With the Department of Homeland Security poised to hire up to 1,000 cyber security engineers, developers and analysts over the next three years, many believe the demand for computer/cyber security professionals might outweigh the supply. Indeed, DHS Secretary Janet Napolitano authorized her department to streamline its hiring process, which usually takes months.
That's the good news. The challenge: Cyber security is a relatively new and evolving field that, for many technology professionals, requires knowledge of multiple disciplines and relatively new credentials.
"We already had the plan to grow our cyber workforce, but what the secretary did is give the authority to DHS to make direct hires like most private sector companies," says Amy Kudwa, DHS spokesperson. "The direct hire authority from the Office of Personal Management will significantly streamline the process, reducing the timeline to a matter of days or weeks."
At the DHS is seeking to fill a wide swath of cyber-related jobs, including program analysts, information security specialists, IT specialists and systems engineers. The agency is vague when it comes to technical skills needed for these positions, though it outlines the basic requirements to work around sensitive government information: U.S. citizenship, security clearance and a financial disclosure statement.
According to Kevin Coleman, strategic advisor for the Technolytics Institute, a successful cyber security professional must have expertise in one or multiple programming systems such as Microsoft, Solaris, Linux and Unix. Of particular need are architect and operations management specialists who understand complex and interconnected networks.
"They have to understand the complexities of different systems working together and not just one network," Coleman says. "They need to understand how one change or modification could impact all others."
The International Information Systems Security Certification Consortium, or (ISC)² offers the Certified Information Systems Security Professional (CISSP) credential required for some cyber security positions.
ISC² sees many electrical engineers moving into the cyber security field, though it says a computer science background is also valuable. According to the ISC², there are three primary fields in cyber security jobs: cyber security technicians with credentials/experience in forensics and ethical hacking; penetration testers who know how to perform ethical hacking and network breaches; and cyber security managers.
"If you look at what's needed to protect the IT world, we need people with deep technical experience in forensics, incident handling and secure coding," says W. Hord Tipton, executive director of ISC². "At the other end of the spectrum we have the management piece, the people who have a certain amount of security knowledge and know how to ask the right questions, but don't have the technology depth to do it."
With the current economic climate, salaries are dropping and the 'laundry lists' of requirements for job openings are growing longer. Gone are the days when a clearance and 'just' a CISSP certification were enough.
And, what Anonymous32581 in VA said, most agencies still manage their own clearances, thus creating another impediment.
Anonymous (Colorado) on January 19, 2010 at 5:52pm
I would love to have one of those jobs or I would love to be one of those investigators that goes out and interview whether it be a Soldier or federal employee who are renewing their security clearance. While I was in the military I use to have so many investigators that came to my office to view soldier's records for background check. By chance will there be any opportunities in the metro Atlanta, Georgia area.
Carol J. Conley (College Park Georgia) on January 13, 2010 at 3:58pm
Anon,
I totally feel ya here. I don't want to trust them with anything. I am waiting for the DOD's new Cyber Command to stand up. I wouldn't want that commute anyway. Considering the competency levels at DHS anyway, I think I'd hate everyone asking me to read and define all of the big words to them.
A Different Scott (Maryland) on December 31, 2009 at 1:12pm
I've seen this problem in several of the government agencies hiring processes. They only want people who've already been doing the exact job description, good luck filling those. Instead they should hire savy people with similar or foundational experience and then send them to the training they need.
Scott (Denver) on December 29, 2009 at 5:50pm
The problem is:
1) DHS insists on doing its' own security clearances, aka "DHS Suitability", even for candidates with DOD and Intelligence Community clearances. This process takes significant time.
2) My experience with DHS, is they are not willing to pay market rates for cleared security professionals, and thus will get less qualified individuals. . .
Anonymous32581 (Winchester Virginia) on December 29, 2009 at 2:04pm
