Cyber Operations Planner
Develops detailed plans for the conduct or support of the applicable range of cyber operations through collaboration with other planners, operators and/or analysts. Participates in targeting selection, validation, synchronization, and enables integration during the execution of cyber actions.
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
KSA |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
264 | Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). |
Knowledge |
270 | Knowledge of common adversary tactics, techniques, and procedures in assigned area of responsibility (i.e., historical country-specific tactics, techniques, and procedures; emerging capabilities). |
Knowledge |
2009 | Provide input to the analysis, design, development or acquisition of capabilities used for meeting objectives. |
Task |
2052 | Assess target vulnerabilities and/or operational capabilities to determine course of action. |
Task |
2058 | Assist and advise inter-agency partners in identifying and developing best practices for facilitating operational support to achievement of organization objectives. |
Task |
2073 | Provide input to the identification of cyber-related success criteria. |
Task |
2130 | Develop, review and implement all levels of planning guidance in support of cyber operations. |
Task |
2159 | Contribute to crisis action planning for cyber operations. |
Task |
2160 | Contribute to the development of the organization’s decision support tools if necessary. |
Task |
2186 | Coordinate, produce and track intelligence requirements. |
Task |
2237 | Determine indicators (e.g., measures of effectiveness) that are best suited to specific cyber operation objectives. |
Task |
2265 | Develop and maintain deliberate and/or crisis plans. |
Task |
2266 | Develop and review specific cyber operations guidance for integration into broader planning activities. |
Task |
2272 | Develop cyber operations plans and guidance to ensure that execution and resource allocation decisions align with organization objectives. |
Task |
2327 | Develop, implement, and recommend changes to appropriate planning procedures and policies. |
Task |
2365 | Ensure operational planning efforts are effectively transitioned to current operations. |
Task |
2368 | Ensure that intelligence planning activities are integrated and synchronized with operational planning timelines. |
Task |
2386 | Evaluate intelligence estimates to support the planning cycle. |
Task |
2417 | Facilitate the sharing of ābest practicesā and ālessons learnedā throughout the cyber operations community. |
Task |
2424 | Incorporate cyber operations and communications security support plans into organization objectives. |
Task |
2425 | Incorporate intelligence and counterintelligence to support plan development. |
Task |
2446 | Identify and submit intelligence requirements for the purposes of designating priority information requirements. |
Task |
2459 | Identify intelligence gaps and shortfalls. |
Task |
2459A | Identify cyber intelligence gaps and shortfalls. |
Task |
2509 | Provide input to or develop courses of action based on threat factors. |
Task |
2524 | Integrate cyber planning/targeting efforts with other organizations. |
Task |
2528 | Interpret environment preparations assessments to determine a course of action. |
Task |
2529 | Issue requests for information. |
Task |
2531 | Knowledge of organizational planning concepts. |
Knowledge |
2558 | Maintain relationships with internal and external partners involved in cyber planning or related areas. |
Task |
2561 | Maintain situational awareness of cyber-related intelligence requirements and associated tasking. |
Task |
2562 | Maintain situational awareness of partner capabilities and activities. |
Task |
2590 | Monitor and evaluate integrated cyber operations to identify opportunities to meet organization objectives. |
Task |
2621 | Provide SME and support to planning/developmental forums and working groups as appropriate. |
Task |
2624 | Conduct long-range, strategic planning efforts with internal and external partners in cyber activities. |
Task |
2626 | Provide subject matter expertise to planning efforts with internal and external cyber operations partners. |
Task |
2628 | Participate in exercises. |
Task |
2752 | Provide input to the administrative and logistical elements of an operational support plan. |
Task |
2770 | Provide time sensitive targeting support. |
Task |
2806 | Review and comprehend organizational leadership objectives and guidance for planning. |
Task |
2837 | Submit or respond to requests for deconfliction of cyber operations. |
Task |
2888 | Document lessons learned that convey the results of events and/or exercises. |
Task |
3001 | Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. |
Ability |
3011 | Ability to apply critical reading/thinking skills. |
Ability |
3021 | Ability to collaborate effectively with others. |
Ability |
3022 | Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. |
Ability |
3033 | Ability to coordinate cyber operations with other organization functions or support activities. |
Ability |
3044 | Ability to exercise judgment when policies are not well-defined. |
Ability |
3054 | Ability to identify external partners with common cyber operations interests. |
Ability |
3076 | Ability to tailor technical and planning information to a customerās level of understanding. |
Ability |
3098 | Knowledge of virtualization products (Vmware, Virtual PC). |
Knowledge |
3106 | Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless). |
Knowledge |
3114 | Knowledge of all forms of intelligence support needs, topics, and focus areas. |
Knowledge |
3146 | Knowledge of both internal and external customers and partner organizations, including information needs, objectives, structure, capabilities, etc. |
Knowledge |
3154 | Knowledge of classification and control markings standards, policies and procedures. |
Knowledge |
3159 | Knowledge of cyber operations support or enabling processes. |
Knowledge |
3194 | Knowledge of crisis action planning and time sensitive planning procedures. |
Knowledge |
3211 | Knowledge of cyber laws and legal considerations and their effect on cyber planning. |
Knowledge |
3218 | Knowledge of cyber operations terminology/lexicon. |
Knowledge |
3219 | Knowledge of cyber operations. |
Knowledge |
3225 | Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media). |
Knowledge |
3235 | Knowledge of deconfliction processes and procedures. |
Knowledge |
3257 | Knowledge of target and threat organization structures, critical capabilities, and critical vulnerabilities. |
Knowledge |
3262 | Knowledge of evolving/emerging communications technologies. |
Knowledge |
3264 | Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization. |
Knowledge |
3268 | Knowledge of staff management, assignment, and allocation processes. |
Knowledge |
3271 | Knowledge of internal and external partner cyber operations capabilities and tools. |
Knowledge |
3287 | Knowledge of how collection requirements and information needs are translated, tracked, and prioritized across the extended enterprise. |
Knowledge |
3293 | Knowledge of how modern wireless communications systems impact cyber operations. |
Knowledge |
3338 | Knowledge of intelligence reporting principles, policies, procedures, and vehicles, including report formats, reportability criteria (requirements and priorities), dissemination practices, and legal authorities and restrictions. |
Knowledge |
3342 | Knowledge of intelligence support to planning, execution, and assessment. |
Knowledge |
3356 | Knowledge of organization policies and planning concepts for partnering with internal and/or external organizations. |
Knowledge |
3358 | Knowledge of organizational hierarchy and cyber decision making processes. |
Knowledge |
3374 | Knowledge of malware. |
Knowledge |
3391 | Knowledge of objectives, situation, operational environment, and the status and disposition of internal and external partner collection capabilities available to support planning. |
Knowledge |
3419 | Knowledge of organization or partner exploitation of digital networks. |
Knowledge |
3441 | Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. |
Knowledge |
3463 | Knowledge of required intelligence planning products associated with cyber operational planning. |
Knowledge |
3489 | Knowledge of organizational structures and associated intelligence capabilities. |
Knowledge |
3571 | Knowledge of the organizational planning and staffing process. |
Knowledge |
3572 | Knowledge of organization decision support tools and/or methods. |
Knowledge |
3582 | Knowledge of the intelligence frameworks, processes, and related systems. |
Knowledge |
3585 | Knowledge of accepted organization planning systems. |
Knowledge |
3605 | Knowledge of the information environment. |
Knowledge |
3607 | Knowledge of the processes to synchronize operational assessment procedures with the critical information requirement process. |
Knowledge |
3610 | Knowledge of the relationships between end states, objectives, effects, lines of operation, etc. |
Knowledge |
3615 | Knowledge of the structure and intent of organization specific plans, guidance and authorizations. |
Knowledge |
3616 | Knowledge of the structure, architecture, and design of modern digital and telephony networks. |
Knowledge |
3638 | Knowledge of organization issues, objectives, and operations in cyber as well as regulations and policy directives governing cyber operations. |
Knowledge |
3665 | Skill in administrative planning activities, to include preparation of functional and specific support plans, preparing and managing correspondence, and staffing procedures. |
Skill |
3766 | Skill in documenting and communicating complex technical and programmatic information. |
Skill |
3772 | Skill in evaluating information for reliability, validity, and relevance. |
Skill |
3844 | Skill in preparing and presenting briefings. |
Skill |
3976 | Skill to apply the process used to assess the performance and impact of cyber operations. |
Skill |
3998 | Skill to craft indicators of operational progress/success. |
Skill |
4008 | Skill to distinguish between notional and actual resources and their applicability to the plan under development. |
Skill |
4058 | Skill to synchronize operational assessment procedures with the critical information requirement process. |
Skill |
4106 | Knowledge of analytic tools and techniques. |
Knowledge |
4451 | Knowledge of the full-spectrum of cyberspace operational missions (e.g., DODIN Operations, DCO, OCO), principles, capabilities, limitations, and effects. |
KSA |
4471 | Knowledge of intelligence/SIGINT reporting and dissemination procedures. |
KSA |
8069 | Develop cyberspace operations TTPs for integration into operational and tactical levels of planning. |
Task |