Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Cyberspace Operator (DCWF 322)

Uses tools to conduct navigation, forensics, and recon in support of offensive cyber ops; performs actions on-net when authorized and directed.

Jump to:

Leverages advanced knowledge of cloud computing, virtualization, and network infrastructure to navigate and exploit target environments. Conducts forensic analysis, surveillance, and reconnaissance, supporting precise execution of offensive cyber operations.

What You'll Do

Extract Actionable Intelligence

Conduct tactical forensic analysis and digital investigations to extract actionable intelligence from compromised networks.

Execute Offensive Operations

Execute offensive cyberspace operations, employing advanced tools and techniques to exploit and persist in targeted systems.

Gather Operational Intelligence

Perform surveillance and reconnaissance missions, gathering critical network data to inform operational planning and execution.

Similar Roles

Target Analyst Reporter (DCWF 133)

DoD 8140: Cyber Effects

Synthesizes intelligence for reporting, evaluates SIGINT/cyber collection, collaborates with analysts, and maintains databases and customer feedback.

Explore learning path

Cyberspace Capability Developer (DCWF 341)

DoD 8140: Cyber Effects

Provides software and hardware support for cyberspace operations by identifying vulnerabilities and developing cyberspace effect capabilities.

Explore learning path

Network Analyst (DCWF 443)

DoD 8140: Cyber Effects

Analyzes network traffic and packet captures to detect anomalies and intrusions, while building advanced network detection rules and alerts.

Explore learning path

Digital Network Exploitation Analyst (DCWF 122)

DoD 8140: Cyber Effects

Analyzes intercepted intel to map target networks, assess value, and find exploitation strategies, focusing on comms tech and system implementation.

Explore learning path

Host Analyst (DCWF 463)

DoD 8140: Cyber Effects

Conducts host system analysis using built-in tools, evaluating services, permissions, and configurations to detect and address system threats.

Explore learning path

Network Technician (DCWF 442)

DoD 8140: Cyber Effects

Supports Cyber Protection Team with infrastructure knowledge, mission scoping, and understanding of enterprise and tactical network systems.

Explore learning path

Exploitation Analyst (DCWF 121)

DoD 8140: Cyber Effects

Collaborates to identify access and collection gaps using cyber resources and techniques to penetrate target networks and support mission operations.

Explore learning path

Cyber Operations Planner (DCWF 332)

DoD 8140: Cyber Effects

Coordinates cyber operations plans, working with analysts and operators to support targeting and synchronization of actions in cyberspace.

Explore learning path

Need more guidance about cyber roles?

There are numerous different roles in cybersecurity and where you fit depends on your interest level. SANS New to Cyber offers courses, certifications, and free resources for anyone interested in getting started in cybersecurity.

Explore New to Cyber