I presented a talk last year briefing a paradigm shift that SOCs are being subject to in recent years. The talk was addressed to military personnels and so there are multiple concepts, case-studies and methodologies that were crammed into one hastily built deck. This post is based on an extract from that deck - The US-Air Force’s Offensive Cyberspace Operations program and organizational structuring that is a part of the AFCY ( AirForce Cyber Command).
I hope this will also serve as a manual for similar career paths and for understanding capabilities.
I wanted to elaborate a bit more on the Cyber Warfare career path within the USAF / AFCY - 24th.
Around 2014 - The AF-OCO was setup and this is no joke. There are various documents that explains it’s job functions and here are some key details extracted from the budgeting report.
Mission Description and Budget Item Justification
The AF Offensive Cyberspace Operations (OCO) program rapidly develops operations-ready cyberspace superiority capabilities from laboratory, industry, and academia
via studies, rapid prototyping, technology demonstrations, and other Research, Development, Testing and Evaluation (RDT&E) efforts. This program consists of a
portfolio of small programs and projects called the Offensive Cyber Product Line (OCPL) that contribute to an overall Distributed Cyber Weapons Operations (DCWO)
architecture. The OCPL establishes a flexible and balanced approach to the rapid acquisition of cyber operational capabilities. OCPL effectiveness comes from
balancing funding into three capability areas required for effective operations: Platforms, Access and Capabilities.
OCPL provides cyber warfare capabilities to the 24th Air Force in direct support of US Cyber Command (USCYBERCOM), AF Major Commands (MAJCOMs), unified
commands, and national agencies. In accordance with AF Policy, the program office develops capabilities in the cyberspace superiority core areas. OCPL efforts also
directly support the Joint Network Attack Initial Capabilities Document (ICD), the National Military Strategy for Cyberspace Operations (NMS-CO), the USCYBERCOM
operational directives, the latest AF Space Command (AFSPC) Offensive Cyberspace Operations System Flight Plan, and other formal requirements documents.
Planned areas of development, prototyping, and technology demonstration will be used to provide warfighters access, platforms, and tools. This includes mission
planning, intelligence, and Command and Control/Situational Awareness (C2SA) tools needed to attack enemy networks, telephony, Integrated Air Defense Systems (IADS), electronic warfare operations and Command and Control systems. These advancements will be used to develop and deliver cutting-edge technologies to the warfighters. This capability area leverages cyber technology investments by the Defense Advanced Research Projects Agency (DARPA), the National Security Agency (NSA), Air Force Research Labs (AFRL), DOD national laboratories, and other sources. Many program activities are protected under AF Network Warfare Special Access Programs.
Skills and Career Progression:
1. Cyber Warfare Operations Apprentice (1B431). The apprentice skill level is awarded at completion of the 1B4X1 Cyber Warfare Operations Initial Skills Course. Apprentices should be assigned to tactical level units into positions such as incident response operator, interactive operator or other entry level positions. Entry into the 1B451 CDC is mandatory.
2. Cyber Warfare Operations Journeyman (1B451). The journeyman skill level is awarded upon completion of the 1B451 CDC, required core tasks and the required upgrade training time period.
3. Cyber Warfare Operations Craftsman (1B471). The craftsman skill level is awarded upon completion of the 1B471 CDC, required core tasks and the required upgrade training time period. Minimum rank is SSgt (SrA with line number for SSgt will be entered into 7-skill level upgrade training.)
4. Cyber Warfare Operations Superintendent (1B491). The superintendent skill level is awarded upon, required core tasks and the required upgrade training time period.
Skill Level Training Requirements
The various skill levels in the career field are defined in terms of tasks and
knowledge requirements for each skill level in the Cyber Warfare Operations field of the career ladder. They are stated in broad, general terms and establish the standards of performance. Core tasks, knowledge items, and skill requirements for this specialty are identified in the STS, COL, CDCs, AFJQSs/AFQTPs, etc. Completion of the mandatory 3-level skill awarding course, CDCs, CFETP, and applicable AFJQSs/AFQTPs define the Air Force core tasks for this specialty.
Apprentice (3-Level) Training - 1B431
KNOWLEDGE:
Computer Operating Systems
Software Applications
Database Concepts
Common Programming Languages
Hardware Components
Networking Fundamentals
Protocols
Network Addressing
Network Infrastructure
Telecommunications Theory
Data Communications
Wireless Technologies
Cryptography
Cyber Operation Laws
EDUCATION
For entry into this specialty, completion of high school is mandatory. Additional courses in Science, Technology, Engineering, and Mathematics (STEM) is desirable.
Associate degree or higher in related fields or Information Technology (IT)
Certification is desirable.
TRAINING
Completion of the Cyber Warfare Operations Apprentice course
EXPERIENCE
None required
OTHER
Minimum score of 60 on the Air Force Electronic Data Processing Test.
Requires routine access to Top Secret material or similar environment, completion of a current Single Scope Background Investigation (SSBI),
Personnel Security Program Management, is mandatory for award and retention of
this skill level.
NOTE: Award of the 3-skill level without a completed SSBI is authorized provided
an interim Top Secret clearance has been granted.
For award and retention of 1B431, must attain and maintain a minimum Information
Assurance Technical Level II certification according with AFMAN 33-285, Information Assurance Workforce Improvement Program.
IMPLEMENTATION
Attendance at the Cyber Warfare Operations Apprentice course is mandatory for award of the 3-skill level unless waived by the 1B AFCFM (Air Force Career Field Manager)
Journeyman (5-Level) Training - 1B451
KNOWLEDGE
All 1B431 knowledge qualifications apply to the 1B451 requirements
TRAINING
Completion of the 1B451 Career Development Course.
Completion of all STS core tasks. (Specialty Training Standard)
Completion of applicable AFJQS/AFQTPs (Air Force Job Qualification Standard / Air Force Qualification Training Package)
Completion of all local tasks assigned for the duty position to include Crew Position
Certification if required for duty position.
EXPERIENCE
Qualification in and possession of AFSC 1B431
Experience performing Cyber Warfare Operations functions
OTHER
Requires routine access to Top Secret material or similar environment, completion of a current Single Scope Background Investigation (SSBI) according to AFI 31-501,
Personnel Security Program Management.
For award and retention of 1B451, must attain and maintain a minimum Information
Assurance Technical Level II certification according with AFMAN 33-285,
Information Assurance Workforce Improvement Program.
IMPLEMENTATION
Entry into formal journeyman upgrade training is accomplished once individuals are
assigned to their first duty station. Qualification training is initiated anytime
individuals are assigned duties for which they are not qualified.
Craftsman (7-Level) Training - 1B471
KNOWLEDGE
All 1B451 knowledge qualifications apply to the 1B471 requirements
TRAINING
Completion of the 1B471 Career Development Course.
Completion of all STS core tasks.
Completion of applicable AFJQS/AFQTPs.
Completion of all local tasks assigned for the duty position to include Crew Position
Certification if required for duty position.
EXPERIENCE
Qualification in and possession of AFSC 1B451
Experience performing or supervising Cyber Warfare Operations functions.
OTHER
Requires routine access to Top Secret material or similar environment, completion of a current Single Scope Background Investigation (SSBI)
Personnel Security Program Management,is mandatory for award and retention of this skill level.
For award and retention of 1B471, must attain and maintain a minimum Information
Assurance Technical Level II certification according with AFMAN 33-285,
Information Assurance Workforce Improvement Program.
IMPLEMENTATION
Entry into OJT (On-the-Job Training) is initiated when individuals obtain the necessary rank and skill level.
Qualification training is initiated anytime an individual is assigned duties for which
they are not qualified. Use OJT, CBTs (Computer Based Training) , CDCs, CFETP (Career Field Education and Training Plan) , and AFJQSs/AFQTPs
concurrently to obtain the necessary qualification for refresher and cross-utilization
training.
Superintendent (9-Level) Training
KNOWLEDGE
Resource Management
Manpower and Organization
Training Management
Deployment Management
Base/Unit Functional Management
TRAINING
None
EXPERIENCE
Qualification in and possession of AFSC 1B471
Managing and directing Cyber Warfare Operations personnel and processes.
OTHER
Requires routine access to Top Secret material or similar environment, completion of a current Single Scope Background Investigation (SSBI) and Personnel Security Program Management, is mandatory for award and retention of this skill level.
To sum it all up the USCYBERCOM portfolio is quite huge and we know for a fact that they have persisted for quite a while now. Will update more information on CYBERCOM functionalities and organizational structure in future posts.
Comments