Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

This is an archive
(replace .gov by .rip)


National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators: Indicators for Performing Work Roles

Date Published: November 2017
Comments Due: December 8, 2017 (public comment period is CLOSED)
Email Questions to:


The national need for a common lexicon to describe and organize the cybersecurity workforce and requisite knowledge, skills, and abilities (KSAs) led to the creation of the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NICE Framework). The NICE Framework defines the spectrum of cybersecurity work as well as tasks and knowledge, skills, and abilities (KSAs) for over 50 common Work Roles. While the Work Roles have made the NICE Framework easier to associate to specific positions, they do not provide organizations with guidance on how to determine if a professional can perform a Work Role. This report provides capability indicators which are intended to help organizations address this challenge. Capability indicators are recommended education, certification, training, experiential learning, and continuous learning that could signal an increased ability to perform a given Work Role. Though capability indicators are not formal qualification requirements, they provide a menu of characteristics recommended by subject matter experts (SMEs) that should be customized by each organization based on need and incorporated into hiring and employee development efforts (e.g., recruiting, building career paths). Overarching findings pertaining to capability indicators across Work Roles and proficiency levels are also provided in this report.



Capability indicators; certification; continuous learning; DHS; education; learning; NICE Framework; qualifications; training; Workforce Framework; Work Roles
Control Families

None selected


Draft NISTIR 8193

Supplemental Material:
None available