The Cyber Edge Home Page

  • Credit: Shutterstock/metamorworks
     Credit: Shutterstock/metamorworks

DISA Tackles the Cybersecurity Workforce Shortage Head-On

The Cyber Edge
May 13, 2020
By Julianne Simpson
E-mail E-mail the Author

A broad approach to recruitment keeps the agency well-equipped for the future.

By using multiple lines of effort, including college and university engagement, social media, virtual events, military outreach and partnerships, the Defense Information Systems Agency is taking a multidimensional approach to the development and growth of its cybersecurity workforce.

According to the (ISC)² 2019 Cybersecurity Workforce Study, the global cybersecurity workforce needs to grow by 145 percent to meet the demand for skilled cybersecurity talent. In the United States, it needs to grow by 62 percent. “It’s a big task,” the report said.

Inside the Defense Information Systems Agency (DISA), officials say the agency is up to the task. “We are the IT [information technology] combat force agency for the Department of Defense,” says Jason Martin, vice director, Business and Development Center. “Cybersecurity is absolutely a part of it,” he adds.

DISA needs network engineers, system administrators, program managers and all the support services that feed them, including those in finance and human resources. “We need the folks who really understand cyber and have a background in cyber, but then we need people to lead those teams,” Martin stresses.

“We need people to be able to collaborate and coordinate and work across the department to ensure we are bringing the right cybersecurity services to bear enterprise services, data center services, network services, you name it,” he says.

Every position has a flavor of cybersecurity, so essentially anyone with an information technology background is someone DISA needs. Especially important though is to have people who can understand the big picture and how it all fits together, Martin states.  

Lori Ramirez, acting director, Workforce Services Directorate, also sees the need to recruit people with a variety of skill sets. “It’s an entire operational team effort that allows us to deliver what we’re doing,” she says.

The agency has had great success with the current COVID-19 situation, with most of DISA now working remotely. “The entire agency as a whole is focused on this problem set. We are seeing people step up from a variety of perspectives to be able to deliver new capabilities. It’s honestly pretty exciting to watch,” says Ramirez.  

Ramirez says DISA’s perception of cybersecurity is different than what the majority of others may see, such as a young, white male in a basement wearing a hoodie and writing code.

“We see people of all types, all age ranges, and people who may want to move into [cyber from] another career field,” she says.
Martin adds, “What we have found is obviously you don’t have to look a certain way or have a certain degree or background. To be a patriot, a leader and somebody who cares about the mission, that is what we want.”

DISA recruits these workers through a wide variety of endeavors. Frank McHenry, director of recruiting, Workforce Services Directorate, along with Martin, who was recently named the senior academic relationship manager for DISA, are the boots on the ground.  

Their main focus is on college and university engagement. Martin and McHenry reach out in person and over social media. They attend job fairs, hold virtual events and host academia for full days at DISA headquarters.

“We bring them in and let them know a little bit about who we are, what we do and take more of a personal approach to building relationships,” McHenry says.
DISA has partnerships with Towson University and the University of Maryland Global Campus (UMGC) as well as Howard County public schools and other high schools in the Fort Meade area.

“We know cyber challenges are happening all the way from high school through college, and we are looking to get more involved with what these challenges are, where they are and how we as an agency can support that,” McHenry says.

DISA is aiming to sponsor a national cyber challenge in the near future, he adds.

The agency has also expanded its presence on social media. “We continue to build our talent network in conjunction with our followership on social media with LinkedIn, Facebook and Twitter. Growing our talent pool is directly related to the folks that are following us and all of the interesting things that are happening at DISA,” McHenry says.

Another part of DISA’s line of efforts is diversity outreach and partnerships. “We’ve made great strides with our relationships with HBCUs [historically black colleges and universities], the EEO Office [Office of Equal Employment Opportunity] and disability hiring events,” says McHenry.

Military outreach is also hugely important for hiring. A person doesn’t need a four-year degree to work at DISA, but “we are working closely with the military to ensure that a lot of those folks have the expertise and the skills that we are looking for,” says McHenry.

DISA is working on several initiatives, but their partnership with the Reserve Guard is the biggest one.

Internships also play a large role in how DISA fills its cyber positions.

“We now find recruits, as opposed to waiting for them to come to us,” says Ramirez. “When we bring them in, it’s not to put them in one job and go, ‘Hey, this is your job forever within the department,’” she adds. Instead, the internship program is built on the concept of flexibility.  

“I’m going to make sure we move [the intern] around the agency,” says Ramirez. It will definitely include cybersecurity, but the intern will also do a rotation on the operations floor to see why doing cybersecurity matters. The intern may also be exposed to the financial aspects of what’s going on so that they become a well-rounded person.

“What we want to do is yes, develop IT professionals, but we also want to develop leaders. We want them to be excited about what they’re doing and really understand the warfighter perspective, the larger perspective of who they serve and the impact that they’re having,” Ramirez stresses.  

Interns can also expect senior level exposure as they rotate through the agency, with commitment across senior leadership to invest time with the interns.

“We are putting them on very high-visibility and high-profile projects that will then go back and help them in their studies and will also be a resume builder for them,” says Martin.

For example, Martin is placing interns on the identity projects for the department, some high-visibility things like zero trust and big data platforms—all those entities that are critically important to cybersecurity that are also big in the marketplace as well.

The competition to recruit and retain cybersecurity professionals is fierce as government, industry and academia all vie for the same small supply of candidates.

Ramirez knows the only way to get out of the continually competitive environment is to increase the pool. And that’s why she’s so excited about what Martin and McHenry are doing, interfacing with universities, helping them modify their curriculum and finding candidates with diverse backgrounds to fill positions.  

Martin and McHenry recently hosted 10 universities, including the University of Missouri and Drury University, to talk about forming a Missouri statewide Cyber Center of Excellence.

“We were helping them, giving them the information they need that would help prepare students and give their students internships, which is essentially an educational not-for-profit organization,” says Martin. Forming relationships like that for information sharing helps create a pipeline of students and new hires to DISA and the Defense Department.

Martin himself has a diverse background. He has a history degree with a minor in political science. Surprisingly, if you look across the DISA senior leadership, there are only a handful of engineers, he says.

His advice to all students is to take classes that interest them and enjoy what they’re doing. “If there’s any interest in IT, networking, cybersecurity, you name it, take it. Any one of those skills is going to help you get into the agency,” he adds.

Ultimately though, Martin wants his employees to be happy. “That’s what’s going to keep you coming back to work every day.”

“When we go out to these events, we lead with—we’re looking for patriots; we’re looking for people who want to be involved in the mission and understand the DOD culture,” says McHenry.

The more he can get leaders like Martin out there, the more excitement and buzz grows on social media. “Every time we’ve gone out and we’ve built a relationship, and we’ve actually had the chance to get in front of students and others, the feedback is just outstanding. That’s the personal approach that we’re trying to deliver, which differentiates us from our competition,” he stresses.

“We actually want our seniors out there, and we want to have the younger generation hear them and hear how incredible their story is because we have senior executives that started as interns and went from a GS-1 or 2 to a senior executive,” McHenry says. “We have those stories to show. The more that we can get out there and actually have that personal connection, I think the greater it is for our organization.”

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Share Your Thoughts:

Very impressive article. This pretty much the wave of the future as every day we hear of more and more hacking and information leaks. Every patriot should be concerned about the security of this country especially when more than half of our workforce now is working from home. I am particularly encouraged by Jason Martin's comment: Ultimately though, Martin wants his employees to be happy. “That’s what’s going to keep you coming back to work every day.” Isn't that what everybody wants in their career choice?

Share Your Thoughts: