Develops detailed intelligence plans to satisfy cyber operations requirements. Collaborates with cyber operations planners to identify, validate, and levy requirements for collection and analysis. Participates in targeting selection, validation, synchronization, and execution of cyber actions. Synchronizes intelligence activities to support organization objectives in cyberspace.
NICE Work Role ID:
OPM Code | DCWF Code:
Cyber Intel Planner (CO204-RBT)
Cybersecurity Hunt (CO280)
ID & Description
- K0001 – Knowledge of computer networking concepts and protocols, and network security methodologies.
- K0002 – Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- K0003 – Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- K0004 – Knowledge of cybersecurity and privacy principles.
- K0005 – Knowledge of cyber threats and vulnerabilities.
- K0006 – Knowledge of specific operational impacts of cybersecurity lapses.
- K0036 – Knowledge of human-computer interaction principles.
- K0108 – Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).
- K0109 – Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
- K0120 – Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
- K0347 – Knowledge and understanding of operational design.
- K0349 – Knowledge of website types, administration, functions, and content management system (CMS).
- K0350 – Knowledge of accepted organization planning systems.
- K0352 – Knowledge of forms of intelligence support needs, topics, and focus areas.
- K0355 – Knowledge of all-source reporting and dissemination procedures.
- K0358 – Knowledge of analytical standards and the purpose of intelligence confidence levels.
- K0362 – Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
- K0377 – Knowledge of classification and control markings standards, policies and procedures.
- K0379 – Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc.
- K0392 – Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
- K0395 – Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
- K0399 – Knowledge of crisis action planning and time sensitive planning procedures.
- K0400 – Knowledge of crisis action planning for cyber operations.
- K0403 – Knowledge of cryptologic capabilities, limitations, and contributions to cyber operations.
- K0405 – Knowledge of current computer-based intrusion sets.
- K0408 – Knowledge of cyber actions (i.e. cyber defense, information gathering, environment preparation, cyber-attack) principles, capabilities, limitations, and effects.
- K0411 – Knowledge of cyber laws and legal considerations and their effect on cyber planning.
- K0414 – Knowledge of cyber operations support or enabling processes.
- K0417 – Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
- K0422 – Knowledge of deconfliction processes and procedures.
- K0427 – Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
- K0431 – Knowledge of evolving/emerging communications technologies.
- K0435 – Knowledge of fundamental cyber concepts, principles, limitations, and effects.
- K0436 – Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
- K0440 – Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability.
- K0444 – Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
- K0445 – Knowledge of how modern digital and telephony networks impact cyber operations.
- K0446 – Knowledge of how modern wireless communications systems impact cyber operations.
- K0455 – Knowledge of information security concepts, facilitating technologies and methods.
- K0456 – Knowledge of intelligence capabilities and limitations.
- K0459 – Knowledge of intelligence employment requirements (i.e., logistical, communications support, maneuverability, legal restrictions, etc.).
- K0460 – Knowledge of intelligence preparation of the environment and similar processes.
- K0463 – Knowledge of intelligence requirements tasking systems.
- K0464 – Knowledge of intelligence support to planning, execution, and assessment.
- K0465 – Knowledge of internal and external partner cyber operations capabilities and tools.
- K0471 – Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
- K0480 – Knowledge of malware.
- K0494 – Knowledge of objectives, situation, operational environment, and the status and disposition of internal and external partner collection capabilities available to support planning.
- K0499 – Knowledge of operations security.
- K0501 – Knowledge of organization cyber operations programs, strategies, and resources.
- K0502 – Knowledge of organization decision support tools and/or methods.
- K0504 – Knowledge of organization issues, objectives, and operations in cyber as well as regulations and policy directives governing cyber operations.
- K0506 – Knowledge of organization objectives, leadership priorities, and decision-making risks.
- K0507 – Knowledge of organization or partner exploitation of digital networks.
- K0508 – Knowledge of organization policies and planning concepts for partnering with internal and/or external organizations.
- K0511 –