Agencies propose new federal cyber workforce pay model to OPM to address short-staffing

A coalition of agencies, looking to address a long-term cyber workforce shortage in the federal government, is proposing a new pay model to attract these in-demand workers to public service.

The Department of Veterans Affairs in July led several agencies in submitting a Special Salary Rate proposal to the Office of Personnel Management, setting a higher pay rate for federal IT management workers that fall under OPM’s 2210 occupational series.

The Special Salary Rate for cyber hires, if approved, would mark the first major governmentwide step to address a core component of its cyber workforce challenges.

The Department of Homeland Security broke ground on this work last year when it unveiled its cybersecurity talent management system. The project took seven years to complete, once Congress in 2014 gave DHS the authority to develop a cyber hiring, job classification and compensation framework separate from the federal government’s traditional practices.

Chris Paris, senior advisor for cyber workforce management in the VA’s Office of the Chief Information Officer, told reporters Wednesday the agencies that submitted the SSR expect to hear a decision back from OPM by the end of the calendar year.

If OPM approves the SSR, Paris said agencies would factor the new pay authority into workforce planning as part of the fiscal 2024 budget process.

“If approved and implemented, it would really mark a huge increase in pay across the General Schedule, but primarily for our entry talent positions, where there is such a severe pay gap between what we can provide and what industry offers. That would go a long way in actually attracting folks,” Paris said.

The coalition of agencies that submitted the SSR proposal includes the Cybersecurity and Infrastructure Security Agency, the Department of Health and Human Services, the State Department and the Energy Department.

“A lot of blood, sweat and tears went in,” Paris said, “to really develop a proposal that a lot of agencies have been clamoring for, for some time. But no one has ever put the resources behind it to actually get it past the finish line.”

The alternative pay proposal is just one of several lines of effort the Federal Cyber Workforce Management and Coordinating Working Group has in progress as part of its new report on the state of the federal cyber workforce. 

The report finds that 700,000 cyber jobs are vacant across the U.S., and about 40,000 of them remain unfilled across federal, state and local government.

“Given expected retirements, lack of entry-level and diverse talent, turnover, and the growing need for new skill sets, there is a significant risk to our cyber mission effectiveness and the long-term health of our federal cyber workforce.”

The working group’s report and ongoing work are also meant to support an upcoming cyber workforce strategy coming soon from the White House Office of the National Cyber Coordinator.

Megan Caposell, the associate chief of workforce planning at CISA, said the SSR would help address a major pay gap between what cyber professionals earn in public service, versus what they could earn in the private sector.

“We understand that there is a pay disparity between the relative market averages across the different metropolitan areas and the government’s GS schedule,” Caposell said.

The alternative pay model for federal cyber workers would narrow the pay gap between government and private sector pay, but would still not come close to what many companies can afford to pay these employees.

“Even if we had those alternative mechanisms in government, there’s still this issue of, they could leave and get 60% more at the private sector. This is a step in the direction of making our offers and the prospect of federal cyber civil service a little bit more appealing,” Paris said.

The working group, in its report on the state of the federal cyber workforce, identifies five common challenge areas common across government, including “archaic federal workforce infrastructure.”

“Our current workforce policies, the classification standards, our qualification requirements are all insufficient at the moment, in the way that we need to support the highly specialized nature of cyber work. Also, the rate at which our cyber talent ecosystem evolves,” Paris said.

The working group also takes issue with the “disjointed approaches” that agencies use to collect, analyze and report cyber workforce data, which make it difficult to forecast near and long-term hiring needs across the entire federal workforce.

The report also finds a general lack of entry-level cyber positions across agencies and a lack of upskilling and professional development opportunities, as well as wide disparities in how the federal government recruits and retains cyber talent.

“They collectively are all undermining this value proposition that government has, and that we can propose for why it’s so critical that you join our federal cyber civil service,” Paris said. “These challenges are not new, but they do require new perspectives, new tools, new policies, new practices, new laws, that will enable us to really modernize the way that we conduct cyber talent management.”

To assist human capital offices, Caposell said the working group has developed work role-specific, behavior-based interview questions federal hiring managers will be able to use to assess the qualifications of candidates for cyber jobs.

“Our goal is that all HR professionals are able to speak to each work role and understand the terminology of the cyber and IT professionals whom they serve,” Caposell said.

Caposell said the working group is also looking to update the DHS PushButtonPD Tool, which allows managers, supervisors and HR specialists to draft a federal employee position description, without the need for extensive training or prior knowledge of position classification.

Caposell said this work will lead to faster hiring, and will increase the accuracy of agency efforts to categorize and describe the work being done in specific work roles.

The working group is also looking to make the CyberCareers.gov website a one-stop shop for information on job rotation programs, details, task forces and other cross-agency work opportunities. Caposell said the site will also soon advertise additional career resources.

“The idea here is we want to reduce confusion about where cyber professionals should go to learn about opportunities and career information. Structuring this as a central hub and repository reduces that confusion for the customers,” Caposell said.

At a broader level, the working group is also working with OPM on standing up a federal-wide cyber workforce dashboard that will give National Cyber Director Chris Inglis a big-picture view of the state of the federal cyber workforce.

Paris said that under the current system, the NCD lacks accurate data needed to measure and understand the composition of the federal cyber workforce, as well as the impact any development initiatives would actually have on the workforce.

“Those metrics, when collected, would provide ideally this baseline that we need for conducting more foundational analysis, like how many vacancies currently exist in the federal cyber workforce, or which specific roles and which specific positions, at what grade levels, do those vacancies fall within,” Paris said. “Collected in a silo, this data, while meaningful to the individual agency, wouldn’t drive federal-wide strategy or action, which is why we need a centralized platform where we can collect and visualize and report out on this data at a federal level.”

To address what the report calls an almost non-existent pipeline for new talent, the working group supports the idea of a federal cyber academy to centralize federal efforts to train and develop future generations of cyber talent.

The report finds less than 6% of the federal cyber workforce is under the age of 30, while 30% are age 55 or older.

“Given expected retirements, lack of entry-level and diverse talent, turnover, and the growing need for new skill sets, there is a significant risk to our cyber mission effectiveness and the long-term health of our federal cyber workforce,” the report states.

Patrick Johnson, the director of the Defense Department’s Cyber Workforce Management Directorate, said the federal cyber academy concept borrows from the idea of military service academies.

“We do this when we train service members, and we bring them in right out of high school. There’s no reason why we couldn’t apply this to a federal cyber service academy and bring that opportunity to students, to come into the federal workforce. We’re taking them at the very beginning,” Johnson said.

Two now-defunct expert panels, the National Security Commission on AI and the Cyberspace Solarium Commission, have called on Congress to authorize a federal academy for cyber talent.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories