Cyber Legal Advisor
Provides legal advice and recommendations on relevant topics related to cyber law.
Qualification Matrix
| Basic | Intermediate | Advanced | Notes | ||
|---|---|---|---|---|---|
| Foundational Qualification Options | Education | A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC | A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC | TBD | For additional information pertaining to ABET: www.abet.org or CAE: www.caecommunity.org |
| Foundational Qualification Options | OR | OR | OR | ||
| Foundational Qualification Options | DoD/Military Training | Cyber 101 | See TAB C (DCWF Training Repository) for additional course information. | ||
| Foundational Qualification Options | Commercial Training | TBD | TBD | TBD | |
| Foundational Qualification Options | OR | OR | OR | ||
| Foundational Qualification Options | Personnel Certification | Approved DoD 8140 cyber-related certification | Approved DoD 8140 cyber-related certification | Approved DoD 8140 cyber-related certification | See TAB A and TAB B for approved DoD 8140 cyber-related certifications and provider information. |
| Foundational Qualification Alternative | Experience | Conditional Alternative | Conditional Alternative | Conditional Alternative | Refer to Section 3 of the DoD 8140 Manual for more information. |
| Residential Qualification | On-the-Job Qualification | Always Required | Always Required | Always Required | Individuals must demonstrate capability to perform their duties in their resident environment. |
| Residential Qualification | Environment-Specific Requirements | Component Discretion | Component Discretion | Component Discretion | |
| Annual Maintenance | Continuous Professional Development | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. |
Core KSATs
| KSAT ID | Description | KSAT |
|---|---|---|
| 22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
| 108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
| 390A | Acquire and maintain a working knowledge of constitutional issues relevant laws, regulations, policies, agreements, standards, procedures, or other issuances. |
Task |
| 574A | Provide legal analysis and decisions to inspector generals, privacy officers, oversight and compliance personnel with regard to compliance with cybersecurity policies and relevant legal and regulatory requirements. |
Task |
| 984 | Knowledge of cyber defense policies, procedures, and regulations. |
Knowledge |
| 1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
| 1158 | * Knowledge of cybersecurity principles. |
Knowledge |
| 1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
| 6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
| 6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
| 6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
| KSAT ID | Description | KSAT |
|---|---|---|
| 24 | Knowledge of concepts and practices of processing digital forensic data. |
Knowledge |
| 88A | Knowledge of current and emerging cyber technologies. |
Knowledge |
| 252 | Knowledge of and experience in Insider Threat investigations, reporting, investigative tools and laws/regulations. |
Knowledge |
| 300A | Knowledge of intelligence principles, policies, and procedures including legal authorities and restrictions. |
Knowledge |
| 398 | Advocate organization’s official position in legal and legislative proceedings. |
Task |
| 451A | Conduct framing of pleadings to properly identify alleged violations of law, regulations, or policy/guidance. |
Task |
| 539A | Develop guidelines for implementation. |
Task |
| 599 | Evaluate contracts to ensure compliance with funding, legal, and program requirements. |
Task |
| 607 | Evaluate the effectiveness of laws, regulations, policies, standards, or procedures. |
Task |
| 612A | Evaluate the impact of changes to laws, regulations, policies, standards, or procedures. |
Task |
| 618A | Provide guidance on laws, regulations, policies, standards, or procedures to management, personnel, or clients. |
Task |
| 655A | Facilitate implementation of new or revised laws, regulations, executive orders, policies, standards, or procedures. |
Task |
| 675 | Interpret and apply laws, regulations, policies, standards, or procedures to specific issues. |
Task |
| 787A | Prepare legal and other relevant documents (e.g., depositions, briefs, affidavits, declarations, appeals, pleadings, discovery). |
Task |
| 834 | Resolve conflicts in laws, regulations, policies, standards, or procedures. |
Task |
| 954A | Knowledge of foreign disclosure policies and import/export control regulations as related to cybersecurity. |
Knowledge |
| 1070A | Ability to monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies. |
Ability |
| 6210 | Knowledge of cloud service models and possible limitations for an incident response. |
Knowledge |