NICE-aligned workforce readiness
The NICE Framework defines what your cybersecurity roles require. Infosec maps training directly to NICE Work Roles and their Task, Knowledge and Skill (TKS) statements. From there, we verify your team can perform what the framework demands.
The NICE Framework
The NICE Framework organizes cybersecurity work into a consistent structure recognized across public, private and academic sectors. It defines:
- Work Role Categories: 5 high-level groupings of cybersecurity functions
- Work Roles: Specific responsibilities someone is accountable for
- TKS Statements: The tasks, knowledge and skills defining what that work requires
- Competency Areas: Clusters of knowledge and skill that reflect capability in a given domain
NICE Work Role Categories
Training mapped across all five Work Role Categories
Infosec offers training across the NICE Framework. Learn how this framework organizes cybersecurity work and where Infosec supports development in each area.
Oversight and Governance (OG)
Provides leadership, management, direction and advocacy so the organization may effectively manage cybersecurity-related risks to the enterprise and conduct cybersecurity work.
- Communications Security (COMSEC) Management
- Cybersecurity Policy and Planning
- Cybersecurity Workforce Management
- Cybersecurity Curriculum Development
- Cybersecurity Instruction
- Cybersecurity Legal Advice
- Executive Cybersecurity Leadership
- Privacy Compliance
- Product Support Management
- Program Management
- Secure Project Management
- Security Control Assessment
- Systems Authorization
- Systems Security Management
- Technology Portfolio Management
- Technology Program Auditing
Design and Development (DD)
Conducts research, conceptualizes, designs, develops and tests secure technology systems, including perimeter and cloud-based networks.
- Cybersecurity Architecture
- Enterprise Architecture
- Operational Technology (OT) Cybersecurity Engineering
- Secure Software Development
- Secure Systems Development
- Software Security Assessment
- Systems Requirement Planning
- Systems Testing and Evaluation
- Technology Research and Development
Implementation and Operation (IO)
Provides implementation, administration, configuration, operation and maintenance to ensure effective and efficient technology system performance and security.
- Data Analysis
- Database Administration
- Knowledge Management
- Network Operations
- Systems Administration
- Systems Security Analysis
- Technical Support
Protection and Defense (PD)
Protects against, identifies and analyzes risks to technology systems or networks. Includes investigation of cybersecurity events or crimes related to technology systems and networks.
- Defensive Cybersecurity
- Digital Forensics
- Incident Response
- Infrastructure Support
- Insider Threat Analysis
- Threat Analysis
- Vulnerability Analysis
Investigation (IN)
Collects, processes, analyzes, and disseminates information from all sources of intelligence on foreign actors' cyberspace programs, intentions, capabilities, research and development and operational activities.
- Cybercrime Investigation
- Digital Evidence Analysis
How Infosec maps to NICE
Training built around the framework
Infosec Skills courses map to more than 620 unique NICE Knowledge and Skills Statements. You can browse training by Work Role or by individual K/S statements and assign development based on what each role actually requires.
When you need to move faster, Skills Navigator does the heavy lifting. Enter a job description, task list or desired skillset. Then, Skills Navigator uses AI to match it against NICE K/S Statements and build a custom training plan in seconds, pulling from hundreds of learning paths across 1,800+ courses.
“We regularly leverage the NICE Knowledge and Skill Statement mapping inside the Infosec Skills platform to maximize training relevancy and accelerate professional development.”
James “Slim” Beamon
Dean of the CyberEDGE Academy and senior cybersecurity program manager at Leidos
Upskill your team
Train employees on every skill level and facilitate real workforce transformation. Infosec's training options align to the NICE Cybersecurity Framework so cyber professionals can gain the real skills they need for their specific role. Keep your organization compliant and secure with courses and labs that fulfill the TKS statements your team needs.
Frequently asked questions
What is the NICE Framework?
The NICE Workforce Framework for Cybersecurity is a NIST-maintained framework from NICE, preciously known as the National Initiative for Cybersecurity Education. It gives organizations a common way to define cybersecurity work through Work Roles, Task, Knowledge and Skill statements and Competency Areas. Infosec uses this structure to help teams connect NICE training to the actual capabilities each role requires.
How does Infosec align training to NICE Work Roles?
Infosec maps training to NICE Work Roles and their associated Knowledge and Skill Statements, helping organizations assign development based on what each cybersecurity role is expected to know and do. This role-based approach helps teams move beyond general cybersecurity training and build more targeted readiness across the NICE Workforce Framework.
What are TKS statements in the NICE Cybersecurity Framework?
Task, Knowledge and Skill statements are the building blocks of the NICE Framework. Tasks describe the work someone performs, Knowledge Statements describe what they need to understand and Skill Statements describe what they need to be able to do. Mapping training to these statements helps organizations connect NICE cybersecurity training to measurable role requirements.
How often is the NIST NICE Framework updated?
NIST regularly reviews and updates NICE Framework components so the framework can stay current with changing cybersecurity work, technology and workforce needs. The current NICE Framework Components version is 2.2.0, released April 28, 2025. Organizations using the NICE Cybersecurity Workforce mapping should review updates regularly to keep role definitions, training plans and audit documentation aligned.
See your team’s readiness against the NICE Framework
Whether you’re defining role requirements, closing skills gaps or preparing for an audit, Infosec gives you training and verified evidence to back it up.