Click here to skip navigation

Workforce Planning

Plan the cybersecurity workforce that will accomplish the mission

Whether you have done it formally or informally, as a supervisor or manager, you may have considered the current skills you have on board and if they are the right ones to handle your evolving work and future challenges.  You also may have wondered about the specialized areas that typically exist in a cybersecurity workforce.

We have compiled several tools to help you achieve the cybersecurity workforce that will support accomplishment of your mission. 

Workforce planning tools

Workforce planning tools will help you determine what skills you have in your workforce, what skills you need, and how you can build the workforce needed to accomplish your organization’s work.

For more information, please see the following tools:

NICE Workforce Framework

The National Initiative for Cybersecurity Education (NICE) Workforce Framework establishes taxonomy and common lexicon that is to be used to describe all cybersecurity work and workers irrespective of where or for whom the work is performed. The NICE Framework is intended to be applied in the public, private, and academic sectors.

The NICE Framework is comprised of the following components:

  • Categories (7) – A high-level grouping of common cybersecurity functions;
  • Specialty Areas (33) – Distinct areas of cybersecurity work;
  • Work Roles (52) – The most detailed groupings cybersecurity work comprised of specific knowledge, skills, and abilities required to perform tasks in a work role;
    • Knowledge, Skills, and Abilities (KSAs) – Attributes required to perform Tasks, generally demonstrated through relevant experience or performance-based education and training.
    • Tasks – Specific defined pieces of work that, combined with other identified Tasks, composes the work in a specific specialty area or work role.

The NICE Framework serves several key audiences within the cybersecurity community including:

  • Employers, to help assess their cybersecurity workforce, identify critical gaps in cybersecurity staffing, and improve position descriptions;
  • Current and future cybersecurity workers, to help explore Tasks and Work Roles and assist with understanding the KSAs that are being valued by employers for in-demand cybersecurity jobs and positions. The NICE Framework also enables staffing specialists and guidance counselors to use the NICE Framework as a resource to support these employees or job seekers;
  • Training and certification providers seeking to help current and future members of the cybersecurity workforce gain and demonstrate the KSAs;
  • Education providers who use the NICE Framework as a reference to develop curriculum, courses, seminars, and research that cover the KSAs and Tasks described; and
  • Technology providers who can identify cybersecurity Work Roles and specific Tasks and KSAs associated with the services and hardware/software products they supply.

For more information, please see:

The DHS PushButtonPD™ Tool

The DHS PushButtonPD™ Tool is a no-cost tool that can save you time and make your job easier. The Tool is linked to cybersecurity job information contained in the NICE Workforce Framework.

Managers, Supervisors, and HR Specialists can use the DHS PushButtonPD™ Tool, along with OPM’s classification guidance, to draft a federal employee Position Description (PD) without the need for extensive training or prior knowledge of position classification. The PD captures the essence of a position’s cybersecurity duties; tasks; knowledge, skills, and abilities (KSAs); key factors; and other job-related requirements.

The PD developed from the Tool can then be used to create cybersecurity job announcements with clear technical job requirements, and tailored applicant assessments to evaluate candidate qualifications for cybersecurity job functions.