Abilities Categories/Specialty Areas Work Roles Tasks Skills Knowledge Abilities Keyword Search Abilities Ability ID Select Ability IDA0001A0002A0003A0004A0005A0006A0007A0008A0009A0010A0011A0012A0013A0014A0015A0016A0017A0018A0019A0020A0021A0022A0023A0024A0025A0026A0027A0028A0029A0030A0031A0032A0033A0034A0035A0036A0037A0038A0039A0040A0041A0042A0043A0044A0045A0046A0047A0048A0049A0050A0051A0052A0053A0054A0055A0056A0057A0058A0059A0060A0061A0062A0063A0064A0065A0066A0067A0068A0069A0070A0071A0072A0073A0074A0076A0077A0078A0079A0080A0081A0082A0083A0084A0085A0086A0087A0088A0089A0090A0091A0092A0093A0094A0095A0096A0097A0098A0099A0100A0101A0102A0103A0104A0105A0106A0107A0108A0109A0110A0111A0112A0113A0114A0115A0116A0117A0118A0119A0120 A0121 A0122 A0123 A0125 A0128 A0129 A0130 A0148 A0149 A0154 A0158 A0159 A0160 A0161 A0162 A0163 A0164 A0165 A0166 A0167 A0168 A0170 A0171 A0172 A0174 A0175 A0176 Ability Description Select Ability DescriptionAbility to Find and navigate the dark web using the TOR network to locate markets and forums. Ability to Identify the requirements of In-Process accounting for Communications Security (COMSEC) Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.Ability to accurately define incidents, problems, and events in the trouble ticketing system.Ability to adjust to and operate in a diverse, unpredictable, challenging, and fast-paced work environment.Ability to analyze malware.Ability to analyze test data.Ability to answer questions in a clear and concise manner.Ability to apply an organization's goals and objectives to develop and maintain architecture.Ability to apply approved planning development and staffing processes.Ability to apply collaborative skills and strategies.Ability to apply critical reading/thinking skills.Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to apply language and cultural expertise to analysis.Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).Ability to apply principles of adult learning.Ability to apply programming language structures (e.g., source code review) and logic.Ability to apply secure system design tools, methods and techniques.Ability to apply supply chain risk management standards.Ability to apply system design tools, methods, and techniques, including automated systems analysis and design tools.Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.Ability to apply the Instructional System Design (ISD) methodology.Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).Ability to ask clarifying questions.Ability to assess and forecast manpower requirements to meet organizational objectives.Ability to author a privacy disclosure statement based on current laws. Ability to build architectures and frameworks.Ability to build complex data structures and high-level programming languages.Ability to clearly articulate intelligence requirements into well-formulated research questions and data tracking variables for inquiry tracking purposes.Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information.Ability to collaborate effectively with others.Ability to collect, verify, and validate test data.Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.Ability to communicate effectively when writing.Ability to conduct a comprehensive assessment of the management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine the effectiveness of the controls (i.e., the extent to which the security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). Ability to conduct and implement market research to understand government and industry capabilities and appropriate pricing.Ability to conduct forensic analyses in and for both Windows and Unix/Linux environments.Ability to conduct training and education needs assessment. Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.Ability to coordinate and collaborate with analysts regarding surveillance requirements and essential information development.Ability to coordinate cyber operations with other organization functions or support activities.Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.Ability to correctly employ each organization or element into the collection plan and matrix.Ability to decrypt digital data collections.Ability to design architectures and frameworks.Ability to design capabilities to find solutions to less common and more complex system problems. Ability to design incident response for cloud service models. Ability to design valid and reliable assessments.Ability to determine the validity of technology trend data.Ability to determine the validity of workforce trend data.Ability to determine whether a security incident violates a privacy principle or legal standard requiring specific legal action.Ability to develop career path opportunities.Ability to develop clear directions and instructional materials.Ability to develop curriculum for use within a virtual environment.Ability to develop curriculum that speaks to the topic at the appropriate level for the target audience.Ability to develop or procure curriculum that speaks to the topic at the appropriate level for the target.Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.Ability to develop or recommend planning solutions to problems and situations for which no precedent exists.Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.Ability to develop secure software according to secure software deployment methodologies, tools, and practices.Ability to develop, update, and/or maintain standard operating procedures (SOPs).Ability to dissect a problem and examine the interrelationships between data that may appear unrelated.Ability to effectively collaborate via virtual teams.Ability to ensure information security management processes are integrated with strategic and operational planning processes. Ability to ensure security practices are followed throughout the acquisition process.Ability to ensure that functional and security requirements are appropriately addressed in a contract and that the contractor meets the functional and security requirements as stated in the contract. Ability to ensure that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control. Ability to evaluate information for reliability, validity, and relevance.Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.Ability to evaluate/ensure the trustworthiness of the supplier and/or product.Ability to examine digital media on multiple operating system platforms. Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).Ability to execute technology integration processes.Ability to exercise judgment when policies are not well-defined.Ability to expand network access by conducting target analysis and collection to identify targets of interest.Ability to facilitate small group discussions.Ability to focus research efforts to meet the customer’s decision-making needs.Ability to function effectively in a dynamic, fast-paced environment.Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.Ability to gauge learner understanding and knowledge level.Ability to identify basic common coding flaws at a high level.Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations. Ability to identify external partners with common cyber operations interests.Ability to identify intelligence gaps.Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.Ability to identify the roles and responsibilities for appointed Communications Security (COMSEC) personnel. Ability to identify types of Communications Security (COMSEC) Incidents and how they’re reported Ability to identify/describe target vulnerability.Ability to identify/describe techniques/methods for conducting technical exploitation of the target.Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). Ability to interpret Communications Security (COMSEC) terminology, guidelines and procedures. Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.Ability to interpret and translate customer requirements into operational action.Ability to interpret and translate customer requirements into operational capabilities.Ability to interpret and understand complex and rapidly evolving concepts.Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues.Ability to maintain databases. (i.e., backup, restore, delete data, transaction log files, etc.).Ability to manage Communications Security (COMSEC) material accounting, control and use procedure. Ability to match the appropriate knowledge repository technology for a given application or environment.Ability to monitor advancements in information privacy laws to ensure organizational adaptation and compliance.Ability to monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.Ability to monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies.Ability to monitor measures or indicators of system performance and availability.Ability to monitor system operations and react to events in response to triggers and/or observation of trends or unusual activity.Ability to monitor traffic flows across the network.Ability to operate common network tools (e.g., ping, traceroute, nslookup).Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.Ability to operate the organization's LAN/WAN pathways.Ability to optimize systems to meet enterprise performance requirements.Ability to oversee the development and update of the life cycle cost estimate.Ability to participate as a member of planning teams, coordination groups, and task forces as necessary.Ability to perform network collection tactics, techniques, and procedures to include decryption capabilities/tools.Ability to perform wireless collection procedures to include decryption capabilities/tools.Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.Ability to prepare and present briefings.Ability to prioritize and allocate cybersecurity resources correctly and efficiently.Ability to produce technical documentation.Ability to provide effective feedback to students for improving learning.Ability to recognize and mitigate cognitive biases which may affect analysis.Ability to recognize and mitigate deception in reporting and analysis.Ability to recognize the importance of auditing Communications Security (COMSEC) material and accounts. Ability to recognize the unique aspects of the Communications Security (COMSEC) environment and hierarchy. Ability to relate strategy, business, and technology in the context of organizational dynamics.Ability to review processed target language materials for accuracy and completeness.Ability to select the appropriate implant to achieve operational goals.Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls. Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks. Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture. Ability to tailor code analysis for application-specific concerns.Ability to tailor curriculum that speaks to the topic at the appropriate level for the target audience.Ability to tailor technical and planning information to a customer’s level of understanding.Ability to think critically.Ability to think like threat actors.Ability to translate data and test results into evaluative conclusions.Ability to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise.Ability to understand objectives and effects.Ability to understand technology, management, and leadership issues related to organization processes and problem solving.Ability to understand the basic concepts and issues related to cyber and its organizational impact.Ability to use and understand complex mathematical concepts (e.g., discrete math).Ability to use data visualization tools (e.g., Flare, HighCharts, AmCharts, D3.js, Processing, Google Visualization API, Tableau, Raphael.js).Ability to utilize multiple intelligence sources across all intelligence disciplines.Ability to work across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives.Ability, in close coordination with system security officers, advise authorizing officials, chief information officers, senior information security officers, and the senior accountable official for risk management/risk executive (function), on a range of security-related issues (e.g. establishing system boundaries; assessing the severity of weaknesses and deficiencies in the system; plans of action and milestones; risk mitigation approaches; security alerts; and potential adverse effects of identified vulnerabilities). Search the NICE Cybersecurity Workforce Framework by choosing an option from either Ability ID or Ability Description above.