Cyber Instructor

Develops and conducts training or education of personnel within cyber domain.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Knowledge of cybersecurity and privacy principles.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of authentication, authorization, and access control methods.
  • Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • Knowledge that technology that can be exploited.
  • Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain.
  • Knowledge of virtualization technologies and virtual machine development and maintenance.
  • Knowledge of the organization's core business/mission processes.
  • Knowledge of emerging security issues, risks, and vulnerabilities.
  • Knowledge of learning assessment techniques (rubrics, evaluation plans, tests, quizzes).
  • Knowledge of computer based training and e-learning services.
  • Knowledge of instructional design and evaluation models (e.g., ADDIE, Smith/Ragan model, Gagne's Events of Instruction, Kirkpatrick's model of evaluation).
  • Knowledge of organizational training policies.
  • Knowledge of learning levels (i.e., Bloom's Taxonomy of learning).
  • Knowledge of Learning Management Systems and their use in managing learning.
  • Knowledge of learning styles (e.g., assimilator, auditory, kinesthetic).
  • Knowledge of modes of learning (e.g., rote learning, observation).
  • Knowledge of organizational training systems.
  • Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media.
  • Knowledge of principles and processes for conducting training and education needs assessment.
  • Knowledge of relevant concepts, procedures, software, equipment, and technology applications.
  • Knowledge of Test & Evaluation processes for learners.
  • Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects.
  • Knowledge of an organization's information classification program and procedures for information compromise.
  • Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).
  • Knowledge of technical delivery capabilities and their limitations.
  • Knowledge of cyber competitions as a way of developing skills by providing hands-on experience in simulated, real-world situations.
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Skill in analyzing network traffic capacity and performance characteristics.
  • Skill in applying confidentiality, integrity, and availability principles.
  • Skill in the use of penetration testing tools and techniques.
  • Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
  • Skill in tuning sensors.
  • Skill in using knowledge management technologies.
  • Skill in using network management tools to analyze network traffic patterns (e.g., simple network management protocol).
  • Skill in using protocol analyzers.
  • Skill in writing code in a currently supported programming language (e.g., Java, C++).
  • Skill in developing and executing technical training programs and curricula.
  • Skill in talking to others to convey information effectively.
  • Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).
  • Skill in conducting forensic analyses in multiple operating system environments (e.g., mobile device systems).
  • Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
  • Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).
  • Skill in applying security controls.
  • Skill in utilizing or developing learning activities (e.g., scenarios, instructional games, interactive exercises).
  • Skill in utilizing technologies (e.g., SmartBoards, websites, computers, projectors) for instructional purposes.
  • Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • Skill in analyzing malware.
  • Skill in performing packet-level analysis.
  • Skill in analyzing traffic to identify network devices.
  • Skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools.
  • Skill in reviewing and editing assessment products.
  • Skill in technical writing.
  • Skill in using tools, techniques, and procedures to remotely exploit and establish persistence on a target.
  • Skill in writing about facts and ideas in a clear, convincing, and organized manner.
  • Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience).
  • Skill to remain aware of evolving technical infrastructures.
  • Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.
  • Ability to answer questions in a clear and concise manner.
  • Ability to ask clarifying questions.
  • Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • Ability to communicate effectively when writing.
  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • Ability to facilitate small group discussions.
  • Ability to gauge learner understanding and knowledge level.
  • Ability to prepare and present briefings.
  • Ability to produce technical documentation.
  • Ability to provide effective feedback to students for improving learning.
  • Ability to apply principles of adult learning.
  • Ability to design valid and reliable assessments.
  • Ability to develop clear directions and instructional materials.
  • Ability to develop curriculum for use within a virtual environment.
  • Ability to operate common network tools (e.g., ping, traceroute, nslookup).
  • Ability to tailor curriculum that speaks to the topic at the appropriate level for the target audience.
  • Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).
  • Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to apply critical reading/thinking skills.
  • Ability to evaluate information for reliability, validity, and relevance.
  • Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
  • Ability to tailor technical and planning information to a customer's level of understanding.
  • Ability to think critically.
  • Ability to monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.
  • Ability to develop or procure curriculum that speaks to the topic at the appropriate level for the target.
  • Ability to understand technology, management, and leadership issues related to organization processes and problem solving.
  • Ability to understand the basic concepts and issues related to cyber and its organizational impact.
  • Ability to conduct training and education needs assessment.
  • Conduct interactive training exercises to create an effective learning environment.
  • Develop new or identify existing awareness and training materials that are appropriate for intended audiences.
  • Evaluate the effectiveness and comprehensiveness of existing training programs.
  • Review training documentation (e.g., Course Content Documents [CCD], lesson plans, student texts, examinations, Schedules of Instruction [SOI], and course descriptions).
  • Support the design and execution of exercise scenarios.
  • Write instructional materials (e.g., standard operating procedures, production manual) to provide detailed guidance to relevant portion of the workforce.
  • Develop or assist in the development of computer based training modules or classes.
  • Develop or assist in the development of course assignments.
  • Develop or assist in the development of course evaluations.
  • Develop or assist in the development of grading and proficiency standards.
  • Assist in the development of individual/collective development, training, and/or remediation plans.
  • Develop or assist in the development of learning objectives and goals.
  • Develop or assist in the development of on-the-job training materials or programs.
  • Develop or assist in the development of written tests for measuring and assessing learner proficiency.
  • Conduct learning needs assessments and identify requirements.
  • Develop or assist in the development of training policies and protocols for cyber training.
  • Develop the goals and objectives for cyber curriculum.
  • Present technical information to technical and nontechnical audiences.
  • Present data in creative formats.
  • Write and publish after action reviews.
  • Deliver training courses tailored to the audience and physical/virtual environments.
  • Apply concepts, procedures, software, equipment, and/or technology applications to students.
  • Design training curriculum and course content based on requirements.
  • Participate in development of training curriculum and course content.
  • Ensure that training meets the goals and objectives for cybersecurity training, education, or awareness.
  • Plan and coordinate the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, multimedia presentations) for the most effective learning environment.
  • Plan non-classroom educational techniques and formats (e.g., video courses, mentoring, web-based courses).
  • Recommend revisions to curriculum and course content based on feedback from previous training sessions.
  • Serve as an internal consultant and advisor in own area of expertise (e.g., technical, copyright, print media, electronic media).
  • Develop or assist with the development of privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations.