Gwengoat/istockphoto

DHS Launches Portal to Recruit—and Retain—Cybersecurity Talent

The moment of truth is here for a new hiring system that promises to address gaping cybersecurity shortages by redefining "merit."

Current Department of Homeland Security employees are not obligated to join the department’s new Cyber Talent Management System, but they may want to consider it, according to senior DHS officials.

“The DHS Cybersecurity Talent Management System fundamentally re-imagines how the Department hires, develops, and retains top-tier and diverse cybersecurity talent,” Secretary of Homeland Security Alejandro Mayorkas said in a release Monday. “As our nation continues to face an evolving threat landscape, we cannot rely only on traditional hiring tools to fill mission-critical vacancies.  This new system will enable our Department to better compete for cybersecurity professionals and remain agile enough to meet the demands of our critical cybersecurity mission.” 

The department’s CTMS has been eight years in the making. Today a rule establishing the new system takes effect, and there’s a new website where those interested in exploring a different government model of assessment and compensation for their cybersecurity work can apply to be considered.  

“Through moving to CTMS, for our current employees that are interested, they will have significantly more flexibility and opportunities for growth in their career,” one senior DHS official told reporters Friday. “They'll be able to explore and pursue with their managers without needing to apply for an entirely new job like they would today and we think that's going to be a very compelling rationale to our employees.”

The officials said a recent sprint Mayorkas announced to address the department’s cybersecurity workforce needs was successful and that the CTMS will keep building on those gains.

“He set an aggressive goal to hire 200 cyber personnel in 60 days,” the officials said. “We exceeded that goal by nearly 50%, hiring nearly 300 new personnel with an additional 500 tentative job offers issued.” But there are still about 1,500 cybersecurity vacancies at DHS and retaining cyber talent—in addition to getting more in the door—is an important part of the equation for maintaining an effective workforce.  

DHS’ authority to get around rules based on a merit system that rewards longevity and requires individuals to compete for their positions has gotten a cool reception from some who fear nepotism and similar abuses of the system will take over. A major federal workers’ union is among those expressing concern about a lack of appropriate oversight

But officials are optimistic that new simulations they’ve built with psychologists to test for relevant competencies will ultimately provide a better quality, as well as quantity and range, of cybersecurity workers.

“This is to get at folks' actual skills, versus how well they can put together a resume,” another senior DHS official said briefing reporters.  

The department is focusing first on filling jobs at the Cybersecurity and Infrastructure Security Agency and the chief information officer’s office but will eventually add additional DHS components. The goal now is to onboard 150 cybersecurity service employees into priority roles over 2022.  

“We expect the DHS cybersecurity service to continue to grow at an aggressive pace as we enhance our bench strength in a range of technical specializations including those that are just emerging as relevant today,” the officials said.

Some of those technical areas mentioned were digital and network forensics, vulnerability assessment and threat analysis. 

“Rather than doing these just generic assessments that I think you will find in most current federal jobs, we decided to hone in and dig into specifics,” the officials said. “We were able to build these state of the art assessments. They're really designed, because they are competency based, they're designed to be fair to all applicants and really get in and isolate those best qualified for our work. We expect them to improve the skill level of our hires and we also believe it will help us to improve the diversity of our cyber workforce.”

Another big incentive to join the CTMS system is that it allows compensation to reach up to $255,800, which is what the vice president gets paid. 

Officials on the call Friday said it’s important to recognize the need to compete with private-sector employers and that the rates described under the system are based on annual labor market surveys.