NICE Framework

How to use the NICE Cybersecurity Workforce Framework to plan career progression: A practitioners’ guide

Daniel Brecht
October 22, 2020 by
Daniel Brecht

Introduction: An overview of the NICE Cybersecurity Workforce Framework

In 2017, the National Institute of Standards and Technology (NIST) published Special Publication 800-181, the NICE Cybersecurity Workforce Framework (or NICE Framework); the document categorizes and describes cybersecurity work as well as the knowledge, skills and abilities (KSAs) needed by professionals to complete tasks in the field. SP 800-181 is updated periodically and continues to serve as a means to map the work roles in this ever-evolving field based on continuous updating and much interdisciplinary.

With a total of 52 identified work roles, the usefulness of this NICE Framework can be great under many points of view: it can help organizations to operate successfully by allowing them to define position descriptions that are adequate and current to meet the challenges of the time. Jobs can be identified by their category and specialty area, through a sequential number (e.g., SP-RSK-001 is the first work role in the SP Category and RSK Specialty Area) and companies can precisely align their positions to the Workforce Framework. This not only helps ensure proper placement of staff, but also the planning of the best possible development plan through role-based training or upskilling.

SP 800-181 can also assist recruiters in identifying the right people for available positions by looking for the specific KSAs needed to perform the requested tasks. The framework can help education institutions to tailor their programs to the needs of the labor market and assist professionals in building and advancing their career by providing guidance on the skills and knowledge they need to obtain as they progress through their employment life.

How the NCWF is structured

The NICE Cybersecurity Workforce Framework has several components:

  • Categories (7): A collection of common cybersecurity functions
  • Specialty Areas (33): Areas of work within cybersecurity with details on specific cybersecurity functions
  • Work Roles (52): The type of cybersecurity work comprised of KSAs required to perform tasks in that role
  • Capability Indicators: A combination of education, certification, training, continuous learning and experience that indicates the likelihood of success for a given role

And it is the list of capability indicators that “can be used for a wide variety of workforce development purposes, such as building position descriptions and career pathways and recruiting and developing talent,” states the National Initiative for Cybersecurity Careers and Studies (NICCS).

How to use the NCWF for career progression 

The NICE Framework applies across public, private and academic sectors, and helps shape a workforce capable of meeting an organization’s cybersecurity needs allowing entities to identify, recruit, develop and retain cybersecurity talent.

Here's how the NICE Framework may be used and by whom, as per the NIST SP.800-181:

  • Employers rely on the NCWF in their use of industry certifications and academic credentials and in their selection of relevant training opportunities for their workforce. They can also identify missing roles in the cybersecurity workforce structure and, therefore, better focus on strengthening their posture
  • Education providers rely on the NCWF to help develop curriculum, certificate or degree programs that better prepare students for their career and give them real-world skills valued by employers
  • Training and certification providers rely on the NCWF as a resource to help current and future members of the cybersecurity workforce develop and use new skills
  • Staffing specialists and guidance counselors rely on the NCWF to fill in-demand cybersecurity jobs and positions with personnel able to undertake specific tasks

But how can the NICE Framework help professionals plan and support their career progression?

First of all, by providing a clear snapshot of all jobs in cybersecurity and the duties the professionals would be expected to perform in those positions. In such a vast, quickly-evolving field, having a standardized catalog of roles and specialties can really help identify the preferred type of occupations of the one that better matches their current abilities or future aspirations.

Once having identified their preferred specialty and work role within the industry, the professionals can use the NICE Framework to effectively pinpoint the training, skills and qualification requirements that would be needed to succeed in those positions. This takes away the guesswork and helps the person navigate the multitude of education opportunities and certifications currently available on the market. Knowing which KSAs employers would be looking for, as well as which will allow an IT practitioner to succeed in that specific role, is definitely a great help for those preparing to gear up for a career change or a leap forward.

A number of resources are also based on the NICE Framework and can be invaluable for professionals. The Cybersecurity Workforce Development Toolkit has “the resources and information you need to plan, build, and advance” the cybersecurity workforce and is designed as a tool for managers, HR and company leaders and trainers. This kit, which is issued by the US Department of Homeland Security (DHS) and is part of the DHS NICCS list of cybersecurity resources, can be used to create career paths as well as recruit and retain top talent. 

It’s also a great way for professionals to understand what businesses and organizations will be looking for and to have access to catalogs of over 3,000 cyber training courses, found in the National Initiative for Cybersecurity Careers and Studies (NICCS) Training Catalog. These are aligned to the specialty areas of the National Cybersecurity Workforce Framework, as well as suggested development opportunities.

CyberSeek’s interactive map is also a great resource. Introduced by the US Commerce Department’s National Institute of Standards and Technology (NIST), it is an “an interactive online tool designed to make it easier for cybersecurity job seekers to find openings and for employers to identify the skilled workers they need.” It highlights career pathways that incorporate occupation categories from the NICE Cybersecurity Workforce Framework and “features information on common job titles, salaries, online job openings, in-demand skills, education and certifications” related to the field.

The federal government also uses cybersecurity codes based on the NICE Cybersecurity Workforce Framework. Since 2013, the US Office of Personnel Management (OPM) has had federal agencies assign government-wide data standard codes to their positions with cybersecurity functions as part of a strategy for mitigating any identified gaps with appropriate training and certifications for existing staff, as outlined within the Federal Cybersecurity Workforce Assessment Act. OPM continues to work with NICE to revise its coding structure for information technology, cybersecurity and cyber-related work roles.

NIST itself has pages that illustrate how the Framework can actually help learners, job seekers and professionals with clear career paths and profiles, possible jobs and even available competitions.

Professionals can also easily find online maps created by education, training or certification providers that relate their programs to the NICE Framework. The same can be said of colleges and universities (Southern New Hampshire University and EC-Council University, for example) that often provide information on how their degrees fit in the Framework.


The NICE Framework describes cybersecurity work and provides a standard way of defining roles in the field by knowledge, skills and abilities, as well as categories and specialties. By using a common language to describe functions and duties of cybersecurity roles, the NICE Framework clarifies communication between cybersecurity educators, trainers/certifiers, employers and employees to define or provide guidance on different aspects of workforce development, planning, training and education. The guide provides clear and consistent descriptions of the cybersecurity KSAs and tasks that are essential for successful performance in specific work roles.

Given the interdisciplinary nature of the cybersecurity work, having a standardized framework that defines positions and roles regardless of where or for whom the job is performed provides a great way for employees or future professionals to identify their current standing in the field, discover their possibility, identify where they want to be later in their career and what is needed to achieve that. The publication not only helps in shaping a cybersecurity workforce that meets the needs of today’s organizations by applying a standard guidance to prevent improvisation and approximation but also allows the shaping of specialized professionals better prepared to meet the many challenges of today’s cyber realm.



What is the NICE Cybersecurity Workforce Framework?, Security Boulevard

NICE Cybersecurity Workforce Framework, NICCS

NICE Cybersecurity Workforce Framework Work Roles, NICCS

NICCS Education and Training Catalog, NICCS

Cybersecurity Workforce Development Toolkit, NICCS

Federal Cybersecurity Coding Structure, NIST

NICE Tutorial: Framework 101 (instructional webinar video 50:54), NIST

NICE Framework, NIST Special Publication 800-181, NIST 

NICE Framework Provides Resource for a Strong Cybersecurity Workforce, NIST

NIST Announces CyberSeek, An Interactive Resource for Cybersecurity Career Information, NIST

Requirements of the Federal Cybersecurity Workforce Assessment Act, Chief Human Capital Officers (CHCO) Council

Daniel Brecht
Daniel Brecht

Daniel Brecht has been writing for the Web since 2007. His interests include computers, mobile devices and cyber security standards. He has enjoyed writing on a variety of topics ranging from cloud computing to application development, web development and e-commerce. Brecht has several years of experience as an Information Technician in the military and as an education counselor. He holds a graduate Certificate in Information Assurance and a Master of Science in Information Technology.