Interactive NICE Framework Mapping

SANS and GIAC Certifications has partnered with the National Security Workforce to place over 35 cyber security courses and corresponding GIAC certifications within an easy to read framework (commonly known as the NICE Framework.) The interactive framework below will help you identify the SANS courses and certifications you need to advance your career as a Federal Employee.

Many of the courses and certifications found on the NICE Framework are DoDD 8140 (DoDD 8570) compliant. Visit the DoDD 8140 resource page for the full list of associated GIAC Certifications.

Hover over the area of interest on the NICE Framework to get started.
Specialty Areas
Workforce Categories
Securely Provision
Operate & Maintain
Oversee & Govern
Protect & Defend
Collect & Operate
Risk Management
Data Administration
Legal Advice and Advocacy
Cybersecurity Defense Analysis
Threat Analysis
Collection Operations
Cyber Investigation
Software Development
Knowledge Management
Training, Education, and Awareness
Cybersecurity Defense Infrastructure Support
Exploitation Analysis
Cyber Operational Planning
Digital Forensics
Systems Architecture
Customer Service and Technical Support
Cybersecurity Management
Incident Response
All-Source Analysis
Cyber Operations
Technology R&D
Network Services
Strategic Planning and Policy
Vulnerability Assessment and Management
Systems Requirements Planning
Systems Administration
Executive Cyber Leadership
Language Analysis
Test and Evaluation
Systems Analysis
Program/Project Management and Acquisition
Systems Development

Ensuring a Trained and Certified Cyber Security Workforce

SANS training and GIAC Certifications go far beyond theory and teach technical, hands-on skills necessary to defend our nations networks and critical infrastructure against foreign and domestic threats. Aiming for a trained and certified workforce, SANS/ GIAC focuses on advanced knowledge; skills and applications needed to prove your team can meet Federal Contract requirements. The NICE Framework provides a blueprint to categorize, organize, and describe cyber security work into Specialty Areas, Categories and new Work Roles. Recognizing the need of a trained and certified workforce, it goes further by defining critical tasks, knowledge, skills and abilities (KSAs). The Workforce Framework provides a common language to speak about and help define professional work requirements in cyber security.

Using the NICE Framework

SANS and GIAC Certifications are mapped to the NICE Cyber Security Workrole Framework. For ease of use we have formatted both the downloadable .pdf and the Interactive Map utilizing the work role as the basis.

Everything you need to know about that job role, specialty area, and mapped SANS training course and the affiliated GIAC Certifications are located on one page or section; including the SANS Course, GIAC Certification, and proficiency levels. To maintain organizational integrity, SANS / GIAC took the high road approach and only mapped courses and certifications where they made sense.

Basic Information About Proficiency Levels

  • Basic - Training maps to many knowledge statements, simpler skills, and tasks that are pre-requisites to an employee being effective in this job role.
  • Intermediate - Training maps to many mid-level knowledge, skills, abilities and tasks. Employee can be reasonably effective in this job role after receiving training.
  • Advanced - Maps to higher level knowledge, skills, abilities, and tasks. Employee should be very effective in this functional area after receiving training. However, some lower level, pre-requisite KSAs may not be covered by these courses.
  • Expert - Maps to few very specific KSAs or tasks in a highly focused area. This training assumes someone is already well trained and effective in this job role overall. It focuses on expertise in a very specific, narrow area.