collection assets and resources in response to dynamic operational situations.
- Request discipline-specific processing, exploitation, and disseminate information collected using discipline's collection assets and resources in accordance with approved guidance and/or procedures.
- Review capabilities of allocated collection assets.
- Review intelligence collection guidance for accuracy/applicability.
- Review list of prioritized collection requirements and essential information.
- Review and update overarching collection plan, as required.
- Revise collection matrix based on availability of optimal assets and resources.
- Specify changes to collection plan and/or operational environment that necessitate re-tasking or re-directing of collection assets and resources.
- Specify discipline-specific collections and/or taskings that must be executed in the near term.
- Synchronize the integrated employment of all available organic and partner intelligence collection assets using available collaboration capabilities and techniques.