Incentive program helps the department retain cyber talent.
It's hard to lure hacker fighters from the lucrative private sector to the government, but once they join the State Department, they typically stay, a top department cyber official says.
Dangling cash incentives helps.
"At the State Department, the good news is when we get good people we can generally keep them," said Pete Gouldmann, director of information risk programs in State's Office of Information Assurance. "And that’s because we employ a retention bonus program that a lot of agencies don’t do. We pay our folks pretty highly for the talent that they bring in. However, it’s still a challenge to get into the State Department because you have to have the abilities to begin with. It’s great that we can retain people. We’d like to get more than we have."
The special wages are a percentage of salary, either 9 percent or 14 percent, and are distributed every pay period, according to State officials. To qualify, professionals must earn additional information technology certifications. Certifications are not free, but the extra income may cover most associated expenses.
Asked for details about the incentives, State officials insisted they are not "bonuses."
"Let us clarify that we do not consider our Special Incentive Pay (SIP), which Mr. Gouldmann was referring, to be a retention bonus," State spokesman Steve Aguzin said in an email. He describes the program, which launched in 1999, as a “catalyst for skills improvement within the IT competencies.”
It is an effort to update and hone IT employee skills so they can handle the latest technologies and meet ever-changing departmental needs. Every two years, "recipients must take continuing education IT courses or formally update their certifications with that industry to keep their SIP current, otherwise their SIP pay is suspended," Aguzin said. Most personnel get their licenses using their own time and money.
Certification exams endorsed by the government, which are administered by credentialing firms such as (ISC)2, SANS and CompTIA, generally cost between $500 and $1,000 and require annual maintenance charges.
Gouldmann was speaking at a recent Washington area government cyber leadership event, along with other computer security managers who are facing staffing shortages and salary restrictions.
Transportation Security Administration Deputy Chief Information Officer Jill Vaughan said losing her cyber employees is a major fear. "I think one of the things that keeps me up at night is just the workforce in general," she said. "Trying to keep those folks at TSA when I know they can go to a lot of different places is a tough thing to wake up to every day."
Figuring out ways to engage the workforce "and keep people happy, whether that’s making sure they have the certifications that they want or need -- whatever kind of gets that person going -- I think is a constant struggle," Vaughan said. Her focus is on maintaining morale despite fiscal constraints and other organizationwide predicaments.
A bill pending in the Senate would let TSA and other Homeland Security Department agencies compensate computer security recruits as much as higher-paid Pentagon cyber professionals. The department currently has 678 IT specialists who are receiving the special wages. Congress is mulling what sorts of retention gratuities to offer military cyber warriors, who earn less than their industry counterparts -- though generally more than civilian cyber whizzes.
According to the Office of Personnel Management, the government's human resources division, any agency can give a retention incentive to a current employee who is uniquely qualified or highly needed and would otherwise leave public service. The most recent report to Congress on the use of these bonuses, for 2009, indicates IT managers are among the primary beneficiaries. That year, the extra wages were crucial to holding on to a Labor Department chief information security officer who likely would have left, OPM officials said.
At the United States Agency for International Development, the bonuses helped improve job performance, morale and USAID IT infrastructure, the report said. About 890 retention bonuses were handed out to IT supervisors governmentwide in 2009, worth a combined $10.3 million. Other top earners included medical officers, who took home $19.7 million total, and nurses, who received $12.2 million. The study did not break out information security occupations.
The bonuses seem to have fended off at least some industry recruiters. "Retention incentives have stemmed the loss of telecommunications employees and IT staff, particularly to defense contractors," the 2009 OPM report stated.