Language Analysis

Language Analysis

Applies language, cultural, and technical expertise to support information collection, analysis, and other cybersecurity activities.



Below are the associated Work Roles. Click the arrow to expand/collapse the Work Role information and view the associated Core and Additional KSATs (Knowledge, Skills, Abilties, and Tasks). Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role. Click on the other blue links to further explore the information.
Multi-Disciplined Language Analyst Work Role ID: 151 (NIST: AN-LA-001) Category/Specialty Area: Analyze / Language Analysis Workforce Element: Intelligence (Cyberspace)

Applies language and culture expertise with target/threat and technical knowledge to process, analyze, and/or disseminate intelligence information derived from language, voice and/or graphic material. Creates, and maintains language specific databases and working aids to support cyber action execution and ensure critical knowledge sharing. Provides subject matter expertise in foreign language-intensive or interdisciplinary projects.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
1056

Knowledge of operations security.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
2099

Compile, integrate, and/or interpret all-source data for intelligence or vulnerability value with respect to specific targets.

Task
2890

Advise managers and operators on language and cultural issues that impact organization objectives.

Task
2891

Analyze and process information using language and/or cultural expertise.

Task
2897

Conduct analysis of target communications to identify essential information in support of organization objectives.

Task
2902

Evaluate and interpret metadata to look for patterns, anomalies, or events, thereby optimizing targeting, analysis and processing.

Task
2905

Identify target communications within the global network.

Task
2906

Maintain awareness of target communication tools, techniques, and the characteristics of target communication networks (e.g., capacity, functionality, paths, critical nodes) and their potential implications for targeting, collection, and analysis.

Task
2910

Perform foreign language and dialect identification in initial source data.

Task
2912

Perform or support technical network analysis and mapping.

Task
2921

Scan, identify and prioritize target graphic (including machine-to-machine communications) and/or voice language material.

Task
2922

Tip critical or time-sensitive information to appropriate customers.

Task
2923

Transcribe target voice materials in the target language.

Task
2924

Translate (e.g., verbatim, gists, and/or summaries) target graphic material.

Task
2925

Translate (e.g., verbatim, gists, and/or summaries) target voice material.

Task
2927

Identify foreign language terminology within computer programs (e.g., comments, variable names).

Task
2930

Provide near-real time language analysis support (e.g., live operations).

Task
2931

Identify cyber/technology-related terminology in the target language.

Task
3022

Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Ability
3106

Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless).

Knowledge
3154

Knowledge of classification and control markings standards, policies and procedures.

Knowledge
3158

Knowledge of cyber operation objectives, policies, and legalities.

Knowledge
3219

Knowledge of cyber operations.

Knowledge
3225

Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).

Knowledge
3298

Knowledge of how to extract, analyze, and use metadata.

Knowledge
3338

Knowledge of intelligence reporting principles, policies, procedures, and vehicles, including report formats, reportability criteria (requirements and priorities), dissemination practices, and legal authorities and restrictions.

Knowledge
3407

Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).

Knowledge
3450

Knowledge of principles and practices related to target development such as target knowledge, associations, communication systems, and infrastructure.

Knowledge
3534

Knowledge of target, including related current events, communication profile, actors, and history (language, culture) and/or frame of reference.

Knowledge
3616

Knowledge of the structure, architecture, and design of modern digital and telephony networks.

Knowledge
3617

Knowledge of the structure, architecture, and design of modern wireless communications systems.

Knowledge
3678

Skill in analyzing traffic to identify network devices.

Skill
3689

Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses).

Skill
3708A

Skill in conducting social network analysis.

Skill
3765

Skill in disseminating items of highest intelligence value in a timely manner.

Skill
3867A

Skill in recognizing technical information that may be used for target development including intelligence development.

Skill
4086

Knowledge of relevant laws, regulations, and policies.

Knowledge
4087

Knowledge of target cultural references, dialects, expressions, idioms, and abbreviations.

Knowledge
4094

Knowledge of networking and internet communications fundamentals (i.e. devices, device configuration, hardware, software, applications, ports/protocols, addressing, network architecture and infrastructure, routing, operating systems, etc.).

Knowledge
4105

Knowledge of language processing tools and techniques.

Knowledge
4106

Knowledge of analytic tools and techniques.

Knowledge
4116

Knowledge of transcript development processes and techniques (e.g., verbatim, gists, summaries).

Knowledge
4117

Knowledge of translation processes and techniques.

Knowledge
4123

Skill in conducting research using all available sources.

Skill
4124

Skill in translating target graphic and/or voice language materials.

Skill
4125

Skill in complying with the legal restrictions for targeted information.

Skill
4128

Skill in developing intelligence reports.

Skill
4129

Skill in evaluating and interpreting metadata.

Skill
4133

Skill in gisting target communications.

Skill
4135

Skill in identifying non-target regional languages and dialects

Skill
4140

Skill in prioritizing target language material.

Skill
4141

Skill in providing analysis on target-related matters (e.g., language, cultural, communications).

Skill
4148

Ability to review processed target language materials for accuracy and completeness.

Ability
4149

Skill in transcribing target language communications.

Skill
4152

Knowledge of specialized target language (e.g., acronyms, jargon, technical terminology, codewords).

Knowledge
4165

Knowledge of obfuscation techniques (e.g., TOR/Onion/anonymizers, VPN/VPS, encryption).

Knowledge
4167

Knowledge of target language(s).

Knowledge
4169

Ability to apply language and cultural expertise to analysis.

Ability
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
915

Knowledge of front-end collection systems, including traffic collection, filtering, and selection.

Knowledge
2243

Determine what technologies are used by a given target.

Task
2453

Identify collection gaps and potential collection strategies against targets.

Task
2568

Make recommendations to guide collection in support of customer requirements.

Task
2621

Provide SME and support to planning/developmental forums and working groups as appropriate.

Task
2893

Assess, document, and apply a target’s motivation and/or frame of reference to facilitate analysis, targeting and collection opportunities.

Task
2894

Collaborate across internal and/or external organizational lines to enhance collection, analysis and dissemination.

Task
2896

Conduct all-source target research to include the use of open source materials in the target language.

Task
2901

Perform quality review and provide feedback on transcribed or translated materials.

Task
2904

Identify cyber threat tactics and methodologies.

Task
2909

Provide feedback to collection managers to enhance future collection and analysis.

Task
2916

Provide requirements and feedback to optimize the development of language processing tools.

Task
2919

Perform social network analysis and document as appropriate.

Task
3048

Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—in order to leverage analytical and technical expertise.

Ability
3262

Knowledge of evolving/emerging communications technologies.

Knowledge
3564

Knowledge of the data flow from collection origin to repositories and tools.

Knowledge
3595

Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.

Knowledge
3771

Skill in evaluating data sources for relevance, reliability, and objectivity.

Skill
3772

Skill in evaluating information for reliability, validity, and relevance.

Skill
3822

Skill in managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.

Skill
3861

Skill in recognizing denial and deception techniques of the target.

Skill
3865

Skill in recognizing significant changes in a target’s communication patterns.

Skill
3890

Skill in synthesizing, analyzing, and prioritizing meaning across data sets.

Skill
3923

Skill in using non-attributable networks.

Skill
4072

Knowledge of collection systems, capabilities, and processes.

Knowledge
4073

Knowledge of the feedback cycle in collection processes.

Knowledge
4078

Knowledge of target or threat cyber actors and procedures.

Knowledge
4079

Knowledge of basic cyber operations activity concepts (e.g., foot printing, scanning and enumeration, penetration testing, white/black listing).

Knowledge
4085

Knowledge of approved intelligence dissemination processes.

Knowledge
4088

Knowledge of target communication profiles and their key elements (e.g., target associations, activities, communication infrastructure).

Knowledge
4089

Knowledge of target communication tools and techniques.

Knowledge
4090

Knowledge of the characteristics of targeted communication networks (e.g., capacity, functionality, paths, critical nodes).

Knowledge
4095

Knowledge of concepts related to websites (e.g., web servers/pages, hosting, DNS, registration, web languages such as HTML).

Knowledge
4097

Knowledge of network security implementations (e.g., host-based IDS, IPS, access control lists), including their function and placement in a network.

Knowledge
4099

Knowledge of customer information needs.

Knowledge
4108

Knowledge of the impact of language analysis on on-net operator functions.

Knowledge
4113

Knowledge of the request for information process.

Knowledge
4118

Skill in identifying a target’s network characteristics.

Skill
4119

Skill in analyzing language processing tools to provide feedback to enhance tool development.

Skill
4121

Skill in assessing a target’s frame of reference (e.g., motivation, technical capability, organizational structure, sensitivities).

Skill
4134

Skill in identifying intelligence gaps and limitations.

Skill
4160

Skill in interpreting traceroute results, as they apply to network analysis and reconstruction.

Skill
4164

Skill in identifying language issues that may have an impact on organization objectives.

Skill
4166

Knowledge of computer programming concepts, including computer languages, programming, testing, debugging, and file types.

Knowledge