# The Cyber Domain Map A comprehensive map of the cybersecurity field: **30 domains/departments**, organized by the six NIST Cybersecurity Framework 2.0 functions, each with its core functions and job roles. Generated datasets: `domains.json` (30), `roles.json` (78 unique jobs), `functions.json` (132 unique functions). ## GOVERN — strategy, policy, oversight - **Governance, Risk & Compliance (GRC)** — policy, risk assessment, compliance, control frameworks. *Roles: CISO, GRC Analyst, Risk Analyst, Compliance Manager, vCISO.* - **Audit & Assurance** — independent control testing and verification. *Roles: IT Auditor, Assurance Lead.* - **Cyber Law, Policy & Regulation** — regulatory analysis, breach notification, policy. *Roles: Cyber Policy Analyst, Cyber Counsel.* - **Cyber Insurance** — risk transfer, underwriting input, claims. *Roles: Cyber Underwriter, Cyber Risk Consultant.* - **Workforce Development & Cyber Range** — training, curriculum, CTF. *Roles: Cyber Range Engineer, Workforce Development Manager.* ## IDENTIFY — know your assets, risks, and adversaries - **Cyber Threat Intelligence (CTI)** — collection, analysis, adversary tracking. *Roles: Threat Intel Analyst, OSINT Analyst.* - **Offensive Security / Red Team** — pen testing, adversary emulation, exploit dev. *Roles: Penetration Tester, Red Teamer, Bug Bounty Hunter.* - **Vulnerability Management** — scanning, prioritization, attack surface management. *Roles: Vuln Management Analyst, ASM Analyst.* - **Third-Party / Supply Chain Risk** — vendor assessments, SBOM, ratings. *Roles: TPRM Analyst, Supply Chain Security Analyst.* ## PROTECT — safeguard systems and data - **Application Security (AppSec)** — secure SDLC, SAST/DAST, threat modeling. *Roles: AppSec Engineer, Product Security Engineer.* - **DevSecOps** — pipeline security, IaC scanning, container security. *Roles: DevSecOps Engineer.* - **Cloud Security** — CSPM, CNAPP, cloud IAM. *Roles: Cloud Security Engineer/Architect.* - **Network Security** — firewalls, IDS/IPS, segmentation, ZTNA. *Roles: Network Security Engineer.* - **Endpoint Security** — EDR/XDR, patching, hardening. *Roles: Endpoint Security Engineer.* - **Identity & Access Management (IAM)** — SSO/MFA, PAM, identity governance. *Roles: IAM Engineer/Architect.* - **Data Security & Privacy** — classification, DLP, encryption, DSPM, privacy. *Roles: Data Security Engineer, DPO.* - **Security Architecture & Engineering** — secure design, zero trust, tooling. *Roles: Security Architect, Security Engineer.* - **OT / ICS / IoT Security** — industrial and device security. *Roles: OT Security Engineer, ICS Specialist.* - **Cryptography & PKI** — key management, certificates, post-quantum. *Roles: Cryptographer, PKI Engineer.* - **Security Awareness & Training** — phishing simulation, education. *Roles: Security Awareness Manager.* - **AI Security** — adversarial ML, LLM guardrails, AI red teaming. *Roles: AI Security Engineer.* - **Physical & Insider Threat** — access control, insider programs, UEBA. *Roles: Insider Threat Analyst.* ## DETECT — find threats - **Security Operations (SOC)** — monitoring, triage, SIEM. *Roles: SOC Analyst (T1/2/3), SOC Manager.* - **Threat Hunting** — proactive, hypothesis-driven hunting. *Roles: Threat Hunter.* - **Detection Engineering** — detection-as-code, rule tuning, ATT&CK coverage. *Roles: Detection Engineer.* - **Fraud / Trust & Safety** — fraud detection, abuse prevention. *Roles: Fraud Analyst, Trust & Safety Analyst.* ## RESPOND — act on incidents - **Incident Response & Forensics (DFIR)** — handling, containment, forensics, malware analysis. *Roles: Incident Responder, Forensic Analyst, Malware Analyst.* - **Security Automation (SOAR)** — playbooks, orchestration, automated response. *Roles: Security Automation Engineer.* - **National / Military Cyber Operations** — CND, cyber ops, critical infrastructure. *Roles: Cyber Operations Officer, CND Analyst.* ## RECOVER — restore operations - **Business Continuity & Disaster Recovery (BC/DR)** — BIA, DR planning, backup/recovery, resilience. *Roles: BC/DR Manager, Resilience Engineer.* --- *Each domain, role, and function also has its own generated page under `cyber/map/`. This map doubles as the category taxonomy for the whole cyber site, so every term, tool, and company can be tagged to a domain.*