With the Department of Homeland Security poised to hire up to 1,000 cyber security engineers, developers and analysts over the next three years, many believe the demand for computer/cyber security professionals might outweigh the supply. Indeed, DHS Secretary Janet Napolitano authorized her department to streamline its hiring process, which usually takes months.
That’s the good news. The challenge: Cyber security is a relatively new and evolving field that, for many technology professionals, requires knowledge of multiple disciplines and relatively new credentials.
“We already had the plan to grow our cyber workforce, but what the secretary did is give the authority to DHS to make direct hires like most private sector companies,” says Amy Kudwa, DHS spokesperson. “The direct hire authority from the Office of Personal Management will significantly streamline the process, reducing the timeline to a matter of days or weeks.”
At the DHS is seeking to fill a wide swath of cyber-related jobs, including program analysts, information security specialists, IT specialists and systems engineers. The agency is vague when it comes to technical skills needed for these positions, though it outlines the basic requirements to work around sensitive government information: U.S. citizenship, security clearance and a financial disclosure statement.
According to Kevin Coleman, strategic advisor for the Technolytics Institute, a successful cyber security professional must have expertise in one or multiple programming systems such as Microsoft, Solaris, Linux and Unix. Of particular need are architect and operations management specialists who understand complex and interconnected networks.
“They have to understand the complexities of different systems working together and not just one network,” Coleman says. “They need to understand how one change or modification could impact all others.”
The International Information Systems Security Certification Consortium, or (ISC)² offers the Certified Information Systems Security Professional (CISSP) credential required for some cyber security positions.
ISC² sees many electrical engineers moving into the cyber security field, though it says a computer science background is also valuable. According to the ISC², there are three primary fields in cyber security jobs: cyber security technicians with credentials/experience in forensics and ethical hacking; penetration testers who know how to perform ethical hacking and network breaches; and cyber security managers.
“If you look at what’s needed to protect the IT world, we need people with deep technical experience in forensics, incident handling and secure coding,” says W. Hord Tipton, executive director of ISC². “At the other end of the spectrum we have the management piece, the people who have a certain amount of security knowledge and know how to ask the right questions, but don’t have the technology depth to do it.”