Cyber Intel Planner Job Profile

What is a Cyber Intel Planner?

The Cyber Intel Planner develops detailed intelligence plans to satisfy cyber operations requirements. Collaborates with cyber operations planners to identify, validate, and levy requirements for collection and analysis. Participates in targeting selection, validation, synchronization, and execution of cyber actions. Synchronizes intelligence activities to support organization objectives in cyberspace.

Cyber Intel Planner must know

  • computer networking concepts and protocols, and network security methodologies.
  • risk management processes (e.g., methods for assessing and mitigating risk).
  • laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • cybersecurity and privacy principles.
  • cyber threats and vulnerabilities.
  • specific operational impacts of cybersecurity lapses.
  • human-computer interaction principles.
  • concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).
  • physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
  • how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
  • understanding of operational design.
  • website types, administration, functions, and content management system (CMS).
  • accepted organization planning systems.
  • forms of intelligence support needs, topics, and focus areas.
  • all-source reporting and dissemination procedures.
  • analytical standards and the purpose of intelligence confidence levels.
  • attack methods and techniques (DDoS, brute force, spoofing, etc.).
  • classification and control markings standards, policies and procedures.
  • client organizations, including information needs, objectives, structure, capabilities, etc.
  • common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
  • computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
  • crisis action planning and time sensitive planning procedures.
  • crisis action planning for cyber operations.
  • cryptologic capabilities, limitations, and contributions to cyber operations.
  • current computer-based intrusion sets.
  • cyber actions (i.e. cyber defense, information gathering, environment preparation, cyber-attack) principles, capabilities, limitations, and effects.
  • cyber laws and legal considerations and their effect on cyber planning.
  • cyber operations support or enabling processes.
  • data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
  • deconfliction processes and procedures.
  • encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
  • evolving/emerging communications technologies.
  • existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization.
  • fundamental cyber concepts, principles, limitations, and effects.
  • fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
  • host-based security products and how those products affect exploitation and reduce vulnerability.
  • how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
  • how modern digital and telephony networks impact cyber operations.
  • how modern wireless communications systems impact cyber operations.
  • information security concepts, facilitating technologies and methods.
  • intelligence capabilities and limitations.
  • intelligence employment requirements (i.e., logistical, communications support, maneuverability, legal restrictions, etc.).
  • intelligence preparation of the environment and similar processes.
  • intelligence requirements tasking systems.
  • intelligence support to planning, execution, and assessment.
  • internal and external partner cyber operations capabilities and tools.
  • Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
  • malware.
  • objectives, situation, operational environment, and the status and disposition of internal and external partner collection capabilities available to support planning.
  • operations security.
  • organization cyber operations programs, strategies, and resources.
  • organization decision support tools and/or methods.
  • organization issues, objectives, and operations in cyber as well as regulations and policy directives governing cyber operations.
  • organization objectives, leadership priorities, and decision-making risks.
  • organization or partner exploitation of digital networks.
  • organization policies and planning concepts for partnering with internal and/or external organizations.
  • organizational hierarchy and cyber decision-making processes.
  • organizational planning concepts.
  • organizational structures and associated intelligence capabilities.
  • post implementation review (PIR) approval process.
  • planning activity initiation.
  • planning timelines adaptive, crisis action, and time-sensitive planning.
  • required intelligence planning products associated with cyber operational planning.
  • target and threat organization structures, critical capabilities, and critical vulnerabilities
  • telecommunications fundamentals.
  • the basic structure, architecture, and design of modern communication networks.
  • the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
  • the critical information requirements and how they’re used in planning.
  • the functions and capabilities of internal teams that emulate threat activities to benefit the organization.
  • the impacts of internal and external partner staffing estimates.
  • the intelligence frameworks, processes, and related systems.
  • the intelligence requirements development and request for information processes.
  • the organizational planning and staffing process.
  • the organizational structure as it pertains to full spectrum cyber operations, including the functions, responsibilities, and interrelationships among distinct internal elements.
  • the outputs of course of action and exercise analysis.
  • the process used to assess the performance and impact of operations.
  • the processes to synchronize operational assessment procedures with the critical information requirement process.
  • the production responsibilities and organic analysis and production capabilities.
  • the range of cyber operations and their underlying intelligence support needs, topics, and focus areas.
  • the relationships between end states, objectives, effects, lines of operation, etc.
  • the relationships of operational objectives, intelligence requirements, and intelligence production tasks.
  • the structure and intent of organization specific plans, guidance and authorizations.
  • the structure, architecture, and design of modern digital and telephony networks.
  • collection disciplines and capabilities.
  • the ways in which targets or threats use the Internet.
  • virtualization products (VMware, Virtual PC).
  • what constitutes a “threat” to a network.
  • wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems.

Key skills of the Cyber Intel Planner include:

  • defining and characterizing all pertinent aspects of the operational environment.
  • preparing and presenting briefings.
  • tailoring analysis to the necessary levels (e.g., classification and organizational).
  • utilizing feedback to improve processes, products, and services.
  • utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
  • administrative planning activities, to include preparation of functional and specific support plans, preparing and managing correspondence, and staffing procedures.
  • applying analytical methods typically employed to support planning and to justify recommended strategies and courses of action.
  • applying crisis planning procedures.
  • documenting and communicating complex technical and programmatic information.
  • preparing plans and related correspondence.
  • reviewing and editing intelligence products from various sources for cyber operations.
  • reviewing and editing plans.
  • analyze strategic guidance for issues requiring clarification and/or additional guidance.
  • analyze target or threat sources of strength and morale.
  • anticipate intelligence capability employment requirements.
  • anticipate key target or threat activities which are likely to prompt a leadership decision.
  • apply analytical standards to evaluate intelligence products.
  • apply the process used to assess the performance and impact of cyber operations.
  • articulate intelligence capabilities available to support execution of the plan.
  • articulate the needs of joint planners to all-source analysts.
  • conceptualize the entirety of the intelligence process in the multiple domains and dimensions.
  • convert intelligence requirements into intelligence production tasks.
  • coordinate the development of tailored intelligence products.
  • correlate intelligence priorities to the allocation of intelligence resources/assets.
  • craft indicators of operational progress/success.
  • create and maintain up-to-date planning documents and tracking of services/production.
  • express orally and in writing the relationship between intelligence capability limitations and decision-making risk and impacts on the overall operation.
  • graphically depict decision support materials containing intelligence and partner capability estimates.
  • interpret planning guidance to discern level of analytical support required.
  • monitor target or threat situation and environmental factors.
  • monitor threat effects to partner capabilities and maintain a running estimate.
  • orchestrate intelligence planning teams, coordinate collection and production support, and monitor status.
  • relate intelligence resources/assets to anticipated intelligence requirements.
  • synchronize planning activities and required intelligence support.
  • analyze and assess internal and external partner cyber operations capabilities and tools.

Cyber Intel Planner must be able to

  • communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • accurately and completely source all data used in intelligence, assessment and/or planning products.
  • apply critical reading/thinking skills.
  • function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
  • exercise judgment when policies are not well-defined.
  • effectively collaborate via virtual teams.
  • collaborate effectively with others.
  • adjust to and operate in a diverse, unpredictable, challenging, and fast-paced work environment.
  • apply approved planning development and staffing processes.
  • coordinate cyber operations with other organization functions or support activities.
  • develop or recommend planning solutions to problems and situations for which no precedent exists.
  • identify external partners with common cyber operations interests.
  • interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
  • interpret and understand complex and rapidly evolving concepts.
  • participate as a member of planning teams, coordination groups, and task forces as necessary.
  • tailor technical and planning information to a customer’s level of understanding.
  • translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel