Not sure where to go in cybersecurity? There are a lot of directions your career can take. Depending on your interests, passions and abilities, you can go into the line of work that’s best suited for you. That’s why we created this cybersecurity career chart, to help newcomers decide which area to focus in. And if you’re already working in the field, this chart can help you take the next best move in your career.
This resource is based on the National Initiative for Cybersecurity Education (NICE) Framework. NICE is led by the National Institute of Standards and Technology (NIST) in the US Department of Commerce. The NICE Framework supports those looking to enter the field, as well as those already working in cybersecurity, explore various categories of cybersecurity work as well as the specific knowledge, skills and abilities of various cybersecurity roles.
For example, according to the NICE Framework, cybersecurity jobs fall under the following categories:
1. Securely Provision (SP)
The SP workforce conceptualizes, designs, procures and/or builds secure information technology systems. Specialty areas within this category include software development, systems architecture and technology R&D.
2. Operate and Maintain (OM)
The OM workforce provides the support, administration and maintenance necessary to ensure effective and efficient information technology system performance and security. Specialty areas within this category include data administration, network services and systems administration.
3. Oversee and Govern (OV)
The OV workforce provides leadership, management, direction and/or advocacy so an organization may effectively conduct cybersecurity work. Specialty areas include legal advice and advocacy, strategic planning, education and project management.
4. Protect and Defend (PR)
The OM workforce provides the support, administration and maintenance necessary to ensure effective and efficient information technology system performance and security. Specialty area within this category include cyber defense analysis, incident response and vulnerability assessment.
5. Analyze (AN)
The OM workforce provides the support, administration and maintenance necessary to ensure effective and efficient information technology system performance and security. Specialty areas within this category include threat analysis, exploitation analysis and all-source analysis.
6. Collect and Operate (CO)
The OM workforce provides the support, administration and maintenance necessary to ensure effective and efficient information technology system performance and security. Specialty areas within this category include collection operations, cyber operational planning and cyber operations.
7. Investigate (IN)
The IN workforce investigates cybersecurity events or crimes related to information technology systems, networks and digital evidence. Specialty areas within this category include cyber investigation and digital forensics.
To help you navigate these categories and decide which specific roles you may be interested in, the following chart will have you answer questions about your interests and preferences as they relate to aspects of cybersecurity.
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181r1.pdf
