Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Workplace Skills and the NICE Framework

The NICE Workforce Framework for Cybersecurity (NIST SP 800-181r1) is based on Task, Knowledge, and Skill (TKS) statements that describe cybersecurity work and what people must know and be able to do to complete that work. Although NICE Framework TKS statements may at times address what could be considered as “workplace skills,” overall these are not specifically or routinely called out. Nonetheless, workplace skills are essential for cybersecurity work.

Workplace Skills: The personal skills that ensure you do your job well, such as being adept at teamwork, time management, or solving problems. Occasionally, some refer to these as “human skills,” “employability skills,” or “soft skills.”

“What Are Job Skills and Why Do They Matter?”
Coursera (November 29, 2023)

To better understand these skills within the context of the NICE Framework, we conducted a review of ten skills resources. We determined which workplace skills were most commonly referenced to identify a core set of workplace skills and, looking at the various definitions shared via these resources and in further research, developed summaries that discuss why and how these skills might be applied in relation to cybersecurity work. At the end of this page we list the workplace skills resources that were used in our review. 

  • Accountability
  • Agility
  • Collaboration
  • Communication
  • Conflict management
  • Critical Thinking
  • Flexibility
  • Influence
  • Initiative
  • Integrity
  • Lifelong Learning
  • Mindfulness
  • Problem Solving
  • Relationship Building
  • Resilience
  • Strategic Thinking

Accountability: Employers want staff who take ownership for responsibilities and hold themselves accountable for measurable high-quality, timely, equitable, and cost-effective results that meet or exceed defined expectations. This includes taking corrective action when needed and accepting the consequences of your actions or decisions.

Agility: People in cybersecurity may need to quickly respond to immediate threats and incidents. Someone who is agile is able to address unexpected and unpredictable situations as well as puts systems in place to allow them to efficiently deal with unplanned challenges. Agility often goes hand in hand with flexibility and is closely related to resiliency.

Collaboration: Effective cybersecurity requires collaboration. Whether it's as a member of a team, across teams, or across the organization, it is important to take responsibility for your share of work while working with different individuals and groups to achieve a common goal. 

Communication: Communication in cybersecurity takes many forms, from working closely with team members to developing policy, writing reports and developing presentations, and otherwise engaging with peers, leadership, and other internal and external stakeholders. In the workplace, effective communication means you are able to clearly convey your thoughts and ideas to achieve outcomes. A good communicator is also a good listener to determine how messages are being received and to garner input needed to improve communications. 

Conflict Management: Cybersecurity work is essential to minimizing risk, addressing threats, and responding to incidents—and the consequences of not doing so can be significant. Understanding how to manage conflict, particularly under stressful circumstances, is essential. Possessing this skill means you are able to engage in healthy conflict, recognize when conflict is counterproductive, and know when and how to resolve conflicts in a constructive manner. 

Critical Thinking: Employers want to be able to rely on cybersecurity staff to make sound decisions at work, informed by organized and reasoned thought processes. This is particularly true when analyzing systems and data during assessments in order to make recommendations and determine approaches. This workforce skill goes hand-in-hand with creativity in order to support effective problem solving.

Flexibility: Cybersecurity is a field of work that is constantly evolving and changing—from new technologies to new threats, it is important for people with cybersecurity responsibilities to be willing to be innovative and adapt to new, different, or changing requirements. This skill is closely related to agility and resiliency.

Influence: Cybersecurity is an interdisciplinary field, and staff who have cybersecurity work roles and responsibilities can be found across an organization, just as cybersecurity decisions can impact the entire organization. It is therefore important for cybersecurity staff and leaders to be able to influence policy, strategy, purchasing decisions, technology solutions, and processes to support positive change in an organization through engagements with wide variety of stakeholders.

Initiative: Demonstrating a commitment to effective job performance is key in cybersecurity, where the consequences of not doing so can be substantial. Initiative is a key skill to help demonstrate that commitment. It asserts itself when someone is able to assess and determine a course of action independently. Someone with this skill is proactive in their work, resourceful, and creative in overcoming difficulties. 

Integrity: Integrity on the job includes demonstrating a strong work ethic as well as dependability that you can be relied upon to deliver quality work. People who possess this skill behave in a way that fosters trust among supervisors, peers, and direct reports. Because staff, customers, and other stakeholders rely on an organization to keep their data and systems secure, this workforce skill is of the utmost importance.

Lifelong Learning: Cybersecurity is a constantly evolving field that requires a workforce comprised of lifelong learners who show ongoing desire and willingness to grow their knowledge and skills to maintain and improve their effectiveness.

Mindfulness: Working with others and building a good work environment requires compassion, empathy, patience, cultural sensitivity, and emotional regulation. Mindfulness further means staying fully present and attentive, practicing active listening and reserving judgment. 

Problem Solving: It may be that someone in cybersecurity needs to quickly respond to problems and potentially under adverse circumstances, or need to address complex, multi-part problems. Problem solving is a skill that may frequently require other workplace skills to be effective, such as flexibility, agility, collaboration, communication, and lifelong learning.

Relationship Building: Cybersecurity work spans a variety of professional disciplines, departments, teams, and organizations. The ability to build good relationships both internally and externally is needed to effectively prepare for and respond to cyber threats up, down, and across an organization. 

Resilience: Someone who is resilient is able to recover from disruptions and setbacks, remaining optimistic and persistent under adverse conditions. Cybersecurity jobs are frequently high-stress positions that are relied upon to protect the security and safety of IT and OT systems and their data. Resilience is key to working well in these kinds of circumstances. Resilience is closely related to agility and flexibility.

Strategic Thinking: Cybersecurity requires forethought and coordination, hallmarks of strategic thinking. Strategic thinkers are able to identify objectives and priorities and establish plans to achieving these goals with the long-term interests of the organization in mind. Particularly in this field of work, a strategic thinker will also take into consideration emergent opportunities while working to minimize potential risks.

Workplace skills can be used in conjunction with the NICE Framework in defining position descriptions, during assessments, in education and training, for career planning, and more. To learn more about common uses of the NICE Framework visit our Getting Started page.

Referenced Workplace Skills Resources

The below workplace skills resources were reviewed and used to develop the above list and may provide additional insight into these skills. 

Durable Skills Advantage, “Durable Skills Advantage Framework” (2023). Available from: 

Education Design Lab, “The Lab’s Durable Skills Micro-credentials” (Retrieved May 2024). Available from: 

EDUCAUSE/Jisc, “Technology in Higher Education: Defining the Strategic Leader – Skills Glossary” (March 15, 2015). Available from: 

Indeed Editorial Team, “Employability Skills: 10 Examples of Skills Companies Value” (August 25, 2023). Available from:

NICE, “Professional Competencies from the draft List of Competencies which accompanied the draft publication, NICE Framework Competencies: Assessing Learners for Cybersecurity Work (Draft NISTIR 8355)” (March 17, 2021). Available from: 

O*NET Online, “Browse by Abilities: Cognitive Abilities” (Retrieved July 2023). Available from:

Perkins Collaborative Resource Network (PCRN,) “Employability Skills” (Retrieved July 2023). Available from:

SFIA Foundation, “Glossary of Behavioural Factors Within the 7 Levels of Responsibility” (September 24, 2021). Available from:

U.S. Department of Labor Competency Model Clearinghouse, “The ‘Building Blocks’ for Competency Models” (Retrieved July 2023). Available from: 

U.S. Office of Personnel Management, “The AI in Government Act of 2020 – Artificial Intelligence Competencies” (July 6, 2023). Available from–-artificial-intelligence-competencies

Created May 16, 2024