757-216-3656 | Monday–Friday 8:30 AM – 4:30 PM | info@itdojo.com
|
Blog

DoD 8140 Work Role & Certification Mapping Guide (Free Download)

Free DoD 8140 work role mapping guide for training managers and contracting officers. Download our reference chart mapping every Cyberspace IT and Cybersecurity work role to approved baseline certifications under DoDM 8140.03.

June 9, 2026 Nick Webb

If you manage training for a DoD component, federal agency, or government contractor, you already know the problem: DoD 8140 introduced dozens of specific work roles, each with its own qualification requirements at Basic, Intermediate, and Advanced proficiency levels. Keeping track of which certifications satisfy which work roles, across a workforce of any size, is genuinely difficult.

We built a free reference guide to solve that problem.

Download the Free Guide

Download the IT Dojo DoD 8140 IT Work Role & Certification Mapping Guide (PDF)

No form. No email required. Just download it and use it.

The guide maps every Cyberspace IT and Cybersecurity work role under the DoD Cyber Workforce Framework (DCWF) to its approved baseline certifications under DoDM 8140.03 Qualification Matrix v2.1 (effective September 19, 2025). It also shows which IT Dojo courses prepare your personnel for each certification, with direct links to course pages.

What Is DoD 8140 and Why Does It Matter Now?

DoD Manual 8140.03, signed February 15, 2023, replaced the previous DoD 8570.01-M framework and shifted the DoD’s approach to cyber workforce qualification from a broad job-category model to a competency-based, work-role-specific framework anchored in the NICE Cybersecurity Workforce Framework.

The practical effect: instead of a short list of certifications mapped to a handful of IA categories, you now have dozens of specific work roles, each with defined knowledge, skills, and abilities, and a qualification matrix that specifies exactly which certifications satisfy each role at each proficiency tier.

The compliance deadlines that matter most right now:

  • February 15, 2025: Foundational qualification required for all Cybersecurity workforce element personnel. This deadline has passed. If your Cybersecurity personnel are not qualified, they should be.
  • February 15, 2026: Foundational qualification required for Cyber IT, Cyber Effects, Cyber Intelligence, and Cyber Enablers workforce elements. Residential qualification required for the Cybersecurity element. This deadline has also passed.
  • February 15, 2027: Residential qualification required for all remaining workforce elements, namely Cyber IT, Cyber Effects, Cyber Intelligence, and Cyber Enablers. This is the next major deadline your organization needs to be working toward.

Beyond the organizational deadlines, there is an individual clock running on every new hire. Personnel assigned to a cyberspace work role have nine months to achieve foundational qualification and twelve months to achieve residential (on-the-job) qualification from their date of assignment. Failure to qualify without an approved waiver results in removal from work role duties.

How the DCWF Work Role System Works

The DoD Cyber Workforce Framework organizes all cyberspace work roles into seven workforce elements:

  • Cyberspace IT is personnel who manage, operate, and maintain the IT infrastructure that enables DoD missions
  • Cybersecurity is personnel in protective, defensive, and compliance roles
  • Software Engineering is developers, architects, and DevSecOps personnel
  • AI and Data is data officers, AI specialists, and machine learning engineers
  • Cyberspace Effects is offensive cyber operations and exploitation roles
  • Cyberspace Intelligence is all-source analysts and cyber intelligence planners
  • Cyberspace Enablers is legal, policy, training, and leadership roles

Each work role has a numeric code (for example, Network Operations Specialist is 442, IS Security Officer is 521) and qualification requirements at three tiers:

  • Basic is foundational knowledge, typically satisfied by an entry-level certification
  • Intermediate is applied skills, requiring a more advanced certification
  • Advanced is expert or leadership level, requiring senior certifications such as CISSP or CISM

The guide focuses on the Cyberspace IT and Cybersecurity elements because these cover the majority of IT-billet personnel at DoD components, commands, and contractor organizations. These are the roles your training budget is most likely being spent on.

The Most Common Certifications Across Cyberspace IT Work Roles

If you are trying to prioritize your training budget, understanding which certifications appear most frequently across work roles tells you where to concentrate. Based on the current qualification matrix:

CompTIA Security+ is the single most widely required certification across all of DoD 8140. It satisfies the Basic tier for almost every Cyberspace IT and Cybersecurity work role. If a member of your workforce is assigned to any covered work role and does not yet have Security+, that is where to start.

CISSP is the most commonly required certification at the Intermediate and Advanced tiers. It appears as a qualifier across roles as varied as System Administrator, IS Security Manager, Security Control Assessor, and Vulnerability Assessment Analyst. For senior personnel, CISSP is nearly unavoidable.

CompTIA CySA+ sits between Security+ and CISSP and satisfies the Intermediate tier for several Cyber Defense roles. It is a practical next step for personnel who have Security+ and are working in monitoring, detection, or incident response functions.

CISM (Certified Information Security Manager) is particularly relevant for IS Security Managers and Authorizing Officials, where a management-focused credential carries more weight than a technical one.

CEH (Certified Ethical Hacker) appears at the Intermediate tier for Cyber Defense Analysts, Incident Responders, and Vulnerability Assessment Analysts, roles involved in offensive awareness and threat understanding.

CISA (Certified Information Systems Auditor) is the primary credential for Security Control Assessors, the personnel responsible for RMF assessment work.

What the Guide Covers

The guide is organized into four sections:

Section 1: Cyberspace IT Work Roles covers 12 work roles including Database Administrator (421), Knowledge Manager (441), Network Operations Specialist (442), System Administrator (451), System Testing and Evaluation Specialist (461), Technical Support Specialist (411), IT Project/Program Manager (802), and Enterprise Architect (651). Each row shows the work role name and code, approved certifications at Basic/Intermediate/Advanced tiers, and the IT Dojo courses that prepare personnel for those certifications.

Section 2: Cybersecurity Work Roles covers 12 work roles including Authorizing Official/Designating Representative (522), Cyber Defense Analyst (531), Cyber Defense Forensics Analyst (532), IS Security Manager/ISSM (522), IS Security Officer/ISSO (521), Security Control Assessor (612), and Vulnerability Assessment Analyst (541).

Section 3: Certification Quick Reference is a single-page table listing the 15 most frequently appearing certifications across both workforce elements, with issuing body, qualification tier, IT Dojo course, and the specific work roles each cert satisfies.

Section 4: Why IT Dojo is a summary of what separates IT Dojo from larger national training providers on 8140 compliance training.

What Makes IT Dojo Different for 8140 Training

IT Dojo has been delivering DoD and federal IT certification training since 2003. We work exclusively with employer sponsored clients, namely DoD components, federal agencies, and the contractors who support them. We do not sell to the general public.

A few things that matter when you are shopping for 8140 training:

Price. We are consistently 15 to 30 percent less expensive than the large national training companies, including New Horizons, Global Knowledge, and Fastlane, for equivalent course content and quality. If you have a training budget tied to a specific contract deliverable, that difference matters.

Live instruction only. Every IT Dojo course is delivered live by a working subject matter expert, either on-site at your facility or via live remote online. We do not sell self-paced or pre-recorded courses. If a student has a question about how a concept applies to their specific operational environment, they can ask.

On-site delivery. If you need to train a group at a specific location, such as a command, a base, or a contractor facility, we come to you. Group on-site delivery is frequently the most cost-effective option for organizations training five or more personnel on the same certification.

Training broker capability. If a certification your personnel need is not in our direct catalog, we can source it through our partner network. We have access to virtually every DoD-relevant certification course available in the market, and in most cases at a lower price than going direct to the large providers. We function as a single point of contact for your entire IT and cybersecurity training portfolio.

Request a Quote

Ready to get your team qualified before the February 2027 residential deadline?

Contact Nick Webb, Director of Operations, for a no-obligation quote on any DoD 8140 certification course:

We serve DoD components, U.S. Navy commands, federal civilian agencies, and government contractors nationwide. Courses are available live remote online or on-site at your facility anywhere in the country.

Guide is based on DoDM 8140.03 Qualification Matrix Version 2.1, effective September 19, 2025. Certification requirements are subject to change. Always verify against the current official matrix at cyber.mil.

Looking for IT & Cybersecurity Training?

IT Dojo delivers live instructor-led training to DoD, federal government, and corporate clients. Most courses available live remote online.

More Articles
Recent Articles
View all articles →
Browse by Topic
CISSP 108 Certification 107 Isc2 104 Practice-Questions 104 RMF 64 Cybersecurity 41 Networking 26 IPv6 25 DoD Compliance 23 NIST 21 Certifications 13 Training 10 Python 9 Federal IT 6 DoD 8140 5 STIGs 5 Cloud Security 4 Privacy 4 EMASS 3 Free Tool 3 60s Rounds 2 Agile 2 Career Development 2 CISM 2 CompTIA 2 DCWF 2 Reflex 2 5-Min Rounds 1 AI 1 Arcade 1 AZ-500 1 Azure Security Engineer 1 Career 1 CCNA 1 Cisco 1 Compliance 1 CompTIA Security+ 1 Contracting Officers 1 Cybersecurity Certifications 1 DoD 8570 1 DoDM 8140.03 1 Drag and Drop 1 Exam Prep 1 IAM 1 IT Certifications 1 Linux 1 Math 1 Microsoft Azure 1 Phishing 1 PMBOK 1 PMP 1 Project Management 1 Security 1 Security Awareness 1 Security Certifications 1 Study Tips 1 Survival 1 Training Managers 1 Typing 1 Versus AI 1 Work Roles 1 ~3 Min Runs 1
Need Training?

IT Dojo offers live remote and on-site courses for DoD and government teams.

757-216-3656
Get More Information

We work with Government Agencies, Military, government contractors, and corporate clients. As much as we would love to, our business model does not include working with the general public.