Cyber Instructor

Develops and conducts training or education of personnel within cyber domain.

Below are the Knowledge, Skills, Abilities and Tasks identified as being required to perform this work role.

Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
K0003Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
K0004Knowledge of cybersecurity and privacy principles.
K0005Knowledge of cyber threats and vulnerabilities.
K0006Knowledge of specific operational impacts of cybersecurity lapses.
K0007Knowledge of authentication, authorization, and access control methods.
K0059Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
K0115Knowledge that technology that can be exploited.
K0124Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain.
K0130Knowledge of virtualization technologies and virtual machine development and maintenance.
K0146Knowledge of the organization’s core business/mission processes.
K0147Knowledge of emerging security issues, risks, and vulnerabilities.
K0204Knowledge of learning assessment techniques (rubrics, evaluation plans, tests, quizzes).
K0208Knowledge of computer based training and e-learning services.
K0213Knowledge of instructional design and evaluation models (e.g., ADDIE, Smith/Ragan model, Gagne??s Events of Instruction, Kirkpatrick??s model of evaluation).
K0215Knowledge of organizational training policies.
K0216Knowledge of learning levels (i.e., Bloom??s Taxonomy of learning).
K0217Knowledge of Learning Management Systems and their use in managing learning.
K0218Knowledge of learning styles (e.g., assimilator, auditory, kinesthetic).
K0220Knowledge of modes of learning (e.g., rote learning, observation).
K0226Knowledge of organizational training systems.
K0239Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media.
K0245Knowledge of principles and processes for conducting training and education needs assessment.
K0246Knowledge of relevant concepts, procedures, software, equipment, and technology applications.
K0250Knowledge of Test & Evaluation processes for learners.
K0252Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects.
K0287Knowledge of an organization’s information classification program and procedures for information compromise.
K0313Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).
K0319Knowledge of technical delivery capabilities and their limitations.
K0628Knowledge of cyber competitions as a way of developing skills by providing hands-on experience in simulated, real-world situations.
S0001Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
S0004Skill in analyzing network traffic capacity and performance characteristics.
S0006Skill in applying confidentiality, integrity, and availability principles.
S0051Skill in the use of penetration testing tools and techniques.
S0052Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
S0053Skill in tuning sensors.
S0055Skill in using knowledge management technologies.
S0056Skill in using network management tools to analyze network traffic patterns (e.g., simple network management protocol).
S0057Skill in using protocol analyzers.
S0060Skill in writing code in a currently supported programming language (e.g., Java, C++).
S0064Skill in developing and executing technical training programs and curricula.
S0070Skill in talking to others to convey information effectively.
S0073Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).
S0075Skill in conducting forensic analyses in multiple operating system environments (e.g., mobile device systems).
S0076Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
S0081Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
S0084Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).
S0097Skill in applying security controls.
S0098WITHDRAWN: Skill in detecting host and network based intrusions via intrusion detection technologies. (See S0025)
S0100Skill in utilizing or developing learning activities (e.g., scenarios, instructional games, interactive exercises).
S0101Skill in utilizing technologies (e.g., SmartBoards, websites, computers, projectors) for instructional purposes.
S0121Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
S0131Skill in analyzing malware.
S0156Skill in performing packet-level analysis.
S0184Skill in analyzing traffic to identify network devices.
S0270Skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools.
S0271Skill in reviewing and editing assessment products.
S0281Skill in technical writing.
S0293Skill in using tools, techniques, and procedures to remotely exploit and establish persistence on a target.
S0301Skill in writing about facts and ideas in a clear, convincing, and organized manner.
S0356Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience).
S0358Skill to remain aware of evolving technical infrastructures.
A0006Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.
A0011Ability to answer questions in a clear and concise manner.
A0012Ability to ask clarifying questions.
A0013Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
A0014Ability to communicate effectively when writing.
A0015Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
A0016Ability to facilitate small group discussions.
A0017Ability to gauge learner understanding and knowledge level.
A0018Ability to prepare and present briefings.
A0019Ability to produce technical documentation.
A0020Ability to provide effective feedback to students for improving learning.
A0022Ability to apply principles of adult learning.
A0023Ability to design valid and reliable assessments.
A0024Ability to develop clear directions and instructional materials.
A0032Ability to develop curriculum for use within a virtual environment.
A0055Ability to operate common network tools (e.g., ping, traceroute, nslookup).
A0057Ability to tailor curriculum that speaks to the topic at the appropriate level for the target audience.
A0058Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).
A0063Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).
A0066Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
A0070Ability to apply critical reading/thinking skills.
A0083Ability to evaluate information for reliability, validity, and relevance.
A0089Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts??both internal and external to the organization??to leverage analytical and technical expertise.
A0105Ability to tailor technical and planning information to a customer??s level of understanding.
A0106Ability to think critically.
A0112Ability to monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.
A0114Ability to develop or procure curriculum that speaks to the topic at the appropriate level for the target.
A0118Ability to understand technology, management, and leadership issues related to organization processes and problem solving.
A0119Ability to understand the basic concepts and issues related to cyber and its organizational impact.
A0171Ability to conduct training and education needs assessment.
T0030Conduct interactive training exercises to create an effective learning environment.
T0073Develop new or identify existing awareness and training materials that are appropriate for intended audiences.
T0101Evaluate the effectiveness and comprehensiveness of existing training programs.
T0224Review training documentation (e.g., Course Content Documents [CCD], lesson plans, student texts, examinations, Schedules of Instruction [SOI], and course descriptions).
T0230Support the design and execution of exercise scenarios.
T0247Write instructional materials (e.g., standard operating procedures, production manual) to provide detailed guidance to relevant portion of the workforce.
T0316Develop or assist in the development of computer based training modules or classes.
T0317Develop or assist in the development of course assignments.
T0318Develop or assist in the development of course evaluations.
T0319Develop or assist in the development of grading and proficiency standards.
T0320Assist in the development of individual/collective development, training, and/or remediation plans.
T0321Develop or assist in the development of learning objectives and goals.
T0322Develop or assist in the development of on-the-job training materials or programs.
T0323Develop or assist in the development of written tests for measuring and assessing learner proficiency.
T0352Conduct learning needs assessments and identify requirements.
T0365Develop or assist in the development of training policies and protocols for cyber training.
T0367Develop the goals and objectives for cyber curriculum.
T0381Present technical information to technical and nontechnical audiences.
T0382Present data in creative formats.
T0395Write and publish after action reviews.
T0443Deliver training courses tailored to the audience and physical/virtual environments.
T0444Apply concepts, procedures, software, equipment, and/or technology applications to students.
T0450Design training curriculum and course content based on requirements.
T0451Participate in development of training curriculum and course content.
T0467Ensure that training meets the goals and objectives for cybersecurity training, education, or awareness.
T0519Plan and coordinate the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, multimedia presentations) for the most effective learning environment.
T0520Plan non-classroom educational techniques and formats (e.g., video courses, mentoring, web-based courses).
T0535Recommend revisions to curriculum and course content based on feedback from previous training sessions.
T0536Serve as an internal consultant and advisor in own area of expertise (e.g., technical, copyright, print media, electronic media).
T0926Develop or assist with the development of privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations.