NICE Workforce Framework WiCyS Video Album
Update Notice: This page is currently in the process of being updated to reflect the latest release of updates on the NICCS site for the NICE Workforce Framework for Cybersecurity.
The NICE Workforce Framework for Cybersecurity is a resource by NIST NICE that describes the work and the roles in the cybersecurity profession. It provides the main building blocks for characterizing the tasks, knowledge and skills that are needed for the cybersecurity work done by professionals. This framework’s intended audience is everyone who is either interested in cybersecurity or already in cybersecurity.
While the NICE Workforce Framework for Cybersecurity provides helpful references and information for cybersecurity work roles, WiCyS would like to further illustrate these work roles with a video album of women who are already actively working in these roles. These 5-minute videos will not only promote more awareness of these work roles but also highlight women who are under represented in cyber as role models. This will allow young girls to see and hear from people who look like them and sound like them speaking to them about their jobs in cyber.
NICE Workforce Framework for Cybersecurity WiCyS Video Album
The NICE Workforce Framework for Cybersecurity is comprised of the following components:
- Categories (7) – A high-level grouping of common cybersecurity functions
- Specialty Areas (33) – Distinct areas of cybersecurity work
- Work Roles (52) – The most detailed groupings of cybersecurity work comprised of specific task, knowledge and skills (TKSs) required to perform tasks in a Work Role
Click the categories below to view WiCyS member work role videos under each specialty area.
DESIGN AND DEVELOPMENT CATEGORY
Conducts research, conceptualizes, designs, develops, and tests secure technology systems, including on perimeter and cloud-based networks.
Risk Management Specialty Area
Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization’s cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
Software Development Specialty Area
Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assurance best practices.
Systems Architecture Specialty Area
Develops system concepts and works on the capabilities phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.
Technology R&D Specialty Area
Conducts technology assessment and integration processes; provides and supports a prototype capability and/or evaluates its utility.
Systems Requirements Planner Specialty Area
Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs.
Test and Evaluation Specialty Area
Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.
Systems Development Specialty Area
Works on the development phases of the systems development life cycle.
IMPLEMENTATION AND OPERATION CATEGORY
Provides implementation, administration, configuration, operation, and maintenance to ensure effective and efficient technology system performance and security.
Database Administration Specialty Area
Develops and administers databases and/or data management systems that allow for the storage, query, protection, and utilization of data.
- Database Administration Work Role Video
- Data Analyst Work Role – SUBMIT INTEREST HERE TO BE FEATURED
Knowledge Management Specialty Area
Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Customer Service and Technical Support Specialty Area
Addresses problems; installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support). Typically provides initial incident information to the Incident Response (IR) Specialty.
Network Services Specialty Area
Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor systems) and software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems.
Systems Administration Specialty Area
Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Manages accounts, firewalls, and patches. Responsible for access control, passwords, and account creation and administration.
Systems Analysis Specialty Area
Studies an organization’s current computer systems and procedures, and designs information systems solutions to help the organization operate more securely, efficiently, and effectively. Brings business and information technology (IT) together by understanding the needs and limitations of both.
OVERSIGHT AND GOVERNANCE CATEGORY
Provides leadership, management, direction, and advocacy so the organization may effectively manage cybersecurity-related risks to the enterprise and conduct cybersecurity work.
Legal Advice and Advocacy Specialty Area
Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain. Advocates legal and policy changes, and makes a case on behalf of client via a wide range of written and oral work products, including legal briefs and proceedings.
- Cybersecurity Legal Advice Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Privacy Compliance Work Role Video
Training, Education, and Awareness Specialty Area
Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.
- Cybersecurity Curriculum Development Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Cybersecurity Instruction Work Role Video
Cybersecurity Management Specialty Area
Oversees the cybersecurity program of an information system or network, including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.
- Systems Security Management Work Role Video
- Communications Security (COMSEC) Management Work Role – SUBMIT INTEREST HERE TO BE FEATURED
Strategic Planning and Policy Specialty Area
Develops policies and plans and/or advocates for changes in policy that support organizational cyberspace initiatives or required changes/enhancements.
- Cybersecurity Workforce Management Work Role Video
- Cybersecurity Policy and Planning Work Role Video
Executive Cyber Leadership Specialty Area
Supervises, manages, and/or leads work and workers performing cyber and cyber-related and/or cyber operations work.
Acquisition and Program/Project Management Specialty Area
Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life cycle.
- Program Management Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Secure Project Management Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Product Support Management Work Role Video
- Technology Portfolio Management Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Technology Program Auditing Work Role Video
PROTECTION AND DEFENSE CATEGORY
Protects against, identifies, and analyzes risks to technology systems or networks. Includes investigation of cybersecurity events or crimes related to technology systems and networks.
Cyber Defense Analysis Specialty Area
Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
Cyber Defense Infrastructure Specialty Area
Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities.
Incident Response Specialty Area
Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities.
Vulnerability Assessment and Management Specialty Area
Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations.
CYBERSPACE INTELLIGENCE CATEGORY
Collects, processes, analyzes, and disseminates information from all sources of intelligence on foreign actors' cyberspace programs, intentions, capabilities, research and development, and operational activities.
Threat Analysis Specialty Area
-
Identifies and assesses the capabilities and activities of cybersecurity criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities
Exploitation Analysis Specialty Area
Analyzes collected information to identify vulnerabilities and potential for exploitation.
All-Source Analysis Specialty Area
Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.
Targets Specialty Area
Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.
- Target Analysis Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Target Network Analysis Work Role – SUBMIT INTEREST HERE TO BE FEATURED
Language Analysis Specialty Area
Applies language, cultural, and technical expertise to support information collection, analysis, and other cybersecurity activities.
CYBERSPACE EFFECTS CATEGORY
Plans, supports, and executes cyberspace capabilities where the primary purpose is to externally defend or conduct force projection in or through cyberspace.
Collection Operations Specialty Area
Executes collection using appropriate strategies and within the priorities established through the collection management process.
- All Source-Collection Management Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- All Source-Collection Requirements Management Work Role – SUBMIT INTEREST HERE TO BE FEATURED
Cyber Operational Planning Specialty Area
Performs in-depth joint targeting and cybersecurity planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.
- Cyber Intelligence Planning Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Cyber Operations Planning Work Role – SUBMIT INTEREST HERE TO BE FEATURED
- Partner Integration Planning Work Role – SUBMIT INTEREST HERE TO BE FEATURED
Cyber Operations Specialty Area
Performs activities to gather evidence on criminal or foreign intelligence entities to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support other intelligence activities.
INVESTIGATION CATEGORY
Conducts national cybersecurity and cybercrime investigations, including the collection, management, and analysis of digital evidence.
Cyber Investigation Specialty Area
Applies tactics, techniques, and procedures for a full range of investigative tools and processes to include, but not limited to, interview and interrogation techniques, surveillance, counter surveillance, and surveillance detection, and appropriately balances the benefits of prosecution versus intelligence gathering.
Digital Forensics Specialty Area
Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.
- Digital Evidence Analysis Work Role– SUBMIT INTEREST HERE TO BE FEATURED
- Digital Forensics Work Role– SUBMIT INTEREST HERE TO BE FEATURED