More Than 1 in 5 Cyber Jobs Vacant at Key DHS Division

Homeland Security cyber security analysts work in 2011.

Homeland Security cyber security analysts work in 2011. Mark J. Terrill/AP file photo

Security clearance wait times and relatively low pay are among the hiring obstacles cited.

More than one in five jobs at a key cybersecurity component within the Homeland Security Department are vacant, in large part due to steep competition in recruiting and hiring qualified personnel, according to a new report by the Government Accountability Office.  

The report, which assessed recruiting and hiring efforts at DHS overall, found that the Office of Cybersecurity and Communications – the subcomponent within the National Protection and Programs Directorate that houses cybersecurity personnel – has a vacancy rate of 22 percent.

NPPD officials cited challenges in recruiting cyber professionals because of the length of time taken to conduct security checks to grant top-secret security clearances as well as low pay in comparison with the private sector.

A lack of clearly defined skills or unique occupational series for cybersecurity positions is not only hindering recruitment efforts but also DHS’ efforts to measure cybersecurity hiring and attrition, GAO found. Without a defined career series and path, cybersecurity personnel are spread throughout a number of different occupational series within NPPD, meaning officials could not provide GAO with specific hire and loss data on the cyber workforce.

NPPD has taken a number of steps to help offset these recruiting challenges, including using direct hire authority and establishing relationships with cybersecurity centers of academic excellence to create a pipeline of qualified cyber staff. There also are department-wide efforts to boost the cyber workforce, particularly through the creation of a specific cybersecurity job series, GAO found.

GAO’s assessment was released just one day before a National Academies of Science report, which was sponsored by DHS, concluded that cybersecurity is much too young and diverse a discipline to introduce professionalization standards. Introducing these standards now, particularly given the staffing shortages that already exist in the field, would likely be counterproductive, the report found.

While the GAO report offered no specific recommendations on overcoming cybersecurity recruiting challenges, it did recommend that DHS work to better assess its departmentwide recruiting and outreach strategy by requiring all components provide consistent recruiting cost information to the department’s chief human capital office. DHS said these efforts are already underway, with an estimated completion date of Dec. 31.

“Doing so would help DHS better track the amount of resources being spent on recruiting and outreach throughout DHS and assess the extent to which increased coordination and leveraging resources have decreased recruiting costs,” the report states.