Interactive NICE Framework Mapping

SANS and GIAC Certifications has partnered with the National Security Workforce to place over 35 cyber security courses and corresponding GIAC certifications within an easy to read framework (commonly known as the NICE Framework.) The interactive framework below will help you identify the SANS courses and certifications you need to advance your career as a Federal Employee.

Many of the courses and certifications found on the NICE Framework are DoDD 8140 (DoDD 8570) compliant. Visit the DoDD 8140 resource page for the full list of associated GIAC Certifications.

Hover over the area of interest on the NICE Framework to get started.

Securely Provision Browse the Category	Operate & Maintain Browse the Category	Oversee & Govern Browse the Category	Protect & Defend Browse the Category	Analyze Browse the Category	Collect & Operate Browse the Category	Investigate Browse the Category
Risk Management Authorizing Official/Designating RepresentativeAuthorizing Official/Designating RepresentativeAuthorizing Official/Designating Representative (SP-RSK-001) Security Control Assessor (SP-RSK-002)	Data Administration Database Administrator (OM-DTA-001) Data Analyst (OM-DTA-002)	Legal Advice and Advocacy Cyber Legal Advisor (OV-LGA-001) Privacy Officer/Privacy Compliance Manager (OV-LGA-002)	Cybersecurity Defense Analysis Cyber Defense Analyst (PR-CDA-001)	Threat Analysis Threat/Warning Analyst (AN-TWA-001)	Collection Operations All Source-Collection Manager (CO-CLO-001) All Source-Collection Requirements Manager (CO-CLO-002)	Cyber Investigation Cyber Crime Investigator (IN-INV-001)
Software Development Software Developer (SP-DEV-001) Secure Software Assessor (SP-DEV-002)	Knowledge Management Knowledge Manager (OM-KMG-001)	Training, Education, and Awareness Cyber Instructional Curriculum Developer (OV-TEA-001) Cyber Instructor (OV-TEA-002)	Cybersecurity Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist (PR-INF-001)	Exploitation Analysis Exploitation Analyst (AN-EXP-001)	Cyber Operational Planning Cyber Intel Planner (CO-OPL-001) Cyber Ops Planner (CO-OPL-002) Partner Integration Planner (CO-OPL-003)	Digital Forensics Law Enforcement / Counterintelligence Forensics Analyst (IN-FOR-001) Cyber Defense Forensics Analyst (IN-FOR-002)
Systems Architecture Enterprise Architect (SP-ARC-001) Security Architect (SP-ARC-002)	Customer Service and Technical Support Technical Support Specialist (OM-STS-001)	Cybersecurity Management Information Systems Security Manager (OV-MGT-001) Communications Security (COMSEC) Manager (OV-MGT-002)	Incident Response Cyber Defense Incident Responder (PR-CIR-001)	All-Source Analysis All Source Analyst (AN-ASA-001) Mission Assessment Specialist (AN-ASA-002)	Cyber Operations Cyber Operator (CO-OPS-001)
Technology R&D Research & Development Specialist (SP-TRD-001)	Network Services Network Operations Specialist (OM-NET-001)	Strategic Planning and Policy Cyber Workforce Developer and Manager (OV-SPP-001) Cyber Policy and Strategy Planner (OV-SPP-002)	Vulnerability Assessment and Management Vulnerability Assessment Analyst (PR-VAM-001)	Targets Target Developer (AN-TGT-001) Target Network Analyst (AN-TGT-002)
Systems Requirements Planning Systems Requirements Planner (SP-SRP-001)	Systems Administration System Administrator (OM-ADM-001)	Executive Cyber Leadership Executive Cyber Leadership (OV-EXL-001)		Language Analysis Multi-Disciplined Language Analyst (AN-LNG-001)
Test and Evaluation System Testing and Evaluation Specialist (SP-TST-001)	Systems Analysis Systems Security Analyst (OM-ANA-001)	Program/Project Management and Acquisition Program Manager (OV-PMA-001) IT Project Manager (OV-PMA-002) Product Support Manager (OV-PMA-003) IT Investment/Portfolio Manager (OV-PMA-004) IT Program Auditor (OV-PMA-005)
Systems Development Information Systems Security Developer (SP-SYS-001) Systems Developer (SP-SYS-002)

• Securely Provision
  • Risk Management
  • Authorizing Official/Designating RepresentativeAuthorizing Official/Designating RepresentativeAuthorizing Official/Designating Representative (SP-RSK-001)
  • Security Control Assessor (SP-RSK-002)
  • Software Development
  • Software Developer (SP-DEV-001)
  • Secure Software Assessor (SP-DEV-002)
  • Systems Architecture
  • Enterprise Architect (SP-ARC-001)
  • Security Architect (SP-ARC-002)
  • Technology R&D
  • Research & Development Specialist (SP-TRD-001)
  • Systems Requirements Planning
  • Systems Requirements Planner (SP-SRP-001)
  • Test and Evaluation
  • System Testing and Evaluation Specialist (SP-TST-001)
  • Systems Development
  • Information Systems Security Developer (SP-SYS-001)
  • Systems Developer (SP-SYS-002)
• Operate & Maintain
  • Data Administration
  • Database Administrator (OM-DTA-001)
  • Data Analyst (OM-DTA-002)
  • Knowledge Management
  • Knowledge Manager (OM-KMG-001)
  • Customer Service and Technical Support
  • Technical Support Specialist (OM-STS-001)
  • Network Services
  • Network Operations Specialist (OM-NET-001)
  • Systems Administration
  • System Administrator (OM-ADM-001)
  • Systems Analysis
  • Systems Security Analyst (OM-ANA-001)
• Oversee & Govern
  • Legal Advice and Advocacy
  • Cyber Legal Advisor (OV-LGA-001)
  • Privacy Officer/Privacy Compliance Manager (OV-LGA-002)
  • Training, Education, and Awareness
  • Cyber Instructional Curriculum Developer (OV-TEA-001)
  • Cyber Instructor (OV-TEA-002)
  • Cybersecurity Management
  • Information Systems Security Manager (OV-MGT-001)
  • Communications Security (COMSEC) Manager (OV-MGT-002)
  • Strategic Planning and Policy
  • Cyber Workforce Developer and Manager (OV-SPP-001)
  • Cyber Policy and Strategy Planner (OV-SPP-002)
  • Executive Cyber Leadership
  • Executive Cyber Leadership (OV-EXL-001)
  • Program/Project Management and Acquisition
  • Program Manager (OV-PMA-001)
  • IT Project Manager (OV-PMA-002)
  • Product Support Manager (OV-PMA-003)
  • IT Investment/Portfolio Manager (OV-PMA-004)
  • IT Program Auditor (OV-PMA-005)
• Protect & Defend
  • Cybersecurity Defense Analysis
  • Cyber Defense Analyst (PR-CDA-001)
  • Cybersecurity Defense Infrastructure Support
  • Cyber Defense Infrastructure Support Specialist (PR-INF-001)
  • Incident Response
  • Cyber Defense Incident Responder (PR-CIR-001)
  • Vulnerability Assessment and Management
  • Vulnerability Assessment Analyst (PR-VAM-001)
• Analyze
  • Threat Analysis
  • Threat/Warning Analyst (AN-TWA-001)
  • Exploitation Analysis
  • Exploitation Analyst (AN-EXP-001)
  • All-Source Analysis
  • All Source Analyst (AN-ASA-001)
  • Mission Assessment Specialist (AN-ASA-002)
  • Targets
  • Target Developer (AN-TGT-001)
  • Target Network Analyst (AN-TGT-002)
  • Language Analysis
  • Multi-Disciplined Language Analyst (AN-LNG-001)
• Collect & Operate
  • Collection Operations
  • All Source-Collection Manager (CO-CLO-001)
  • All Source-Collection Requirements Manager (CO-CLO-002)
  • Cyber Operational Planning
  • Cyber Intel Planner (CO-OPL-001)
  • Cyber Ops Planner (CO-OPL-002)
  • Partner Integration Planner (CO-OPL-003)
  • Cyber Operations
  • Cyber Operator (CO-OPS-001)
• Investigate
  • Cyber Investigation
  • Cyber Crime Investigator (IN-INV-001)
  • Digital Forensics
  • Law Enforcement / Counterintelligence Forensics Analyst (IN-FOR-001)
  • Cyber Defense Forensics Analyst (IN-FOR-002)

Ensuring a Trained and Certified Cyber Security Workforce

SANS training and GIAC Certifications go far beyond theory and teach technical, hands-on skills necessary to defend our nations networks and critical infrastructure against foreign and domestic threats. Aiming for a trained and certified workforce, SANS/ GIAC focuses on advanced knowledge; skills and applications needed to prove your team can meet Federal Contract requirements. The NICE Framework provides a blueprint to categorize, organize, and describe cyber security work into Specialty Areas, Categories and new Work Roles. Recognizing the need of a trained and certified workforce, it goes further by defining critical tasks, knowledge, skills and abilities (KSAs). The Workforce Framework provides a common language to speak about and help define professional work requirements in cyber security.

Using the NICE Framework

SANS and GIAC Certifications are mapped to the NICE Cyber Security Workrole Framework. For ease of use we have formatted both the downloadable .pdf and the Interactive Map utilizing the work role as the basis.

Everything you need to know about that job role, specialty area, and mapped SANS training course and the affiliated GIAC Certifications are located on one page or section; including the SANS Course, GIAC Certification, and proficiency levels. To maintain organizational integrity, SANS / GIAC took the high road approach and only mapped courses and certifications where they made sense.

Basic Information About Proficiency Levels

• Basic - Training maps to many knowledge statements, simpler skills, and tasks that are pre-requisites to an employee being effective in this job role.
• Intermediate - Training maps to many mid-level knowledge, skills, abilities and tasks. Employee can be reasonably effective in this job role after receiving training.
• Advanced - Maps to higher level knowledge, skills, abilities, and tasks. Employee should be very effective in this functional area after receiving training. However, some lower level, pre-requisite KSAs may not be covered by these courses.
• Expert - Maps to few very specific KSAs or tasks in a highly focused area. This training assumes someone is already well trained and effective in this job role overall. It focuses on expertise in a very specific, narrow area.