recommended reading

Tech Unit Stretches Federal Pay System to Recruit Cyber Talent

scyther5/Shutterstock.com

The General Services Administration's digital consultancy 18F is getting creative about more than just technology.

To attract private-sector cybersecurity talent, 18F is offering potential hires jobs at the top of the General Schedule pay scale, a level traditionally reserved for high-level supervisors with managerial roles and a step below the Senior Executive Service. New application security engineers, security operations engineers and penetration testers at 18F would be hired at the GS-15 level.

The 18F office recruits heavily from the private sector, including Silicon Valley tech startups. The office has a "severe shortage of qualified applicants" for information security jobs, according to its USAjobs.gov posting.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

Working within the Office of Personnel Management's pay-setting and flexibility rules, 18F sought to elevate information security positions to give recruits the freedom they might expect in the private sector even though they aren't managerial, 18F senior technology advisor Eric Mill told Nextgov.

OPM has granted agencies direct-hire authority for information security jobs, allowing agencies to hire any qualified candidate.

“The GS pay flexibilities may be used to help recruit and retain employees in any job in which an agency is experiencing staffing difficulties," an OPM spokesperson told Nextgov. "Many of the available flexibilities may be used now without OPM approval.” 

18F's GS-15 experiment is one of many designed to make government more competitive with the private sector for critical cybersecurity talent. The White House also has been promoting short-term tours of duty, including potentially creating a cyber cadre within the Presidential Management Fellows program.

What It Means for Managers

Though it's compliant with federal hiring standards, the 18F effort could disrupt the conventional federal hierarchy.

“We've gotten both reactions. We definitely have heard a little bit of negative reaction, of ... concerns that it's overclassification," Mill told Nextgov, though he said that hasn't been the dominant response.

Some of those concerns involve grade creep and talented employees leaving their agencies for higher-graded, yet similar positions at organizations like 18F. At some small agencies, a chief information security officer could be a GS-15, one senior official told Nextgov on background. He suggested such a policy could inspire talent at the GS-13 and -14 levels to leave their current agencies for others that hire GS-15s in nonmanagerial roles. Instead of changing rank, the official suggested offering bonuses to information security professionals.

"The way we classify the GS-15 positions has extremely little to do with salary and has to do with the responsibility it has within the organization," Mill said.

For 18F, technologists are leaders within the organization and "responsible for significant pieces of strategy in the organization," he said. This approach may not be applicable at other agencies, but at 18F, which works with other agencies on tech projects for a fee-for-service bases, "we have a different structure, [we] have a different mission," Mill said.

The government needs to try new tactics to "be able to offer the kinds of salaries [so] we can attract and retain people," Richard McKinney, chief information officer at the Transportation Department and member of the CIO Council's Workforce Committee, told Nextgov. McKinney said although DOT hasn't tried this yet, because the department has recently had success filling its shortage of cyber talent, he’s open to any ideas that “give me more flexibility."

And 18F’s efforts aren’t the first time agencies hired non-managerial GS-15s, said Jeffrey Neal, senior vice president of the consulting firm ICF and formerly the Homeland Security Department's chief human capital officer.

"We have grade inflation all over the place," he told Nextgov. "Most HR people recognize it's a problem. Deciding to draw the line on cybersecurity positions, which are positions a lot of people would argue are vital to our economic and national security, seems to be a shortsighted and misplaced concern."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov