What is DoD 8140, DoDM 8140, and DoD 8570 Explained: A Comprehensive Guide to Cyber Security Workforce Management for the Department of Defense (DoD) with 28 DCWF Job Roles that Recognize EC-Council Certifications

August 18, 2023
| Ethical Hacking

What are the DoD 8140 and DoDM 8140?

DoD 8140, or Department of Defense Directive 8140 in combination with DoDM 8140 and DoDI 8140 collectively provide the directive, instruction, and manual that steers the classification and qualification requirements for individuals working in a cyber security capacity within the United States Department of Defense. The three documents collectively accomplish the following objectives:

  • Establish the DoD-wide mandate for the required qualification of members working in the DoD cyberspace workforce.
  • Identify members of the DoD cyberspace workforce based on work role(s) of the positions assigned.
  • Implement policy, assign job role-based responsibilities, and prescribe procedures for the qualification of personnel in the DoD cyberspace workforce.

Since 2007, EC-Council has held multiple approved certifications affecting the training and certification of DoD members, globally helping with the qualification and capability development of US Military forces and DoD components.


Who is affected by DoD 8140?

According to Section 1.1 Applicability of the DoDM 8140.03 February 15, 2023 issuance,

DoDM 8140.03 applies to the following:

  • OSD
  • Military Departments (including the Coast Guard at all times, including when it is a service in the Department of Homeland Security by agreement with that department)
  • Office of the Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff
  • Combatant Commands
  • Office of the Inspector General of the Department of Defense
  • Defense Agencies
  • DoD Field Activities
  • All other organizational entities within the DoD (referred to collectively in this issuance as the “DoD Components”)

At a personnel level, the mandate applies to the following:

  • ALL cyberspace workforce personnel identified in DoDI 8140.02
  • Service Members
  • DoD Civilian Employees
  • Contractors
  • Foreign Nationals


What is the DoD Cyberspace Workforce Framework (DCWF)?

The DCWF establishes a taxonomy for cyberspace work roles along with their associated responsibilities in the form of tasks, knowledge requirements, and skill requirements. The combination of 8140 and the DCWF establishes the work role requirements and qualification requirements for members of the DoD Cyber Workforce.

What roles are EC-Council Certifications are approved to qualify?

DoDM 8140 has established a three-tier classification for industry certifications following basic, intermediate, and advanced level certification approval. As the qualification requirements shift based on the work role assignments, ANAB Accredited Industry certification bodies are reviewed for the alignment of their certification objectives and how they map to individual work role expectations. After rigorous external review, approval is granted and communicated under the 8140 Directive.


EC-Council Training and Certification for the United States Military, Contractors, and Civilians

For over 20 Years, EC-Council has Trained, Certified, and Empowered critical workforce elements of the United States Military.

28 DCWF Job Roles that Recognize EC-Council Certifications:

Below DoD job roles updated as on May 27th 2024.
EC-Council CertificationDoD 8140 Approved Work Roles
Certified Ethical Hacker (C|EH)
  • 111 – All-Source Analyst
  • 141 – Warning Analyst
  • 511 – Cyber Defense Analyst
  • 531 – Cyber Defense Incident Responder
  • 541 – Vulnerability Assessment Analyst
  • 661 – Research & Development Specialist
  • 111 – All-Source Analyst
  • 141 – Warning Analyst
  • 511 – Cyber Defense Analyst
  • 531 – Cyber Defense Incident Responder
  • 541 – Vulnerability Assessment Analyst
  • 661 – Research & Development Specialist
  • 611 – Authorizing Official/Designating Representative
  • 722 – Information Systems Security Manager
  • 723 – COMSEC Manager
  • 731 – Cyber Legal Advisor
  • 801 – Program Manager
  • 802 – IT Project Manager
  • 803 – Product Support Manager
  • 804 – IT Investment/Portfolio Manager
  • 805 – IT Program Auditor
  • 211 – Forensics Analyst
  • 212 – Cyber Defense Forensics Analyst
  • 221 – Cyber Crime Investigator
  • 511 – Cyber Defense Analyst
  • 521 – Cyber Defense Infrastructure Support Specialist
  • 531 – Cyber Defense Incident Responder
  • 531 – Cyber Defense Incident Responder

C|ND – Certified Network Defender

C|EH – Certified Ethical Hacker

C|HFI – Computer Hacking Forensic Investigator

C|CISO – Certified Chief Information Security Officer

What is/was DoD 8570?

DoD 8570 has been replaced by DoD 8140. The former 8570 Directive provided similar mandates on qualifying the DoD Cyber Workforce; however, the classification of work roles was based on work role specialty areas as opposed to the individual work role itself. These classifications are still relevant.


Approved Baseline Certifications*

IAT Level I2IAT Level II2IAT Level III
IAM Level IIAM Level IIIAM Level III
CSSP Analyst1, 2CSSP Infrastructure Support1CSSP Incident Responder1, 2






CSSP Auditor1CSSP Manager1 

*DoD Approved Baseline Certifications are not limited to EC-Council Certifications. Refer to the DoD Cyber Exchange for a list of all recognized baseline certifications.


Need compliance help?

Reach out to EC-Council’s Government Team and learn more about how EC-Council Certifications can help you, in compliance with DoD 8140

Visit to find more details and speak to our career advisor: https://www.eccouncil.org/government-cybersecurity-military-solutions/


How to Get Popular EC-Council DOD 8140 Certifications

Here is a summary of all of the popular EC-Council certifications that are part of the DoD 8140 Directive:


C|EH – Certified Ethical Hacker

EC-Council’s C|EH is the world’s leading ethical hacking credential, equipping cyber security professionals to protect organizations against cyber-attacks. Certified Ethical Hackers follow a 5-phase approach (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks) to lawfully break into organizations and identify weaknesses and vulnerabilities. The unique learn-certify-engage-compete framework includes training, certification, and real ethical hacking engagements in EC-Council’s live cyber range. Global Ethical Hacking Competitions help participants keep their skills up to date even years after certification. The C|EH is a highly sought-after certification, preparing candidates for lucrative cyber security roles with top companies.

Click here to learn more about the C|EH , complete the form, and speak to a career advisor.

C|EH – Certified Ethical Hacker (Practical Exam)

The Certified Ethical Hacker (C|EH) Practical Exam is an advanced exam for cybersecurity professionals focusing on practical ethical hacking skills. Test candidates in real-world scenarios that require the use of tools and techniques to identify vulnerabilities. This exam validates your skills in conducting effective penetration tests and implementing robust security measures. Successful completion confirms your skills in defending organization to against cyber threats.

Click here to learn more about the C|EH , complete the form, and speak to a career advisor.

C|ND – Certified Network Defender

C|ND Program: EC-Council’s Certified Network Defender (C|ND) is a network security certification that provides students with essential skills to safeguard networks, analyze computing systems, and strengthen IT infrastructure. Certified Network Defenders are equipped to apply defense and countermeasure strategies, covering attack prevention, detection, response, and remediation techniques. Hands-on learning with over 80 complex labs enriches their experience throughout this lab-intensive program.

Click here to learn more about C|ND , complete the form, and speak to a career advisor.


C|HFI – Computer Hacking Forensic Investigator

EC-Council’s C|HFI program is a lab-based training that equips cyber security professionals with knowledge and skills to prepare their organizations for forensic readiness. This intensive 5-day program immerses students in groundbreaking digital forensics technologies, with hands-on experience through 50+ forensic labs. The training covers forensics processes, lab and evidence handling procedures, as well as various forensic investigation techniques.

Click here to learn more about the C|HFI , complete the form, and speak to a career advisor.


C|CISO – Certified Chief Information Security Officer

EC-Council’s Chief Certified Information Security Officer (C|CISO) program is a top-tier certification that propels infosec professionals into C-suite roles. Covering five comprehensive domains, the C|CISO bridges the gap between technical, executive management, and financial functions, enabling a seamless transition to management roles. Certified CISOs gain a top-level perspective, excelling in planning, strategizing, and executing information security portfolios. They acquire leadership skills and business acumen to succeed in the highest positions within information security.

Click here to learn more about C|CISO, complete the form, and speak to a career advisor.


We recommend searching for the latest revision of the directive at the Washington Headquarters Services here: https://www.esd.whs.mil/DD/
Yes! The US Department of Labor provides a Crosswalk tool that translates DoD Job Billets from the DCWF to common job titles found in industry and the private sector here: https://www.onetonline.org/crosswalk/MOC/
Approval of certifications to the DCWF work roles requires a specific minimum accreditation and alignment. All certifications must be ANAB 17024 Accredited, and the exam domains must align to at least 70% of the DCWF work role responsibilities. EC-Council has worked with the DoD to review the C|ND, C|EH , C|HFI , and C|CISO certifications due to their close alignment with the expectations in each work role and received the appropriate approval from the DoD to be listed in the directive.
We cannot guarantee approval from the DoD; however, EC-Council does have multiple additional certifications that align closely to the work role expectations. Some are already ANAB accredited and others are in the process of review. EC-Council Leadership will continue to work with the DoD on the review, and we hope for approval of these programs to add more tactical cyber security certification options for members of the defense and intelligence communities.
No, but there are many similarities and shared definitions. The Defense Cyber Workforce Framework is under the United Stated Department of Defense, while the National Initiative for Cybersecurity Education (NICE) is run by the National Institute of Science and Technology (NIST). Both initiatives share many common job roles, as well as their corresponding task, knowledge, and skill requirements. EC-Council programs are both approved by the United States Department of Defense and mapped to the NICE Framework. A complete mapping to the NICE framework is available here.
Yes! There are a variety of funding options available for active duty, veterans, and civilians alike. EC-Council programs are mapped to the various service COOL programs with over 380 job billets across the various military branches as well as ARMY Ignited. Many certifications are also Post 9/11 GI Bill approved for reimbursement. EC-Council works closely with delivery partners across the globe to extend opportunities in funding for transitioning military, VetTech, and vocational rehab programs, as well as flexible financing options for training and certification. Reach out to our team to find out more information on funding options.
You can find the Advanced Credential search in NAVY COOL here: https://www.cool.osd.mil/usn/credsearch/index.html. With this tool, you can search by agency under our official company name (International Council of E-Commerce Consultants, Inc. [EC-Council]) to find a list of all approved certifications and their corresponding funding options and job billets.
You can find the Advanced Credential search in ARMY COOL here: https://www.cool.osd.mil/army/credsearch/index.html. With this tool, you can search by agency under our official company name (International Council of E-Commerce Consultants, Inc. [EC-Council]) to find a list of all approved certifications and their corresponding funding options and job billets.
INGITED provides funding opportunities for active-duty soldiers in the US Army. With tuition assistance funding available to all US Army soldiers, EC-Council has a variety of approved training and certification programs in your IGNITED benefits. Visit https://www.armyignited.army.mil/student/public/education-benefits for more information or to apply for fully paid training and certification opportunities.
At EC-Council we take great pride in a long history of working with our nation’s military to equip and enhance cyber capability. In addition to providing training and certification to members of our armed forces, EC-Council’s Authorized Partner Network provides access to training centers in over 140 countries, serving members of our military, whether they are stationed home or abroad. We provide various online asynchronous and online live options as well as the ability to hold private dedicated classes in unclassified or classified facilities utilizing our large network of Certified EC-Council Instructors. EC-Council also works directly with various military schoolhouses to provide authorized training delivered by the military to the military, essentially “teaching in green.”

If you are a member of the armed forces in almost any capacity, your specific service components have provisions for you to receive training and credentialing. Often the service will pay for both MOS/AFSC related and non-related training programs. These benefit programs differ by service and generally come under the heading of each service’s COOL program. Contact us to find out what you’re eligible for.

Visit for more details https://iclass.eccouncil.org/military-solutions/

Dating back to the early 2000s, EC-Council started by mapping our programs to the NSTISSI and CNSS Standards 4011 through 4019. With the evolution of the NICE Framework in recent years, EC-Council has worked diligently to map its programs to the specialty areas and now competency areas of the National Initiative in Cybersecurity Education. We have helped a variety of schools with program development and curriculum mapping into the National Security Agencies Centers for Academic Excellence. Awarded the Industrial Achievement Award by CISSE, EC-Council helps accredited universities achieve CAE status through well-aligned ANAB and ACE Accredited programs. Learn more about our Academic Partnerships and our CAE program here: https://www.eccouncil.org/academia/caebenefits/

Reach out here to our military team for more information.

Visit for more details https://iclass.eccouncil.org/military-solutions/

Share this Article
You may also like
Recent Articles
Become A
Certified Ethical Hacker (C|EH)

"*" indicates required fields