The Department of the Air Force, Air Force Space Command, 24th Air Force, 688th Cyberspace Wing, 318th Information Operations Group, 39th Information Operations Squadron has a requirement for a Cyber Operations Supplemental Skills Training program

The primary organization and location for this Blanket Purchase Agreement (BPA) is the 39th IOS, Hurlburt Field, FL, 39th IOS Detachment 1, JBSA TX, and 39 IOS Detachment 2, Keesler AFB, MS or other 16th Air Force (16 AF) Cyber organizations.  The 39th locations are primary organizations and locations for CyOSST IV; however, other 16 AF Cyber organizations may host cyber training courses at their locations.  The 39 IOS is the Air Force’s Information Operations (IO) and Cyber Operations (CyO) Formal Training Unit (FTU).  Furthermore, there is a flexibility requirement to support other AF Cyber organizations for their certified personnel that protect our interests in Cyberspace.

• The cyberspace domain is a contested domain.  Unlike the other domains of Air, Land, Sea, and Space, the cyber domain is required to create and maintain the domain in order to produce battlespace effects for commanders within the domain.
• The Cyber domain is also used to create cross-domain effects by providing the conduit for battlespace effects between Air, Land, Sea, Space, and including Cyberspace (kinetic and non-kinetic effects).  The Cyberspace domain will remain correlated and interconnected with other AF domains.  Within the cyber domain, multiple functional network types exist.  As technology improves and functional networks converge to automate more and more of our military and civilian processes, our nation’s networks and critical infrastructure are vulnerable to attack and must be aggressively defended.  The increasing complexity of the AF domain is much more dependent on civilian industry than on military development.  The ability to integrate civilian cyber security technology with military rigor, tactics, techniques and discipline is paramount to the nation’s defense.
• The primary Cyber Operations training audience is 16 AF, Air Force Cyber (AFCYBER), and Air Combat Command (ACC).  They, in turn, support ACC, US Air Force (USAF), and United States Cyber Command (USCC), and DoD Chief Information Operations Defensive Cyber Workforce Framework (DCWF) work roles supporting Cyber Mission Forces (CMF), the US Government and Allies in support of USCC.
• The DCWF describes the work performed by the full spectrum of the cyber workforce as defined in DoD Directive (DoDD) 8140.01. The DCWF leverages the original National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NCWF) and the DoD Joint Cyberspace Training and Certification Standards (JCT&CS). It has a hierarchical structure with seven broad categories, 33 specialty areas, and 54 work roles. Each work role contains a definition, as well as a representative list of tasks and knowledge, skills and abilities (KSAs) describing what is needed to execute key functions. Work roles vary in terms of breadth (requirements spanning multiple sets of functions) and depth (requirements focused on a related set of functions.
• The four CMF team supported are Cyber Protection Teams (CPT), Cyber Mission Teams (CMT), Cyber Support Teams (CST), National Mission Teams (NMT), and cyber weapons systems crew member positions.  The training supports cyber operation crew members who must satisfactorily complete Initial Qualification Training (IQT), Mission Qualification Training (MQT), and require Upgrade Training to maintain certification and proficiency in their job role.

• Training Vouchers:  Each Private training voucher is good for one student to attend one class and includes two practice tests and one certification test attempt. Each Public and/or Online training voucher is good for one student to attend one class.Class Size:  Each Private class with an in-person instructor will consist of a minimum of 15 students with the option to add students to the class at a per-seat cost.The 39 IOS staff will proctor the on-line vendor tests at the 39 IOS facilities; eliminating the need to arrange a commercial testing facility and provide travel for all 39 IOS students to that facility.  In addition, any retake GIAC exams for 39 IOS students and faculty are also coordinated by the 39 IOS.  However, with other 16 AF Cyber units, training outside of the 39 IOS, test proctoring arrangements will be made with authorized Pearson VUE testing centers.

  Courses:  Training vouchers shall be redeemable for all VENDOR courses.  (See Appendix B for current list)

  Certifications:  Where applicable, the certification shall be ANSI certified and Community College of the Air Force recognized for undergraduate semester credit.  Each course offering prepares a student for an Industry Standard Certification that satisfies the FTU course evaluation requirement.  All scores shall be reported to the 39 IOS registrar.

  Ethics Statement:  Due to the potential for misuse and insider threat, all students and instructors are expected to sign a statement of ethics before being exposed to the course material.

  Class Schedules:  All classes shall be coordinated, aligned, and finalized between the FTU and VENDOR at least 30 days prior to the VENDOR course dates.  Coordination is critical due to possible class date changes because of Government requirements. The Government will provide the Private training class schedule at least four (4) months ahead of time.

  The VENDOR one to six day courses are offered as part of the Cyber Operations Initial Qualification Training (IQT) courses offered by the 39 IOS or organizations that access this Blanket Purchase Order (BPA).  The courses may also be offered stand-alone to meet specific training requirements across the costumer base for this BPA.

  The VENDOR provided course materials shall arrive at the FTU five business days prior to the start of each Private course.  The VENDOR is responsible for the publication, preparation, and delivery of all hard and soft copy course materials.

  The VENDOR provided ranges will be coordinated with the 39 IOS/DOS division to deliver, integrate, and validate range networks, virtual machines, connectivity requirements and lab software prior to course execution. Vendor personnel may be required to support installation and maintain ranges as required which will be coordinated to meet course schedules.

  For all Private classes at 39 IOS, the VENDOR shall coordinate with a 39 IOS Government representative to enroll students into their respective classes in order to utilize any online study materials offered as part of this agreement.  Students shall be enrolled with the corresponding certification body as well to utilize practice tests and online certification attempt.

  The 39 IOS will sponsor and coordinate entry credentials onto the installation for all VENDOR instructors traveling to support training conducted at the 39 IOS or its detachments.  In order for the 39 IOS to coordinate entry credentials, VENDOR instructors shall contact a 39 IOS Government representative prior to arrival at the installation at least ten (10) business days prior to arrival.

  The VENDOR shall establish and monitor a customer feedback system for correction of validated complaints and notification of corrective action to customer.  The VENDOR shall retain Quality Control documentation on site in an orderly manner and make it available for Government review, if requested. When a student attends cyber training, that student will be assigned a voucher for the 1 to 6-day course led SANS Bootcamp hosted by the Government in Government or vendor provided facilities.  This contractor training voucher is expected to include the following:

  • 1-6 days of classroom instruction/course tuition,
  • course books,
  • course software,
  • two GIAC practice certification tests depending on the course, and
  • one GIAC certification attempt depending on the Course.