Target Developer

Target Developer Work Role ID: 131 (NIST: AN-TD-001) Workforce Element: Cyberspace Effects

Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.


Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
1056

Knowledge of operations security.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
2001

Accurately characterize targets.

Task
2076

Build and maintain electronic target folders.

Task
2087

Collaborate with intelligence analysts/targeting organizations involved in related areas.

Task
2089

Collaborate with other customer, Intelligence and targeting organizations involved in related cyber areas.

Task
2121

Conduct nodal analysis.

Task
2134

Conduct target research and analysis.

Task
2170

Coordinate target vetting with appropriate partners.

Task
2249

Develop all-source intelligence targeting materials.

Task
2289

Develop measures of effectiveness and measures of performance.

Task
2429

Generate requests for information.

Task
2458

Identify critical target elements.

Task
2728

Provide aim point and re-engagement recommendations.

Task
2768

Provide targeting products and targeting support as designated.

Task
2770

Provide time sensitive targeting support.

Task
2779

Review appropriate information sources to determine validity and relevance of information gathered.

Task
2818

Sanitize and minimize information to protect sources and methods.

Task
2840

Support identification and documentation of collateral effects.

Task
2882

Work closely with planners, analysts, and collection managers to identify intelligence gaps and ensure intelligence requirements are accurate and up-to-date.

Task
3001

Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.

Ability
3002

Ability to focus research efforts to meet the customer’s decision-making needs.

Ability
3020

Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information.

Ability
3022

Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Ability
3039

Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.

Ability
3043

Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.

Ability
3044

Ability to exercise judgment when policies are not well-defined.

Ability
3047

Ability to function effectively in a dynamic, fast-paced environment.

Ability
3048

Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—in order to leverage analytical and technical expertise.

Ability
3052

Ability to identify intelligence gaps.

Ability
3073

Ability to recognize and mitigate cognitive biases which may affect analysis.

Ability
3074

Ability to recognize and mitigate deception in reporting and analysis.

Ability
3077

Ability to think critically.

Ability
3078

Knowledge of target methods and procedures.

Knowledge
3081

Ability to utilize multiple intelligence sources across all intelligence disciplines.

Ability
3106

Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless).

Knowledge
3161

Knowledge of collateral damage and estimating impact(s).

Knowledge
3197

Knowledge of criticality and vulnerability factors (e.g., value, recuperation, cushion, countermeasures) for target selection and applicability to the cyber domain.

Knowledge
3250

Knowledge of dynamic and deliberate targeting.

Knowledge
3271

Knowledge of internal and external partner cyber operations capabilities and tools.

Knowledge
3281

Knowledge of governing authorities for targeting.

Knowledge
3334

Knowledge of intelligence confidence levels.

Knowledge
3335

Knowledge of intelligence disciplines.

Knowledge
3342

Knowledge of intelligence support to planning, execution, and assessment.

Knowledge
3368

Knowledge of legal considerations in targeting.

Knowledge
3504

Knowledge of threat and/or target systems.

Knowledge
3527

Knowledge of target development (i.e., concepts, roles, responsibilities, products, etc.).

Knowledge
3528

Knowledge of specific target identifiers, and their usage.

Knowledge
3530

Knowledge of target list development (i.e. RTL, JTL, CTL, etc.).

Knowledge
3533

Knowledge of target vetting and validation procedures.

Knowledge
3584

Knowledge of intelligence preparation of the environment and similar processes.

Knowledge
3587

Knowledge of targeting cycles.

Knowledge
3691

Skill in assessing and/or estimating effects generated during and after cyber operations.

Skill
3788

Skill in identifying alternative analytical interpretations in order to minimize unanticipated outcomes.

Skill
3793

Skill in identifying critical target elements, to include critical target elements for the cyber domain.

Skill
3842

Skill in performing target system analysis.

Skill
3844

Skill in preparing and presenting briefings.

Skill
3851

Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.

Skill
3880

Skill in reviewing and editing target materials.

Skill
3885

Skill in fusion analysis

Skill
3893

Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).

Skill
3907

Skill in using targeting databases and software packages.

Skill
3910

Skill in using Boolean operators to construct simple and complex queries.

Skill
3920

Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).

Skill
3938

Skill in utilizing feedback in order to improve processes, products, and services.

Skill
3946

Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).

Skill
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
52

Knowledge of human-computer interaction principles.

Knowledge
87

Knowledge of network traffic analysis methods.

Knowledge
264

Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).

Knowledge
912

Knowledge of collection management processes, capabilities, and limitations.

Knowledge
2059

Provide expertise to course of action development.

Task
2066

Provide expertise to the development of measures of effectiveness and measures of performance.

Task
2195

Maintain awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology.

Task
2243

Determine what technologies are used by a given target.

Task
2292

Develop munitions effectiveness assessment or operational assessment materials.

Task
2378

Estimate operational effects generated through cyber activities.

Task
2382

Evaluate available capabilities against desired effects in order to recommend efficient solutions.

Task
2441

Identify and evaluate threat critical capabilities, requirements, and vulnerabilities.

Task
2515

Initiate requests to guide tasking and assist with collection management.

Task
2565

Maintain target lists (i.e., RTL, JTL, CTL, etc.).

Task
2677

Perform targeting automation activities.

Task
2685

Develop website characterizations.

Task
2716

Produce target system analysis products.

Task
2730

Provide analyses and support for effectiveness assessment.

Task
2749

Provide input for targeting effectiveness assessments for leadership acceptance.

Task
2760

Provide operations and re-engagement recommendations.

Task
2767

Provide target recommendations which meet leadership objectives.

Task
3095

Knowledge of internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).

Knowledge
3107

Knowledge of a wide range of concepts associated with websites (e.g., website types, administration, functions, software systems, etc.).

Knowledge
3129

Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).

Knowledge
3137

Knowledge of basic malicious activity concepts (e.g., foot printing, scanning and enumeration).

Knowledge
3155

Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc.

Knowledge
3158

Knowledge of cyber operation objectives, policies, and legalities.

Knowledge
3173

Knowledge of operational effectiveness assessment.

Knowledge
3177

Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).

Knowledge
3188

Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).

Knowledge
3225

Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).

Knowledge
3253

Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).

Knowledge
3262

Knowledge of evolving/emerging communications technologies.

Knowledge
3274

Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber attack, cyber defense), principles, capabilities, limitations, and effects.

Knowledge
3277

Knowledge of general SCADA system components.

Knowledge
3286

Knowledge of host-based security products and how they affect exploitation and vulnerability.

Knowledge
3291

Knowledge of how internet applications work (SMTP email, web-based email, chat clients, VOIP).

Knowledge
3292

Knowledge of how modern digital and telephony networks impact cyber operations.

Knowledge
3293

Knowledge of how modern wireless communications systems impact cyber operations.

Knowledge
3298

Knowledge of how to extract, analyze, and use metadata.

Knowledge
3337

Knowledge of intelligence production processes.

Knowledge
3343

Knowledge of cyber intelligence/information collection capabilities and repositories.

Knowledge
3349

Knowledge of intrusion sets.

Knowledge
3367

Knowledge of all applicable statutes, laws, regulations and policies governing cyber targeting and exploitation.

Knowledge
3372

Knowledge of malware analysis and characteristics.

Knowledge
3419

Knowledge of organization or partner exploitation of digital networks.

Knowledge
3441

Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.

Knowledge
3446

Knowledge of analytical constructs and their use in assessing the operational environment.

Knowledge
3529

Knowledge of target estimated repair and recuperation times.

Knowledge
3535

Knowledge of TCP/IP networking protocols.

Knowledge
3539

Knowledge of telecommunications fundamentals.

Knowledge
3543

Knowledge of the basic structure, architecture, and design of modern communication networks.

Knowledge
3545

Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).

Knowledge
3561

Knowledge of the common networking and routing protocols(e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Knowledge
3593

Knowledge of internal and external partner intelligence processes and the development of information requirements and essential information.

Knowledge
3615

Knowledge of the structure and intent of organization specific plans, guidance and authorizations.

Knowledge
3630

Knowledge of the ways in which targets or threats use the Internet.

Knowledge
3659

Knowledge of wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems.

Knowledge
3689

Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses).

Skill
3699

Skill in conducting research using deep web.

Skill
3704

Skill in conducting non-attributable research.

Skill
3724

Skill in defining and characterizing all pertinent aspects of the operational environment.

Skill
3737

Skill in determining appropriate targeting options through the evaluation of available capabilities against desired effects.

Skill
3742

Skill in determining the physical location of network devices.

Skill
3770

Skill in evaluating available capabilities against desired effects in order to provide effective courses of action.

Skill
3772

Skill in evaluating information for reliability, validity, and relevance.

Skill
3794

Skill in identifying cyber threats which may jeopardize organization and/or partner interests.

Skill
3915

Skill in using geospatial data and applying geospatial resources.

Skill
3921

Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.

Skill
3953

Skill in writing effectiveness reports.

Skill