OV-TEA-002 Cyber Instructor

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.

Develops and conducts training or education of personnel within cyber domain.

Knowledges 31

Code	Description	Work Roles
K0001	Knowledge of computer networking concepts and protocols, and network security methodologies.	52
K0002	Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).	52
K0003	Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.	52
K0004	Knowledge of cybersecurity and privacy principles.	52
K0005	Knowledge of cyber threats and vulnerabilities.	52
K0006	Knowledge of specific operational impacts of cybersecurity lapses.	52
K0007	Knowledge of authentication, authorization, and access control methods.	4
K0059	Knowledge of new and emerging information technology (IT) and cybersecurity technologies.	12
K0115	Knowledge that technology that can be exploited.	1
K0124	Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain.	2
K0130	Knowledge of virtualization technologies and virtual machine development and maintenance.	2
K0146	Knowledge of the organization's core business/mission processes.	10
K0147	Knowledge of emerging security issues, risks, and vulnerabilities.	4
K0204	Knowledge of learning assessment techniques (rubrics, evaluation plans, tests, quizzes).	3
K0208	Knowledge of computer based training and e-learning services.	2
K0213	Knowledge of instructional design and evaluation models (e.g., ADDIE, Smith/Ragan model, Gagne’s Events of Instruction, Kirkpatrick’s model of evaluation).	2
K0215	Knowledge of organizational training policies.	2
K0216	Knowledge of learning levels (i.e., Bloom’s Taxonomy of learning).	2
K0217	Knowledge of Learning Management Systems and their use in managing learning.	2
K0218	Knowledge of learning styles (e.g., assimilator, auditory, kinesthetic).	1
K0220	Knowledge of modes of learning (e.g., rote learning, observation).	2
K0226	Knowledge of organizational training systems.	1
K0239	Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media.	2
K0245	Knowledge of principles and processes for conducting training and education needs assessment.	2
K0246	Knowledge of relevant concepts, procedures, software, equipment, and technology applications.	2
K0250	Knowledge of Test & Evaluation processes for learners.	3
K0252	Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects.	2
K0287	Knowledge of an organization's information classification program and procedures for information compromise.	18
K0313	Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).	3
K0319	Knowledge of technical delivery capabilities and their limitations.	1
K0628	Knowledge of cyber competitions as a way of developing skills by providing hands-on experience in simulated, real-world situations.	3

Skills 32

Code	Description	Work Roles
S0001	Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.	6
S0004	Skill in analyzing network traffic capacity and performance characteristics.	2
S0006	Skill in applying confidentiality, integrity, and availability principles.	3
S0051	Skill in the use of penetration testing tools and techniques.	2
S0052	Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).	2
S0053	Skill in tuning sensors.	2
S0055	Skill in using knowledge management technologies.	2
S0056	Skill in using network management tools to analyze network traffic patterns (e.g., simple network management protocol).	2
S0057	Skill in using protocol analyzers.	2
S0060	Skill in writing code in a currently supported programming language (e.g., Java, C++).	7
S0064	Skill in developing and executing technical training programs and curricula.	2
S0070	Skill in talking to others to convey information effectively.	2
S0073	Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).	5
S0075	Skill in conducting forensic analyses in multiple operating system environments (e.g., mobile device systems).	3
S0076	Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).	3
S0081	Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).	2
S0084	Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).	2
S0097	Skill in applying security controls.	3
S0098	WITHDRAWN: Skill in detecting host and network based intrusions via intrusion detection technologies. (See S0025)	1
S0100	Skill in utilizing or developing learning activities (e.g., scenarios, instructional games, interactive exercises).	2
S0101	Skill in utilizing technologies (e.g., SmartBoards, websites, computers, projectors) for instructional purposes.	1
S0121	Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).	2
S0131	Skill in analyzing malware.	2
S0156	Skill in performing packet-level analysis.	3
S0184	Skill in analyzing traffic to identify network devices.	4
S0270	Skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools.	2
S0271	Skill in reviewing and editing assessment products.	3
S0281	Skill in technical writing.	3
S0293	Skill in using tools, techniques, and procedures to remotely exploit and establish persistence on a target.	2
S0301	Skill in writing about facts and ideas in a clear, convincing, and organized manner.	2
S0356	Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience).	4
S0358	Skill to remain aware of evolving technical infrastructures.	2

Abilities 30

Code	Description	Work Roles
A0006	Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.	1
A0011	Ability to answer questions in a clear and concise manner.	2
A0012	Ability to ask clarifying questions.	3
A0013	Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.	14
A0014	Ability to communicate effectively when writing.	3
A0015	Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.	8
A0016	Ability to facilitate small group discussions.	2
A0017	Ability to gauge learner understanding and knowledge level.	1
A0018	Ability to prepare and present briefings.	4
A0019	Ability to produce technical documentation.	5
A0020	Ability to provide effective feedback to students for improving learning.	1
A0022	Ability to apply principles of adult learning.	2
A0023	Ability to design valid and reliable assessments.	3
A0024	Ability to develop clear directions and instructional materials.	3
A0032	Ability to develop curriculum for use within a virtual environment.	2
A0055	Ability to operate common network tools (e.g., ping, traceroute, nslookup).	4
A0057	Ability to tailor curriculum that speaks to the topic at the appropriate level for the target audience.	3
A0058	Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).	3
A0063	Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).	3
A0066	Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.	12
A0070	Ability to apply critical reading/thinking skills.	9
A0083	Ability to evaluate information for reliability, validity, and relevance.	6
A0089	Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.	13
A0105	Ability to tailor technical and planning information to a customer’s level of understanding.	7
A0106	Ability to think critically.	9
A0112	Ability to monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.	4
A0114	Ability to develop or procure curriculum that speaks to the topic at the appropriate level for the target.	4
A0118	Ability to understand technology, management, and leadership issues related to organization processes and problem solving.	5
A0119	Ability to understand the basic concepts and issues related to cyber and its organizational impact.	7
A0171	Ability to conduct training and education needs assessment.	2

Tasks 30

Code	Description	Work Roles
T0316	Develop or assist in the development of computer based training modules or classes.	1
T0317	Develop or assist in the development of course assignments.	1
T0318	Develop or assist in the development of course evaluations.	1
T0319	Develop or assist in the development of grading and proficiency standards.	1
T0320	Assist in the development of individual/collective development, training, and/or remediation plans.	1
T0321	Develop or assist in the development of learning objectives and goals.	1
T0322	Develop or assist in the development of on-the-job training materials or programs.	1
T0323	Develop or assist in the development of written tests for measuring and assessing learner proficiency.	1
T0352	Conduct learning needs assessments and identify requirements.	3
T0365	Develop or assist in the development of training policies and protocols for cyber training.	3
T0367	Develop the goals and objectives for cyber curriculum.	2
T0381	Present technical information to technical and nontechnical audiences.	3
T0382	Present data in creative formats.	2
T0395	Write and publish after action reviews.	2
T0443	Deliver training courses tailored to the audience and physical/virtual environments.	1
T0444	Apply concepts, procedures, software, equipment, and/or technology applications to students.	1
T0450	Design training curriculum and course content based on requirements.	2
T0451	Participate in development of training curriculum and course content.	2
T0467	Ensure that training meets the goals and objectives for cybersecurity training, education, or awareness.	1
T0519	Plan and coordinate the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, multimedia presentations) for the most effective learning environment.	1
T0520	Plan non-classroom educational techniques and formats (e.g., video courses, mentoring, web-based courses).	1
T0535	Recommend revisions to curriculum and course content based on feedback from previous training sessions.	1
T0536	Serve as an internal consultant and advisor in own area of expertise (e.g., technical, copyright, print media, electronic media).	3
T0030	Conduct interactive training exercises to create an effective learning environment.	1
T0073	Develop new or identify existing awareness and training materials that are appropriate for intended audiences.	1
T0101	Evaluate the effectiveness and comprehensiveness of existing training programs.	1
T0224	Review training documentation (e.g., Course Content Documents [CCD], lesson plans, student texts, examinations, Schedules of Instruction [SOI], and course descriptions).	1
T0230	Support the design and execution of exercise scenarios.	2
T0247	Write instructional materials (e.g., standard operating procedures, production manual) to provide detailed guidance to relevant portion of the workforce.	2
T0926	Develop or assist with the development of privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations.	2