NIST NICE Framework

SECURELY PROVISION (SP)

Conceptualizes, designs, procures, and/or builds secure information technology (IT) systems, with responsibility for aspects of system and/or network development.

• Security Architect
• Information Systems Security Developer

OPERATE & MAINTAIN (OM)

Provides the support, administration, and maintenance necessary to ensure effective and efficient information technology (IT) system performance and security.

• Systems Security Analyst

OVERSEE & GOVERN (OV)

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

• Information Systems Security Manager
• Executive Cyber Leadership

PROTECT & DEFEND (PR)

Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks.

• Cyber Defense Analyst
• Cyber Defense Infrastructure Support Specialist
• Cyber Defense Incident Responder
• Vulnerability Assessment Analyst

ANALYZE (AN)

Performs highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

• Threat/Warning Analyst

COLLECT & OPERATE (OP)

Provides specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.

• Cyber Operator

INVESTIGATE (IN)

Investigates cybersecurity events or crimes related to information technology (IT) systems, networks, and digital evidence.

• Cyber Crime Investigator
• Cyber Defense Forensics Analyst