DHS pushes new cyber hiring authorities

 Solis Images shutterstock ID 795758674 

The Department of Homeland Security is seeking $11.4 million to support the addition of 150 new cybersecurity positions by the end of fiscal 2020. As part of the federal government's push to remain competitive with the private sector, Congress gave the department authority to exempt its cyber employees from certain hiring and compensation requirements.

Cybersecurity and Infrastructure Security Agency Director Christopher Krebs told Congress last week that the agency is in the "final stages" of developing the program and pulling lessons learned from other personnel systems. The agency is also rolling out a new design that is supposed to provide more flexibility around hiring, pay increases and performance management.

Krebs said requirements in the government's standard General Schedule pay scale are a poor fit for the kind of nontraditional cybersecurity talent the agency is hoping to attract and recruit.

Traditional education benchmarks may not translate effectively to the cybersecurity field. A 2016 joint report by the Departments of Commerce and Homeland Security found that "employers are expressing increasing concern about the relevance of certain cybersecurity-related education programs in meeting the real need of their organization" as well as anecdotal evidence that organizations are "overly reliant upon educational attainment ... rather than making employability judgments based upon competency-based assessments or evidence."

A 2016 survey of IT professionals by McAfee found that less than a quarter of employers believe educational programs adequately prepare students to enter the cybersecurity workforce and overemphasize technical skills while underemphasizing critical soft skills like communication, analytical or strategic thinking and teamwork.

Krebs asked lawmakers to imagine a 22-year-old job candidate with a two-year degree or no college but with demonstrated experience and proficiency. "How do I account for that? Are they a GS-4 or a GS-11? You know, by the standards that we have in place right now, I can't reward that person and pay them the way they could be paid in the private sector."

The proposed Cyber Talent Management System is designed to help DHS recruit and retain "rare, valuable cyber security talent" that could help the department better align the non-educational qualifications of a candidate to the right pay scale.

Krebs said that the organization will start using the system to make new hires this year, but the agency is still transitioning from its legacy personnel IT system and wants to leverage other options such as retention bonuses in the meantime.

Other parts of the federal government are looking to create new solutions to bolster the IT security talent pipeline as well. The Office of Management and Budget launched a Cyber Reskilling Academy that seeks to retrain small cohorts of non-technical federal employees for cybersecurity jobs, while members of Congress are pushing legislation that would make it easier to deploy and detail IT security professionals from one agency to another depending on need.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.