Federal cybersecurity is a specialized area that needs attention not just from the applicants considering a career in government, but the agency hiring managers looking for future employees.
Today’s cyber workforce needs are very strong thanks to the government’s vast quantities of information and its many adversaries, said Debra Tomchek, former executive director at the Homeland Security Department’s Chief Human Capital Office.
“The first line of defense is the systems themselves and having the proper technology, but then you need the workforce that knows what to look for and can protect against cyber breaches,” Tomchek said during a May 18 roundtable discussion hosted by the National Association of Public Administration and ICF International.
Attracting that workforce, however, is a challenge agencies and hiring managers continue to struggle with, but a good place to start, Tomchek said, is the mission.
“The mission is something that is much bigger than just one individual or a group of individuals, the mission is important to the American people,” Tomchek said. “The types of people we would want to attract, whether they’re doing IT or whether they’re park rangers delivering the mission directly or the astronauts at NASA, is people who come to government because they want to make a difference and they want to serve the public in some fashion.”
Tomchek said in her years in public service, leaders and staff don’t always focus on what they’re ultimately supporting.
“They focus on the programming, the coding or the cybersecurity aspects,” Tomchek said. “But ultimately if you’re at NASA and you’re working in the information technology area, you are definitely supporting space, you’re supporting the Mars program, you’re supporting the Hubble space telescope, you’re supporting the scientists, and your IT work directly affects them.”
The same goes for supporting IT in the National Park Service and supporting the ability of parks to function and have information available for park rangers.
“The coding is important, I don’t want to take away from the substance of the job,” Tomchek said. “but one of the things that was learned in the very first federal employee attitude survey, which was the predecessor of the federal employee viewpoint survey, is the primary motivation for public servants is public service.”
To help understand what that service might be, Maria Roat, chief technology officer at the Department of Transportation, said agencies need to know it’s OK to talk to their human resource employees and make sure they “understand the business of IT or the business of how we’re supporting the department from an IT perspective.”
“There needs to be a better partnership between the hiring organization and the hiring office, the HR office,” Roat said. “There needs to be that partnership, to be able to get in front of that HR office [and say] these are the projects, this is the vision, this is the type of people we’re hiring and looking for. To be able to talk about the priorities; what’s coming up next in the next three, four, five years, where we’re going as a department and being able to share that vision and talk to the HR community about the types of people that we want.”
Though focused on cyber skills and digital technology, the roundtable touched on a variety of topics under the IT umbrella: USAJobs and writing job descriptions, security clearances, community college IT curricula, Office of Personnel Management appropriations, accountability, risk aversion and agency mission.
During the discussion there was also talk of a July hiring fair hosted by DHS, which aims to recruit 1,000 people to the digital workforce.
OPM last November gave DHS the final green light to fill as many as 1,000 cyber positions.
In March, DHS Secretary Jeh Johnson testified before Congress that his department was “not where we should be right now” when it comes to cyber talent.
Federal Chief Information Officer Tony Scott said during an April 25 Institute for Critical Infrastructure Technology forum in Arlington, Virginia, that there is a balance between “old stack and new stack,” when it comes to federal IT systems and the people who run them.
Dan Waddell, an ICIT fellow, said it’s about patching not only the systems, but the people.
“It’s not just educating the cyber workforce, it’s educating the workforce in cyber,” Waddell said. “We need to collectively do a better job to introduce some really innovative methods, to get staff not just in the cyber or the IT vertical, but all across the organization — whether it’s HR, finance, operations, legal — to really embrace what these threats are and really turn the user into the greatest asset, not the greatest vulnerability.”