DHS to Hire Hundreds of Cybersecurity Professionals, No KSAs Required

The U.S. Department of Homeland Security (DHS) is breaking rank with the current way of hiring government employees and instituting a new process to attract top talent in cybersecurity. The process, combined with an authority to hire up to 1,000 cybersecurity professionals over the next three years, enables the department to fill critical positions with qualified personnel who otherwise might overlook government employ. The change reduces the government bureaucracy to streamline hiring in a way officials believe will appeal to today's cyberprofessionals.

Under the new system, applicants no longer will have to submit written responses to KSAs (knowledge, skills and abilities), nor will they be rated on a points system. Instead, qualified individuals will submit résumés and cover letters, which hiring managers will review. "It's the same thing we would ask for if we were DHS Inc.," Jeff Neal, the department's chief human capital officer, says. Though the traditional government points system will not be used, the DHS is eager to recruit those who have served in the military. "You don't have to have points to have a high degree of interest in hiring veterans," Neal states.

From the time the DHS requested such a change to approval took only two weeks. Neal explains that his organization worked with the Office of Management and Budget and the Office of Personnel Management to make the idea a reality, and it continues to work with the offices on the hiring effort.

The DHS is trying to attract a variety of skilled personnel, including computer specialists with a specialization in information security, engineers, computer scientists, law enforcement officers (particularly cyber investigators) and program managers who have a specific focus in cyberspace. Neal expects the computer specialists to be the largest single field but that program management jobs will be numerous as well. The roles these professionals will fill include cyber risk and strategic analysis, cyber incident response, vulnerability detection and assessment, intelligence and investigation, and network and systems engineering. "These probably are going to be the most technologically literate people we try to recruit in the department," Neal says.

As such, traditional government bureaucracy hiring methods do not appeal to the talent the DHS wants to recruit, he says. The department will improve its hiring process as it moves to a résumé-based approach, particularly when looking for cybersecurity applicants.

The DHS also wanted a new process to overcome the antiquity of traditional civil-service job descriptions. Neal says many of the positions the department needs to fill fall outside the current system's job qualifications and standards. "They don't really fit cybersecurity," he states. The new process gives the DHS more flexibility to fill positions and allows the department to set its own requirements. Officials in the organization can identify a set of duties, write relevant job descriptions, find candidates and decide if they are qualified. "It streamlines the hiring process quite a bit," Neal explains.

Department Secretary Janet Napolitano announced her organization's authority to recruit and hire the new professionals to fulfill the mission to protect the nation's cyber infrastructure, systems and networks on October 1. After identifying 500 immediate positions departmentwide, officials began the hiring process by posting the job descriptions and more information on the Web site. Interested persons can apply through the site. After reviewing the submitted résumés, DHS officials will contact applicants to invite them to an invitation-only job fair January 22-23, 2010, which Neal says is actually an interview fair. Applicants will undergo interviews on site, and Neal expects dozens to walk out with employment offers.

To recruit applicants for remaining or future open positions, the department also will use other novel techniques such as accepting referrals and open advertising. The 1,000 total potential job openings relieve the department from having to request authority each time it needs to hire more cybersecurity professionals.