The Department of Homeland Security requested $11.4 million in fiscal 2020 to fund the launch of a personnel system for hiring cybersecurity talent.
First detailed in the administration’s reorganization plan last summer, the Cyber Talent Management System is described as an “agile and innovative personnel system” that better equips DHS to “compete for cyber talent with the private sector — speeding up the hiring process, attracting talent from non-traditional educational backgrounds, using innovative tools to assess applicants, and offering more flexible performance-based compensation.”
With the new system in place, the department’s budget justification says, DHS envisions hiring 150 new cybersecurity employees by the end of 2020, particularly as the department continues to stand up and expand the Cybersecurity and Infrastructure Security Agency.
A summary of the president’s overall budget proposal referenced this new system as “a unified cyber workforce capability across the civilian enterprise.” The reorg plan echoes this notion of detailing cyber professionals, saying DHS will be “able to align prospective cybersecurity talent to the most pressing cybersecurity needs and will allow these technical professionals to accelerate their careers as rapidly as their aptitudes allow.” Eventually, DHS will “determine how to expand the system so that all departments and agencies can leverage it to address their personnel gaps.”
The system recognizes that hiring for cyber talent doesn’t work the same way as hiring for traditional government skills. “Key shifts in the design include a focus on the capability of people, not the duties of the position; a focus on continuous development and refreshment of cybersecurity capabilities; and recognizing that mission needs and talent shifts occur across the Department, resulting in the ability to move individuals around the Department seamlessly,” the justification explains.
Chris Krebs, director of CISA, recently detailed the need for the program before Congress, saying the “GS approach the government uses right now for hiring is not tailored to the unique education, certifications, approaches, processes … for the cybersecurity workforce.”
“If I have someone who goes to a two-year college or maybe no college at all, and yet has demonstrated experience where they may … be incredibly technically proficient at 22, 10 years’ worth of experience effectively, how do I account for that?” Krebs said. “Are they a GS-4 or a GS-11? By the standards that we have in place right now, I can’t reward that person and pay them the way they could be paid in the private sector. So it’s about balancing the way that we can bring people in.”
He said DHS is “in the final stages of developing the program” and plans to make its first hires this year.
The 2014 Border Patrol Pay Reform Act called for the creation of such a system and exempted DHS from many of the requirements and restrictions in existing law under Title 5 for cybersecurity hiring and compensation.