NICE is the National Initiative for Cybersecurity Education. We are headquartered in Gaithersburg, MD and our work focuses on efforts to close the hiring gap in the cybersecurity workforce. We are led by the National Institution of Standards and Technology (NIST) in the U.S. Department of Commerce, and are a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development. Visit our about page for more information.
There are many ways to get involved. You can attend our events – the NICE Conference & Expo is held annually, typically in early November, and the NICE K12 Cybersecurity Education Conference is held annually in early December. The NICE Program Office also hosts free webinars as well as monthly working group meetings. You can also help us celebrate National Cybersecurity Career Awareness Week each year in the second week of November.
Our NICE Working Group and subgroups are the most active way to join the NICE Community. All groups meet virtually by teleconference and web meeting. We would welcome your participation. Visit the NICE Working Group website for more information.
Please email us at: nice [at] nist.gov
The NICE Cybersecurity Workforce Framework, NIST Special Publication 800-181, is a national-focused resource that categorizes and describes cybersecurity work. Visit the NICE Framework website for more information about the NICE Cybersecurity Workforce Framework including a copy of the publication and tools and resources for implementing and using it.
The NICE Framework is a living document that will be updated periodically based on change requests to the NICE Program Office. NICE will consider recommendations (change requests) for expansion, update/correction, withdrawal, or integration of NICE Framework components using the process described on the NICE Framework Revisions web page.
The Cybersecurity Framework or Framework for Improving Critical Infrastructure Cybersecurity (currently version 1.1) is a voluntary framework consisting of standards, guidelines, and best practices to manage cybersecurity-related risk [the how and what of cybersecurity]. The NICE Cybersecurity Workforce Framework (see question above) describes and categorizes roles and functions [the who of cybersecurity]. Read more about connections between these two frameworks in an article featured in the NICE enewsletter.
CyberSeek is a cybersecurity career “heat map,” providing detailed, actionable data about supply and demand in the cybersecurity job market. CyberSeek also features a career pathway tool that maps opportunities for advancement in the cybersecurity field. The information in the map and pathway align with the NICE Cybersecurity Workforce Framework. CyberSeek was developed by CompTIA in partnership with Burning Glass Technologies under a grant from NICE.
Please reference the National Cybersecurity Career Awareness Week for more information.
Please see this list, which is compiled from current course listings in the Department of Homeland Security NICSS Education and Training Catalog. The course catalog provides a list of courses that are aligned to the specialty areas of the NICE Cybersecurity Workforce Framework. Our NICE Working Group Training and Certifications Subgroup is also working on a mapping of certifications to the NICE Framework.
Cybersecurity education can be acquired in a variety of ways. Check your local community college or university to see if they have cybersecurity courses or programs. The CyberSeek pathway tool presents a sample of cybersecurity jobs with information about certifications, skills, and degree levels commonly required for the job. Hands-on experience is increasingly important.
The Center of Academic Excellence (CAE) Community can be a great place to start if you’re looking for formal education programs at two-, and four-year institutions. There are also many online training programs or Massive Open Online Courses (MOOCs), bootcamps or other “crash course” training programs provided by certification providers, and apprenticeship programs.
Here are a few scholarships specific to studying cybersecurity, some may be restricted to specific demographics so please review the information on each. Set up a search engine alert on scholarships to remain aware of new programs or pending deadlines for applying:
Participating in cybersecurity related competitions, job shadowing a cybersecurity professional, volunteering in your community, and doing cybersecurity research or being self-taught all relate to job experience. Internships both in cybersecurity-specific roles and in “feeder roles” such as network management and IT help desk can help you gain important experience and skills. Apprenticeships are increasingly available in both cybersecurity areas and in these “feeder roles”.
A good way to connect with possible job employers is to visit your local or community technology organizations such as ICMCP, InfraGard, ISACA, ISSA, TECNA, and DefCon, The National Cybersecurity Student Association, OWASP, etc. Use social media such as LinkedIn to identify practitioners in your community and request a connection or suggest an “informational interview” to learn more about their role and career. You can also visit employer’s websites and look at their career section to spot open positions.
First, examine your resume to be sure it properly highlights your skills and experience, not just your classes and degree. Next, get feedback on your resume and interviewing skills to eliminate either of those activities as holding you back. Great places for feedback are from professionals in the field; people you may know from industry groups or even professionals online who are willing to help mentor job seekers. It doesn’t hurt to ask for help. Check social media for groups where discussions like this are plentiful.
Many professionals report that it was only when they added a few industry-recognized certifications to their resume, in addition to their degree and some demonstrated real-world experience, that the offers came in. Set up an in-home lab so you can practice what you learn in the classroom; volunteer your time with community organizations who would benefit from your knowledge; stay current on the latest threats by signing up for alerts and newsletters.
Remember to translate your important military and cybersecurity training and experience to “civilian- speak”. Use the O*Net tools to find equivalent terminology for your resume. Military.com has MOS (Military Occupation Specialty) mapping. The My Next Move website can help identify how a military person might describe their work and provides examples. The FedVTE provides free online cybersecurity training for US Government personnel and veterans. Career sites like LinkedIn may have specialty areas for veterans. Many employers and training programs have developed veteran-focused hiring programs; here is a sampling:
Not all cybersecurity jobs require a clearance, but many do. Most roles in the private sector do not require security clearances but those with sensitive government-related work might. Employers sponsor clearances and for a candidate with the right background and experience, their lack of a clearance will not be an issue; it just may require time to get the desired approvals.
For more information, please watch this NICE Webinar: Shedding Light on Security Clearances - Process, Requirements, and Considerations.
Still have questions? Email us at nice [at] nist.gov