Employees looking for cybersecurity jobs with the federal government can now use a new system and process. The Department of Homeland Security (DHS) recently launched its Cybersecurity Talent Management System (CTMS), which is more than a new system or website. The CTMS represents a new approach to hiring in the industry. Cyberattacks are on the rise and the industry faces a critical skills gap. So, the government aims to solve both issues with this new system.
In 2014, Congress passed the Cybersecurity Workforce Assessment Act. It directed the DHS to develop a comprehensive workforce strategy to enhance readiness, capacity, training, recruitment and retention. After seven years of work, the DHS is now using the system to first fill 150 high-priority jobs at the Cybersecurity and Infrastructure Security Agency (CISA) and the DHS Office of the Chief Information Officer, and will then expand to other DHS agencies.
“The DHS Cybersecurity Talent Management System fundamentally re-imagines how the Department hires, develops and retains top-tier and diverse cybersecurity talent,” said Secretary of Homeland Security Alejandro N. Mayorkas in a recent press release. “As our nation continues to face an evolving threat landscape, we cannot rely only on traditional hiring tools to fill mission-critical vacancies. This new system will enable our Department to better compete for cybersecurity professionals and remain agile enough to meet the demands of our critical cybersecurity mission.”
Other employers facing similar challenges in hiring and retaining cybersecurity workers must also consider new solutions. Here are five things you can learn from the new DHS cybersecurity hiring program.
DHS Cybersecurity Lessons: Use Effective Cybersecurity Skills Assessments
First, use assessments that test each applicant’s skills and expertise.
In most job applications, people present their accomplishments rather than their actual skills. The DHS cybersecurity hiring program uses simulations based on the specific position and tasks to check the applicant’s performance. During the process, the applicants undergo screenings that demonstrate their skills in areas such as incident response and network forensics. The tests in the CTMS are based on specific skills currently needed at the DHS. They will evolve as the expertise required to protect against attacks change.
Increase Your Pay Scale
As part of the program, the DHS increased its pay rates. By raising salaries, the DHS hopes to attract new talent to its department. They also hope it will help retain current talent that may have otherwise left for the private sector. The CTMS allows hiring workers with starting salaries of up to $255,800. In special cases, the DHS can increase that rate up to $332,100.
Non-government organizations should consider the same approach when setting their pay rates. By taking into account the business impact of an attack, leaders can express how important hiring and retaining skilled cybersecurity workers is. When setting pay rates, focus on the risk if the positions remain unfilled. Carefully monitor salary ranges at other businesses hiring for the same positions.
Certifications and Digital Badges: A Different Way to Approach the Cybersecurity Job Market
Asking for four-year degrees can limit the hiring of underrepresented groups. Instead, the CTMS focuses on competencies and certifications. The CTMS looks for these types of credentials and considers them when judging applicants. Employers can also use the quizzes and simulations in the system to replace expertise with the four-year degrees required before.
Other employers can take the same approach. For example, IBM’s Digital Badge program helps train current employees looking to move into the cybersecurity field. It also suggests external applicants should complete certifications and badges instead of needing a four-year degree. That way, the pool of qualified applicants widens and the employer can reduce open positions.
DHS Cybersecurity Lessons: Focus on Improving Diversity
Removing barriers to employment, such as requiring a four-year degree, is also a matter of letting people from varied backgrounds in. In this way, the DHS is working to improve diversity for underrepresented groups. In addition, the DHS’s 60-day Workforce Sprint, which focused on hiring cybersecurity workers, included targeted outreach to underserved communities and communities of color. The program exceeded its goal by 50% by hiring and onboarding 293 cyber workers. At the end of the sprint, the DHS also had an additional 500 tentative job offers pending.
The DHS is also working on setting up a DHS Intelligence and Cybersecurity Diversity Fellowship Program for eligible college students. That includes historically Black colleges and universities and minority-serving institutions. It invites students to a paid cybersecurity internship at the DHS. Students who complete the program will be offered employment in DHS cybersecurity. Programs such as this fellowship help students from underserved communities find jobs and provide incentives for going into a government cybersecurity career. Other employers can create similar programs by partnering with local universities and targeting diverse students.
Reduce the Time Required to Hire
Hiring a new cybersecurity worker used to be a complex and often lengthy process for government agencies. And every day a position is not filled, the chance of attacks increases. With the DHS cybersecurity hiring program, the process is streamlined, which reduces delays and gets new employees hired more quickly. By focusing on efficiency in the hiring process with the CTMS, organizations can limit their open positions — and their vulnerabilities.
By using technology and automation when possible, businesses can improve the hiring process and increase the chances of top applicants accepting their offers. If an applicant is offered a position with a rival first, they are likely to accept that offer instead of wading through more complex processes. Organizations can take a similar approach by using HR automation technology that improves the speed and accuracy of what were manual tasks. Because these tools automatically send the applicant’s information to the next person in the workflow with deadlines and reminders, it reduces the time paperwork spends sitting in someone’s inbox or desk.
The DHS cybersecurity talent system’s efforts to improve hiring and the industry overall are innovative and provide an example for other employers. By looking for ways to improve processes and hiring practices, you can reduce open positions in their company while at the same time reducing risks.