1 minute read
Getting Ready to Hire
• What NICE Framework cybersecurity Work Roles will the position be responsible for?
• Will this position be responsible for all the Tasks under a Work Role? Are there some missing? Are any shared across a team? Do any need to be adjusted to meet organizational needs?
• Which of the identified tasks will be needed on day one, and which can be learned on the job?
• What academic degrees, industry-recognized certifications, work experience, or other credentials (if any) are required or preferred to evidence sufficient qualifications for the position?
• How will you assess capabilities during the interview process?
• Will you offer support to candidates who meet minimum qualifications but may need additional development?
• Draft the job description using Work Roles and TKS statements, and referencing tools that map Work Roles to common job titles
Discussion: Example Job Description
• IT Cybersecurity Specialist Typical work assignments include:
• Ensures that the implemented security safeguards are adequate to assure the integrity, availability and confidentiality of the information being processed, transmitted or stored consistent with the level of sensitivity of that information.
• Plans the work to be accomplished by subordinate civilian and contractor; sets and adjust short-term priorities, and prepare schedules for completion of work; assigns work to subordinates based on priorities, selective consideration of the difficulty, requirements of assignments, and the capabilities of employees
• Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams.
• Analyzes policy and recommends improvements.
• Serves as an expert consultant evaluation for functional teams, to assist them in anticipating, identifying, evaluating, mitigating and minimizing risks associated with IT systems vulnerabilities.
Workforce Framework Competency Areas
Competency Area: A cluster of related Knowledge and Skill statements that correlates with one’s capability to perform Tasks in a particular domain.
Competency Areas may:
• Be additive to one or more Work Roles
• Span multiple Work Roles
• Represent emerging domains
Consist of: Title
Description
TKS statements
Using Competency Areas: Examples
• Overlaid on Work Role(s):A position responsible for one or more Work Roles may need the Competency with or across those roles (e.g., Cloud Security)
• Common Ground:When needed to be effective in a specific sector or domain, or for non-cybersecurity staff who need cybersecurity expertise to mitigate risks (e.g.,AI cybersecurity)
• Learning: For students, job-seekers, or employees, serve as a starting place for learning or a way to develop higher-level expertise in an area (e.g., Digital Forensics)
