Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

11/8/2016
01:50 PM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

The 7 Types Of Security Jobs, According To NIST

NIST's Cybersecurity Workforce Framework gives the security industry a way to classify specific specialty areas and work roles and identify a path for career growth.
Previous
1 of 8
Next

Image Source:Pixabay

Image Source:Pixabay

Making sense of the complex. That’s what NIST’s National Initiative for Cybersecurity Education (NICE) aims to do in developing the draft NICE Cybersecurity Workforce Framework (NCWF).

Bill Newhouse, NICE deputy director and lead author of the draft document, said in developing the NCWF, NIST synthesized the diverse field of cybersecurity by identifying seven categories of job functions for security professionals.

Newhouse introduced the NCWF publicly for the first time last week at the 2016 NICE Conference and Expo in Kansas City. The goal of this year’s conference was for leaders in government, business, and academia to share best practices for growing the cyber workforce. 

Dark Reading's all-day virtual event Nov. 15 offers an in-depth look at myths surrounding data defense and how to put business on a more effective security path. 

 

“Nothing like the NCWF has ever existed before, primarily because security is a new field that has largely developed out of the intelligence and defense communities,” Newhouse said. “The NCWF can help an organization identify cybersecurity tasks within a work role that are vital to its mission and then examine if its current staff can perform those tasks and if not, hire staff who can.”

The NCWF also identifies the skills that security professionals need to develop and gives them a sense of what skills they need to add. In fact, terminology from the NCWF has been incorporated into two new online resources for the cybersecuruity field: the CyberSeek jobs map that graphically displays the nation’s cybersecurity job demand and availability; and the Career Pathway, which helps students and job seekers new to the field develop career plans.

“The NCWF gives the training groups like CompTIA and ISC2 a better idea of what they need to present to the workforce,” Newhouse said. “Plus a security professional can look at the list and realize that there are various skills they need to develop to get to the next level or a job they are interested in. The other big point is that all of this is presented in a common lexicon and format that everyone can agree on.”

The draft NCWF is now out for public comment until Jan. 6, 2017. Those who want to comment on the draft can download the template form.  

Read on to see NIST's seven categories of cybersecurity job functions.

 

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio
 

Recommended Reading:

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Lily652
100%
0%
Lily652,
User Rank: Moderator
11/12/2016 | 5:05:18 AM
prayer times

I have a hard time describing my thoughts on content. but I really felt I should here. Your article is really great. I like the way you wrote this information.

Benefiter
50%
50%
Benefiter,
User Rank: Apprentice
11/12/2016 | 10:10:34 AM
Re:
Thank you for this incredible information. It was very useful for me, I ll be looking forward your new posts. 
ClaireEllison
50%
50%
ClaireEllison,
User Rank: Apprentice
11/18/2016 | 11:29:28 AM
Re: amazing
Excellent article plus its information and I positively bookmark to this site because here I always get an amazing knowledge as I expect.
Benefiter
50%
50%
Benefiter,
User Rank: Apprentice
11/18/2016 | 1:19:50 PM
Re: ewangelia na dziś
It's actually a cool and useful piece of information. I am glad that you shared this helpful information with us. Please keep us informed like this. Thank you for sharing.
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-33624
PUBLISHED: 2021-06-23
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
CVE-2021-3526
PUBLISHED: 2021-06-23
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2011-1177
PUBLISHED: 2021-06-23
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2011-1942
PUBLISHED: 2021-06-23
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2011-1955
PUBLISHED: 2021-06-23
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.