back to article White House’s new fix for cyber job gaps: Serve the nation in infosec

The White House has unveiled a new strategy to fill some of the hundreds of thousands of critical cybersecurity vacancies across the US: Pitch cyber as a national service. The Office of the National Cyber Director announced its Service for America campaign yesterday, a two-month "sprint" that aims to connect Americans looking …

  1. Yet Another Anonymous coward Silver badge

    The government desperately needs cyber security experts

    Must be natural born American, must be white christian (ed. I know but we aren't allowed to actually say that)

    No tattoos, piercings or non-suit wearing type behavior

    No convictions for possession of the devil's lettuce

    Pay is naturally a fraction of industry rates

    Hiring will proceed after an indeterminate period of administrative checks, if you ask how much long the process is likely to take you fail the process

    1. chivo243 Silver badge
      Go

      Re: The government desperately needs cyber security experts

      only if you have some Clearance, Clarence... I've looked into these jobs, and I've no idea what security level they want, but it's way over my Clearance, Clarence...

      1. Yet Another Anonymous coward Silver badge

        Re: The government desperately needs cyber security experts

        You can't be told what clearance you need for the job unless you have that clearance and you can't tell anyone what clearance you have unless the job is cleared for that clearance.

        1. chivo243 Silver badge
          Trollface

          Re: The government desperately needs cyber security experts

          Like Fight Club?

          1. Xalran

            Re: The government desperately needs cyber security experts

            Worse... You will only be told the level of Clearance you had once you leave the job.

            Which makes it hard to get a new job, oh, and in the eventuallity that you get a new job, you will have to jump through all the loopholes to get a Clearance from the start all over again.... from scratch.

    2. Anonymous Coward
      Anonymous Coward

      Re: The government desperately needs cyber security experts

      And don't forget that you have to be a sycophantic bootlicker to even get your foot in the door. Plus, your resume must match word-for word the posted job requirements, even if it is a lie. That is how you get hired for any Federal job.

  2. Anonymous Coward
    Anonymous Coward

    Pay mo money

    Clearance is a secondary issue. Baseline is money.

    Simply because IF you have can get the security clearance you can earn far more elsewhere.

    And the big catch with treating it as national service is the recall clauses in that. So again, it stands to cost you a lot more $$$ even if you don't end up as a grunt on the line when recalled to service.

    Try some other incentive because this one smells of bullshit ;)

  3. Kevin McMurtrie Silver badge

    Cyberjanitor

    I can't help thinking that the government's new strategy is to continue using the cheapest labor for software but then giving it to a "cyber" team to clean it up. It will be a high stress job where you're digging through mountains of gibberish architecture while the boss keeps asking why it takes so long to fix one little vulnerability. On top of that, process will demand that you fix exactly one bug at a time. No 'rm -rf' and rewrite.

  4. mmccul

    Find me people worth hiring

    I spent ten years as a security consultant. One of my jobs was to interview candidates. Time after time, I was sent "senior security analysts", "SOC analysts", "Security Engineers", even "Security Architects" as candidates to interview.

    Time after time, I indicated "Do not recommend, needs remedial training."

    Not every time, but often enough that it became something of a joke. I had recruiters listen in on my interviews only to realize, if anything, I was understating the problems. I started writing direct quotes from the candidate into my writeup to explain "We can't use this person."

    I've provided trainings, mentored individuals, and otherwise encouraged the career of others into the field. It is a constant problem to find people who are up to the level of "know they know nothing".

    Telling people to get into the field isn't very useful if we aren't sent people who are worth the cost of the chair they sit in.

    1. Go_Ruck

      Re: Find me people worth hiring

      I'm not sure where your sources were coming from, but I've applied to close to 100 CyberSecurity jobs on USAJobs.gov in the last six months (more governance, than architect, although that term seems to have lost all meaning in the last decade.) I have gotten not one response, only a few "You are approved for a GS-15," kind of email. Not one email otherwise. These jobs all top out at $191k which is already a significant pay cut from my evil consultant (Big4, etc.) salary.

      There is also a bait and switch where jobs are classified as remote, hybrid, or flexible, that then turn into "you get to pick DC, VA or Maryland, we're flexible" when you get into the app process. Agencies don't know how to write job descriptions, or evaluate candidates. I understand federal rules create crappy circumstances for agencies, but I do see "Opens on 9/1 and closes on 9/2" sorts of jobs, which are clearly designed for an incumbent they've already selected. Not encouraging.

      1. mmccul

        Re: Find me people worth hiring

        I was interviewing for my consulting firm, in the Bay area, no clearance required, with Bay area salaries.

  5. lordminty

    Well. IIts been a good week fir other countries copying ideas from the former UK government that just lost the UK General Election.

    First the Germans copy the Rwanda Plan, now our American cousins have copied the idea of doing national service in Cyber Security!

  6. Anonymous Coward
    Anonymous Coward

    Is this the same as the UK Government's 1 million jobs in Cyber?

    The headline is great, but once someone wants to go into cyber and tries to get such a role, even an entry level job, they find out that either that no one want to hire entry level staff because they don't want to have to do training, or companies want "entry level" people with significant experience but want to pay "entry level salaries", or HR set silly requirements that put many candidates off or screen people out in the first cut, or the pay is barely above the living wage and the applicant's decides there are less stressful jobs out there such as shelf stacking in a supermarket that pays around the same as many entry level roles.

    Since the accountants discovered the lower monetary savings of offshoring the number of truly entry level jobs in country has diminished.

    Please don't misunderstand me, I'm not again offshoring, its got it uses, but if any country wants to build up a native "cyber workforce" the first step is getting those native people through basic education (be that school, college or a bootcamp if someone is retraining) and into decent entry level jobs in country, without that how can we expect them to get experience to then go on to the higher level roles in the future.

    Sadly while government's seem to be happy to throw money at training part of that, the part about the people then coming off a training course and getting a job they actually want to do, and get a reasonable renumeration for, seems to be the part that is missing.

    That said I've no idea how a Government could reasonably legislate to put that in force on private industry, without having to put in place even more subsidies , as I suspect without those subsidies most private industries would just tell the government where to go...

  7. Clausewitz4.0 Bronze badge
    Devil

    Career in Cyber

    As an old-school, skilled Cyber Security Consultant, I would take a Federal position if:

    - No Job in USA and no work with USA, because of some FBI / CIA / Europol problems

    - Job comes with Firearm possession

    - A Diplomatic Passport

    - No criminal charges against past operations, in my country and / or abroad - be it related to cyber or more serious threats / injuries - all of which there are no evidences

    - A gentlemen's agreement about personal life, the split of the encrypted Bitcoins in possession and percentage on what I produce now and in the future

  8. dadbot5000

    ~200 jobs listed, none are remote. All I needed to know is this is sponsored by the White House to know it was a joke.

    1. 0laf Silver badge

      If the job requires more than basic clearance levels you'll find most of it needs to be on on site.

      Nothing particularly unusual with that.

      But if it doesn't need clearance then it's a micromanagment problem

      1. Anonymous Coward
        Anonymous Coward

        If it needs to be on site in a specific city, the pay should be higher to attract talent. Housing inflation is a lot more that wage inflation.

  9. Anonymous Coward
    Anonymous Coward

    The Snowden Issue

    And get treated like Edward Snowden if you see the Government doing bad things to the people and do the right thing for the people. No thanks

  10. Bebu
    Windows

    "Our Nation has a critical need for cyber talent."

    John Lumic (Cybus Industries) had an effective method for recruiting Cybertalent :)

    Lumic was a vastly cleverer version of Space Karen* but I could envisage an "X" cyber conversion program created by the second Trump Administration's new "Government Efficiency" Tsar.

    * admittedly in a parallel Universe in which hopefully the only second Trump Administration might be found.

  11. J.G.Harston Silver badge

    "There is a perception that you need a computer science degree and a deeply technical background to get a job in cyber," he wrote. "The truth is, cyber jobs are available to anyone who wants to pursue them."

    That may be the case in Murcia, but I've applied for UK "cyber" entry level jobs and have been turned down due to not having any skills or experience in working in "cyber".

  12. Anonymous Coward
    Anonymous Coward

    "The truth is, cyber jobs are available to anyone who wants to pursue them."

    We get that line in the UK too. So that's why entry level positions need 10yr in role with certification I guess.

    The other problem with government wanting to fill it's cyber roles is (as others have mentioned money).

    I was cyber in public sector, I was considered a national leader in it, I had over 15yr experince, held multiple certifications (I paid for). And was paid shit because the governmental pay structure determines that only 'managers' are entitled to the higher salary levels. So subject matter experts who might have desirable professional skills in the puiblic sector are paid very poorly and have zero promotion prospects unless they leave their field to 'manage'.

    So I left, and effectively doubled my salary overnight and am actually less stressed than I was in government.

    Things are changing a little since I went, public sector cyber wages are up in some places but those jobs are generally looking for someone who can run policy, incident management, do cut price pen testing, training programmes, run the firewalls plus half of IT, project managment and stick a broom up their arse and sweep the floor too.

    Seems to be a universal issue that government can't quite bring itself to pay to recruit the skills it needs, it would rather pay double fopr consultancy

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like