May 04, 2017

New Democrat Coalition Members Urge OPM to Improve Cybersecurity Hiring Process

This week Co-Chairs of the New Democrat Coalition Cybersecurity Task Force sent a letter to the Office of Personnel Management (OPM) inquiring about the federal cybersecurity hiring and training process. Currently our country faces unprecedented cybersecurity challenges, yet the federal government struggles to recruit and retain qualified cyber professionals. New Dems encourage OPM to explore ways to adjust their requirements and streamline the hiring process for federal cybersecurity jobs, including looking to the private sector for ideas.

"In recent years we've seen that our infrastructure, our economy, and even our very democracy are vulnerable to cyber attacks," said Cybersecurity Task Force Co-Chair Derek Kilmer. "We have the best equipped, well trained, and most capable fighting force in the world when it comes to conventional attacks, and it's past time to make sure we can say the same about cyber attacks. Our cyber taskforce is urging the federal government to step up so we can continue to grow a workforce that can meet this growing threat to our country's safety.”

“To keep our nation safe, we must cut the bureaucratic red tape so we can hire and train the right cybersecurity professionals,” said Cybersecurity Task Force Co-Chair Josh Gottheimer.  “I’m committed to taking serious steps to strengthening our national security, and that begins with improving our cybersecurity defenses.”

“The cyber threats against our government are rapidly evolving every day, and we need to evolve faster,” said Cybersecurity Task Force Co-Chair Kathleen Rice. “We’ve identified two ways OPM can streamline their hiring process and step up their efforts to recruit and retain talented cyber professionals, and I look forward to an ongoing conversation about what else we can do to build the 21st century workforce we need to protect us in the cybersphere.”

The full letter can be found here and the text can be found below.

 

 

Dear Acting Director McGettigan,

 

As Co-Chairs of the New Democrat Coalition Cybersecurity Task Force, we understand that the Office of Personnel Management (OPM) plays an important role in recruiting and retaining a world-class federal workforce for the American people. Today our country faces unprecedented cybersecurity challenges, yet the federal government struggles to recruit and retain qualified cyber professionals.     

We write to inquire about two aspects of the federal cybersecurity hiring and training process.

First, under the 1958 Government Employees Training Act, federal agencies have the authority to provide training, including non-governmental training resources, for employees. Offering industry-recognized certification testing would be a valuable tool for agencies to recruit and retain highly-qualified cyber professionals. Agencies currently do not offer this benefit because there is no explicit authorization for it under 5 U.S. Code § 4109, which outlines allowable expenses for training. Is there anything explicitly preventing the use of these tests? If nothing is preventing their use, what action would best encourage their use?

Second, we would like to learn more about the OPM degree requirements for cybersecurity-related jobs. It appears that OPM does not mandate cyber professionals have a four-year degree, but we have been informed that the vast majority of job postings ask for one. Given the increasing need for cybersecurity personnel, OPM should be more flexible with job requirements. For many of these jobs, a two-year degree or other non-traditional education paths, such as industry-recognized certification testing, can sufficiently prepare workers, especially in combination with high-value experience. Accordingly, we encourage OPM to explore ways to adjust the requirements and streamline the hiring process for federal cybersecurity jobs, including looking to the private sector for ideas.

We look forward to your responses and the opportunity to continue working with OPM on these issues.   

Sincerely,



--->