Performs highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

Threat Analysis (TWA)

Threat Analysis identifies and assesses the capabilities and activities of cybersecurity criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities
  • Work Role Definition

    Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments.

    Recommended SANS Training & GIAC Certification:

Exploitation Analysis (EXP)

Exploitation Analysis analyzes collected information to identify vulnerabilities and potential for exploitation.

All-Source Analysis (ASA)

All-Source Analysis analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.
  • Work Role Definition

    Analyzes data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.

    Recommended SANS Training & GIAC Certification

  • Work Role Definition

    Develops assessment plans and measures of performance/effectiveness. Conducts strategic and operational effectiveness assessments as required for cyber events. Determines whether systems performed as expected and provides input to the determination of operational effectiveness.

    Recommended SANS Training & GIAC Certification:

Targets (TGT)

Targets applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.

Language Analysis (LNG)

Language Analysis applies language, cultural, and technical expertise to support information collection, analysis, and other cybersecurity activities.
  • Work Role Definition

    Applies language and culture expertise with target/threat and technical knowledge to process, analyze, and/or disseminate intelligence information derived from language, voice and/or graphic material. Creates, and maintains language specific databases and working aids to support cyber action execution and ensure critical knowledge sharing. Provides subject matter expertise in foreign language-intensive or interdisciplinary projects.