The NICE Framework

The NICE Framework

NICE Framework Overview
SANS Training and GIAC Certifications Mapping to the NICE Framework Work Roles

SANS training courses and GIAC Certifications go far beyond theory and teach technical, hands-on skills necessary to defend our nations networks and critical infrastructure against foreign and domestic threats. SANS training and GIAC Certifications focus on advanced knowledge, skills and applications needed to prove your team can meet Federal Contract requirements.

Theoretical knowledge is the ultimate security risk. Deep, technical, real-world knowledge and skills are the only reliable means to reduce security risk. A GIAC certification ensures that a depth of real-world knowledge and skill has been mastered.

SANS has partnered with the National Security Workforce to place over 30 cyber security courses within an easy to read framework (commonly known as the NICE Framework.) The interactive framework below will help you identify the SANS courses and certifications you need to advance your career as a Federal Employee.

The National Initiative for Cybersecurity Education (NICE) plays an important role in ensuring that cyber security professionals are educating on the most recent threats to information security.

The NICE Framework provides a blueprint to categorize, organize, and describe cyber security work into Specialty Areas, tasks, and knowledge, skills and abilities (KSAs). The Workforce Framework provides a common language to speak about cyber roles and jobs and helps define professional requirements in cyber security.

Many of the courses and certifications found on the NICE Framework are DoDD 8140 (DoDD 8470) compliant. The full list of DoDD 8140 GIAC certifications can be found here

Hover over the area of interest on the NICE Framework to get started.

Framework Categories & Specialty Areas
Securely Provision Information Assurance Compliance Software Assurance and Security Engineering Systems Development Systems Requirements Planning Systems Security Architecture Technology Research and Development Test and Evaluation
Operate and Maintain Customer Service and Technical Support Data Administration Knowledge Management Network Services System Administration Systems Security Analysis
Oversight and Development Education and Training Information Systems Security Operations Legal Advice and Advocacy Security Program Management Strategic Planning and Policy Development
Protect and Defend Computer Network Defense Analysis Computer Network Defense Infrastructure Support Incident Response Vulnerability Assessment and Management
Analyze All Source Intelligence Exploitation Analysis Targets Threat Analysis
Collect and Operate Collection Operations Cyber Operations Cyber Operations Planning
Investigate Digital Forensics Investigation

To find a full mapping of the NICE Framework visit: