BY Rich GrisetJuly 14, 2022, 1:49 p.m.
A sign for the National Security Agency (NSA), U.S. Cyber Command and Central Security Service, is seen near the visitor entrance to the National Security Agency (NSA) headquarters in Fort Meade, Maryland, as seen in February 2018. (Photo by Saul Loeb—AFP/Getty Images)
In the midst of Russia’s ongoing war in Ukraine, a new threat against the United States has emerged like never before: Russia could carry out cyberattacks against American infrastructure in retaliation for the country’s aid to Ukraine. Previously, Russian hackers infiltrated the Democratic National Committee’s computer network in 2015 and 2016; in 2019, the Senate Intelligence Committee concluded that Russia targeted electoral systems in all 50 states in the 2016 election to support then-presidential candidate Donald Trump.
Since Russia’s invasion of Ukraine in February, federal agencies have been sounding the alarm over possible strikes against US companies, with the Federal Bureau of Investigation saying in March that Russian hackers had scanned networks of five US energy companies.
In a June op-ed for technology website CyberScoop, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), and Chris Inglis, national director of cybersecurity, wrote that “the prospect of cyberattacks here at home, whether by Russia or other malicious state and non-state actors – won’t dissipate any time soon… In today’s complex, dynamic and dangerous cyber threat environment, the answer is that our shields will likely be in place for the foreseeable future.
To meet this need, the federal government is seeking to hire more cybersecurity workers. Last November, senior Homeland Security officials estimated that the federal government had more than 1,500 open cybersecurity positions. That same month, the federal government implemented the Cybersecurity Talent Management System to enable the Department of Homeland Security (DHS) to more effectively recruit cybersecurity workers.
“Cybersecurity is national security, and we need the best talent, and we need to nurture that talent to make sure our country has the best and the brightest ready to work in this particular field,” said Dave Luber, director cybersecurity assistant. for the National Security Agency, noting that different federal agencies and military branches must coordinate their efforts to be effective against cyber risks. “It really is a team sport where we all work together to make sure it’s difficult for China and Russia to exploit our critical systems in the United States and our allied systems.”
If you are interested in working in cybersecurity for the federal government, how are you hired? Fortune spoke with experts to learn how to step into one of these roles.
What are the cybersecurity jobs in the federal government?
When it comes to federal cybersecurity jobs, the sky is basically the limit. From systems engineers and software developers to cyber defense forensic analysts and ethical hackers, there is a wide range of positions available.
“Cybersecurity is involved in every federal department and agency, and there are cybersecurity roles both here in the ring and outside the ring,” says Nitin Natarajan, deputy director of CISA, which is part of the US Department of Homeland Security. “In order to execute CISA’s cybersecurity mission, it takes a very, very wide range of experience and expertise.”
Since federal cybersecurity workers handle a wide range of duties, potential recruits without cybersecurity experience, such as communications, legislative affairs, budget, and finances, are still viable candidates. “We want to have a very strong and diverse workforce that brings different experiences to the table,” says Natarajan. “It allows us to address the complex challenges that we face and will continue to face in the future.”
While some people who work in this field for the federal government have a master’s degree in cybersecurity or a similar discipline like computer science, Luber and Natarajan say an advanced degree isn’t necessary.
“Joining the National Security Agency isn’t required, but a master’s degree in cybersecurity will certainly help someone seeking a career” with the agency, Luber says.
He adds that many people who work in federal cybersecurity jobs have been drawn to these roles out of a sense of duty. “Most people who join the National Security Agency, or the federal government at large, who are interested in cybersecurity [have] that sense of mission to ensure that our national security systems and our government systems are safe from exploitation,” Luber said.
How do I get hired to work in cybersecurity for the federal government?
Just as the work of cybersecurity professionals in the federal government is varied, so are the paths to landing a job.
“There are many different routes to get here,” says Natarajan. “There is no roadmap.”
For some people, the entry point is attending a school affiliated with the National Centers of Academic Excellence in Cybersecurity (NCAE-C) program. Run by the NSA’s National Cryptological School, the collaborative educational program sets cybersecurity and academic curriculum standards to reduce vulnerabilities in critical national infrastructure.
There are currently 384 partner colleges and universities in the NCAE-C program. About one-third of designated programs offer associate degrees and certificates in cyber defense. The others mainly involve bachelor’s and master’s degree programs, but some programs include a doctorate. candidates too. These schools can be certified in three different study programs: Cyber Defense, Cyber Research, and Cyber Operations.
Not only do federal agencies actively recruit from NCAE-C schools, but the NSA also offers more than 20 summer internships each year in various fields and a cooperative education program in which students work on NSA projects after have been authorized to work for the federal government. government.
“For about 12 weeks they will join our team and we will give them [a project] that they can really sink their teeth into,” Luber says. “They come away with a better understanding of what a career with the National Security Agency could offer them.”
A large percentage of students who participate in a summer internship with the NSA end up working for the agency full-time.
Private sector cybersecurity professionals interested in working for the federal government can find job postings on websites such as usajobs.gov, the official federal government employment site, and intelligencecareers.gov, which is the official website for careers in the United States Intelligence Community. .
There’s also the Cybersecurity Talent Management System (CTMS) that DHS launched last November. The system aims to improve the recruitment, development and retention of cybersecurity professionals by the federal government. Instead of the traditional hiring model of hiring for specific roles, CTMS screens candidates based on their skills, offers competitive salaries, and generally reduces the time it takes to get hired.
“It allows us to hire people a little differently from the traditional federal process,” says Natarajan. “People apply through a personalized application path based on the level you’re at.”
What other resources are available for people interested in working in cybersecurity for the federal government?
If you’re looking to earn a degree in cybersecurity but don’t have the funds to pay for it, you may want to apply for the CyberCorps: Scholarship for Service Program (SFS). Through this scholarship program, the federal government pays for a person’s education in exchange for their commitment to work in the federal government for a period equal to their scholarship.
The scholarship provides up to three years of support for a bachelor’s, master’s or doctoral degree. candidate; academic year stipends for undergraduate students are $25,000 per year and $34,000 for graduate students. Nearly 100 higher education institutions participate in the SFS program.
Finally, there is a Community College Cyber Pilot (C3P) program that partners with community colleges to help students become cybersecurity professionals in the federal government.
“Now is a great time to work in cybersecurity,” says Luber. “Cybersecurity is national security, and we need the best talent, and we need to nurture that talent to make sure our country has the best and the brightest ready to work in this particular field.”