• All Source-Collection Manager

    Work Role ID: CO-CLO-001
    Identifies collection authorities and environment; incorporates priority information requirements into collection management; develops concepts to meet leadership's intent. Determines capabilities of available collection assets, identifies new collection capabilities; and constructs and disseminates collection plans. Monitors execution of tasked collection to ensure effective execution of the collection plan.
    Category: Collect and Operate
    Specialty Area: Collection Operations

Abilities

  • A0069: Ability to apply collaborative skills and strategies.
  • A0070: Ability to apply critical reading/thinking skills.
  • A0076: Ability to coordinate and collaborate with analysts regarding surveillance requirements and essential information development.
  • A0078: Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.
  • A0079: Ability to correctly employ each organization or element into the collection plan and matrix.

Knowledge

  • K0001: Knowledge of computer networking concepts and protocols, and network security methodologies. 
  • K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
  • K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
  • K0004: Knowledge of cybersecurity and privacy principles. 
  • K0005: Knowledge of cyber threats and vulnerabilities. 
  • K0006: Knowledge of specific operational impacts of cybersecurity lapses. 
  • K0036: Knowledge of human-computer interaction principles.
  • K0058: Knowledge of network traffic analysis methods. 
  • K0109: Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). 
  • K0177: Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 
  • K0353: Knowledge of possible circumstances that would result in changing collection management authorities. 
  • K0361: Knowledge of asset availability, capabilities and limitations.
  • K0364: Knowledge of available databases and tools necessary to assess appropriate collection tasking.
  • K0380: Knowledge of collaborative tools and environments.
  • K0382: Knowledge of collection capabilities and limitations.
  • K0383: Knowledge of collection capabilities, accesses, performance specifications, and constraints utilized to satisfy collection plan.
  • K0386: Knowledge of collection management tools.
  • K0387: Knowledge of collection planning process and collection plan.
  • K0390: Knowledge of collection strategies.
  • K0392: Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
  • K0395: Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
  • K0401: Knowledge of criteria for evaluating collection products.
  • K0404: Knowledge of current collection requirements.
  • K0405: Knowledge of current computer-based intrusion sets.
  • K0412: Knowledge of cyber lexicon/terminology
  • K0417: Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
  • K0419: Knowledge of database administration and maintenance.
  • K0425: Knowledge of different organization objectives at all levels, including subordinate, lateral and higher.
  • K0427: Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
  • K0431: Knowledge of evolving/emerging communications technologies.
  • K0435: Knowledge of fundamental cyber concepts, principles, limitations, and effects.
  • K0440: Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability. 
  • K0444: Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
  • K0445: Knowledge of how modern digital and telephony networks impact cyber operations.
  • K0446: Knowledge of how modern wireless communications systems impact cyber operations.
  • K0448: Knowledge of how to establish priorities for resources.
  • K0449: Knowledge of how to extract, analyze, and use metadata.
  • K0453: Knowledge of indications and warning.
  • K0454: Knowledge of information needs.
  • K0467: Knowledge of internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
  • K0471: Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
  • K0474: Knowledge of key cyber threat actors and their equities.
  • K0475: Knowledge of key factors of the operational environment and threat.
  • K0477: Knowledge of leadership's Intent and objectives.
  • K0480: Knowledge of malware.
  • K0482: Knowledge of methods for ascertaining collection asset posture and availability.
  • K0492: Knowledge of non-traditional collection methodologies.
  • K0495: Knowledge of ongoing and future operations.
  • K0496: Knowledge of operational asset constraints.
  • K0498: Knowledge of operational planning processes.
  • K0503: Knowledge of organization formats of resource and asset readiness reporting, its operational relevance and intelligence collection impact.
  • K0505: Knowledge of organization objectives and associated demand on collection management.
  • K0513: Knowledge of organizational priorities, legal authorities and requirements submission processes.
  • K0516: Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0521: Knowledge of priority information, how it is derived, where it is published, how to access, etc.
  • K0522: Knowledge of production exploitation and dissemination needs and architectures.
  • K0526: Knowledge of research strategies and knowledge management.
  • K0527: Knowledge of risk management and mitigation strategies.
  • K0552: Knowledge of tasking mechanisms.
  • K0553: Knowledge of tasking processes for organic and subordinate collection assets.
  • K0554: Knowledge of tasking, collection, processing, exploitation and dissemination.
  • K0558: Knowledge of the available tools and applications associated with collection requirements and collection management.
  • K0560: Knowledge of the basic structure, architecture, and design of modern communication networks.
  • K0561: Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0562: Knowledge of the capabilities and limitations of new and emerging collection capabilities, accesses and/or processes.
  • K0563: Knowledge of the capabilities, limitations and tasking methodologies of internal and external collections as they apply to planned cyber activities.
  • K0565: Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
  • K0569: Knowledge of the existent tasking, collection, processing, exploitation and dissemination architecture.
  • K0570: Knowledge of the factors of threat that could impact collection operations.
  • K0579: Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
  • K0580: Knowledge of the organization’s established format for collection plan.
  • K0581: Knowledge of the organization’s planning, operations and targeting cycles.
  • K0583: Knowledge of the organizational plans/directives/guidance that describe objectives.
  • K0584: Knowledge of the organizational policies/procedures for temporary transfer of collection authority.
  • K0587: Knowledge of the POC’s, databases, tools and applications necessary to establish environment preparation and surveillance products.
  • K0588: Knowledge of the priority information requirements from subordinate, lateral and higher levels of the organization.
  • K0596: Knowledge of the request for information process.
  • K0601: Knowledge of the systems/architecture/communications used for coordination.
  • K0605: Knowledge of tipping, cueing, mixing, and redundancy.
  • K0610: Knowledge of virtualization products (VMware, Virtual PC).
  • K0612: Knowledge of what constitutes a “threat” to a network.
  • K0613: Knowledge of who the organization’s operational planners are, how and where they can be contacted, and what are their expectations.

Skills

  • S0238: Skill in information prioritization as it relates to operations.
  • S0304: Skill to access information on current assets available, usage.
  • S0305: Skill to access the databases where plans/directives/guidance are maintained.
  • S0311: Skill to apply the capabilities, limitations and tasking methodologies of available platforms, sensors, architectures and apparatus as they apply to organization objectives.
  • S0313: Skill to articulate a needs statement/requirement and integrate new and emerging collection capabilities, accesses and/or processes into collection operations.
  • S0316: Skill to associate Intelligence gaps to priority information requirements and observables.
  • S0317: Skill to compare indicators/observables with requirements.
  • S0324: Skill to determine feasibility of collection.
  • S0325: Skill to develop a collection plan that clearly shows the discipline that can be used to collect the information needed.
  • S0327: Skill to ensure that the collection strategy leverages all available resources.
  • S0328: Skill to evaluate factors of the operational environment to objectives, and information requirements.
  • S0330: Skill to evaluate the capabilities, limitations and tasking methodologies of organic, theater, national, coalition and other collection capabilities.
  • S0332: Skill to extract information from available tools and applications associated with collection requirements and collection operations management.
  • S0334: Skill to identify and apply tasking, collection, processing, exploitation and dissemination to associated collection disciplines.
  • S0335: Skill to identify Intelligence gaps.
  • S0336: Skill to identify when priority information requirements are satisfied.
  • S0339: Skill to interpret readiness reporting, its operational relevance and intelligence collection impact.
  • S0342: Skill to optimize collection system performance through repeated adjustment, testing, and re-adjustment.
  • S0344: Skill to prepare and deliver reports, presentations and briefings, to include using visual aids or presentation technology.
  • S0347: Skill to review performance specifications and historical information about collection assets.
  • S0351: Skill to translate the capabilities, limitations and tasking methodologies of organic, theater, national, coalition and other collection capabilities.
  • S0352: Skill to use collaborative tools and environments.
  • S0362: Skill to analyze and assess internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities). 

Tasks

  • T0562: Adjust collection operations or collection plan to address identified issues/challenges and to synchronize collections with overall operational requirements.
  • T0564: Analyze feedback to determine extent to which collection products and services are meeting requirements.
  • T0568: Analyze plans, directives, guidance and policy for factors that would influence collection management's operational structure and requirement s (e.g., duration, scope, communication requirements, interagency/international agreements).
  • T0573: Assess and apply operational environment factors and risks to collection management process.
  • T0578: Assess performance of collection assets against prescribed specifications.
  • T0604: Compare allocated and available assets to collection demand as expressed through requirements.
  • T0605: Compile lessons learned from collection management activity's execution of organization collection objectives.
  • T0625: Consider efficiency and effectiveness of collection assets and resources if/when applied against priority information requirements.
  • T0626: Construct collection plans and matrixes using established guidance and procedures.
  • T0631: Coordinate resource allocation of collection assets against prioritized collection requirements with collection discipline leads.
  • T0632: Coordinate inclusion of collection plan in appropriate documentation.
  • T0634: Re-task or re-direct collection assets and resources.
  • T0645: Determine course of action for addressing changes to objectives, guidance, and operational environment.
  • T0646: Determine existing collection management webpage databases, libraries and storehouses.
  • T0647: Determine how identified factors affect the tasking, collection, processing, exploitation and dissemination architecture's form and function.
  • T0649: Determine organizations and/or echelons with collection authority over all accessible collection assets.
  • T0651: Develop a method for comparing collection reports to outstanding requirements to identify information gaps.
  • T0657: Develop coordinating instructions by collection discipline for each phase of an operation.
  • T0662: Allocate collection assets based on leadership's guidance, priorities, and/or operational emphasis.
  • T0674: Disseminate tasking messages and collection plans.
  • T0681: Establish alternative processing, exploitation and dissemination pathways to address identified issues or problems.
  • T0683: Establish processing, exploitation and dissemination management activity using approved guidance and/or procedures.
  • T0698: Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers.
  • T0702: Formulate collection strategies based on knowledge of available intelligence discipline capabilities and gathering methods that align multi-discipline collection capabilities and accesses with targets and their observables.
  • T0714: Identify collaboration forums that can serve as mechanisms for coordinating processes, functions, and outputs with specified organizations and functional groups.
  • T0716: Identify coordination requirements and procedures with designated collection authorities.
  • T0721: Identify issues or problems that can disrupt and/or degrade processing, exploitation and dissemination architecture effectiveness.
  • T0723: Identify potential collection disciplines for application against priority information requirements.
  • T0725: Identify and mitigate risks to collection management ability to support the plan, operations and target cycle.
  • T0734: Issue requests for information.
  • T0737: Link priority collection requirements to optimal assets and resources.
  • T0750: Monitor completion of reallocated collection efforts.
  • T0753: Monitor operational status and effectiveness of the processing, exploitation and dissemination architecture.
  • T0755: Monitor the operational environment for potential factors and risks to the collection operation management process.
  • T0757: Optimize mix of collection assets and resources to increase effectiveness and efficiency against essential information associated with priority intelligence requirements.
  • T0773: Prioritize collection requirements for collection platforms based on platform capabilities.
  • T0779: Provide advice/assistance to operations and intelligence decision makers with reassignment of collection assets and resources in response to dynamic operational situations.
  • T0806: Request discipline-specific processing, exploitation, and disseminate information collected using discipline's collection assets and resources in accordance with approved guidance and/or procedures.
  • T0809: Review capabilities of allocated collection assets.
  • T0810: Review intelligence collection guidance for accuracy/applicability.
  • T0811: Review list of prioritized collection requirements and essential information.
  • T0812: Review and update overarching collection plan, as required.
  • T0814: Revise collection matrix based on availability of optimal assets and resources.
  • T0820: Specify changes to collection plan and/or operational environment that necessitate re-tasking or re-directing of collection assets and resources.
  • T0821: Specify discipline-specific collections and/or taskings that must be executed in the near term.
  • T0827: Synchronize the integrated employment of all available organic and partner intelligence collection assets using available collaboration capabilities and techniques.