U.S. Cyber Command To Recruit 4,000 new Cyber Soldiers

geek4god

Over the next few years the U.S. Cyber Command, an army of 900 military personnel and civilians who monitor and defend against cyber attacks, is set to grow by 4,000 cyber soldiers. The command will expand its role in national defense by becoming a new kind of fighting force, one that protects the Internet safety of the entire country. As the expansion is implemented, Cybercom will be separated into three teams....

http://readwrite.com/2013/01/31/us-cyber-command-to-recruit-4-000-cyber-soldiers

instant000

Yeah.

Saw this a couple days ago.

It will be interesting to see how they manage to swing this.

The consensus thought is that they will have some difficulties competing for talent. As it is now, the GS pay scale can be seen as low, compared to similar responsibilities in the private sector.

There are some training initiatives going, and there is an initiative to professionalize the cyber workforce, which will wind up driving wages even higher.

WafflesAndRootbeer

They have been saying the same damn thing every year for the past several years and they can't recruit anyone. Why? They want skills that less than 1% of the IT workforce has. Skills that aren't taught or learned in IT programs. The people who know these skills can't be hired or won't pass clearance investigations and don't want to work for "the good guys" on principle. Even the so-called Cyber-Security Super-Force Digital Battlefield Warriors of the private sector that do all the DoD stuff for huge sums of money are lacking in their skills. I kid you not. The official analysis by the DoD basically said "These guys are idiots." They want guys who can do network security analysis, software code analysis, exploit investigation, hardware and software penetration on foreign and domestic networks, and a host of other things that require years of learning and "on-the-job" experience that the IT education system cannot provide. Go overseas to places like Asia or the Middle East and their tech education curriculum and resources make what the US has look like a home lab.

Qord

I think the biggest issue I'd have is a lack of trust. I don't thin I can work for and organization I don't trust.

instant000

WafflesAndRootbeer wrote: »

Even the so-called Cyber-Security Super-Force Digital Battlefield Warriors of the private sector that do all the DoD stuff for huge sums of money are lacking in their skills. I kid you not.

I agree with you.

I didn't mean to give any impression that private sector workers were necessarily more skilled. It's the same person, they can just make more dollars at the exact same skill level outside of the DoD versus in it.

One guy last year graduated from WGU's MSISA and did A/V Bypass demonstrations (using a program he wrote himself) for his Capstone assignment. (He didn't learn these skills in the MSISA program.) He's presented at several security conferences. He also stated that he wasn't likely to get a government clearance, due to some past activity which he wouldn't go into. So, this guy right here is the kind of guy DoD needs, but can't have.

instant000

They want guys who can do network security analysis, software code analysis, exploit investigation, hardware and software penetration on foreign and domestic networks, and a host of other things that require years of learning and "on-the-job" experience that the IT education system cannot provide.

To support your statement, from the article:

there are currently only about 1,000 qualified people nationwide.

experts say training a college grad to protect networks could take as many as 2,000 hours.

Another quote from the article:

If the shift happens without adding many new members to the force, possibly by moving people from non-cyber positions to cyber ones, there shouldn’t be a problem.

^^ This would be epic fail. It's as bad as the current situation with linguists with Top Secret clearances who get DoD IT jobs now who can speak Farsi but don't know how to log onto a server.

Really though, what's the long term solution to this issue?

instant000

Qord wrote: »

I think the biggest issue I'd have is a lack of trust. I don't thin I can work for and organization I don't trust.

We have this saying: Trust, but verify. (Which really means accept nothing at face value, or in other words: Trust no one.)

paul78

instant000 wrote: »

Really though, what's the long term solution to this issue?

Assuming that funding is there, it's sounds like it's really just getting people with the right blend of talent and skill and growing them. I don't think there is enough talent today and the competition with private sector would be challenging. Organic growth may be the option - but the initial start would mean people with sub-par skill. One of the problems will be talent retention.

instant000

paul78 wrote: »

Organic growth may be the option - but the initial start would mean people with sub-par skill. One of the problems will be talent retention.

Talent retention is the reason my MOS required a six-year minimum enlistment, as it doesn't make sense to do IT on an enlisted salary. The only way they can realistically retain talent is to have a good evaluation program that compensates their best and gets rid of their worst. Not everyone has to be an outright superstar, but you really have no need for bench players.

I think they could take a lot of the 25B now, that are being underutilized, and train those up for this type of job. The issue will be funding the compensation to keep them as civilians when they get out in six years.

dt3k

Even the long term solution of "build them up" and train them into what you want is difficult. You are basically providing free training for the private sector at that point. Unless you can instill some type of loyalty in them, and make them think their work is important and fulfilling, people are always going to chase the extra bucks, even if it means being miserable. I see it a lot, people leaving their state and federal jobs for private sector jobs, only to call a few weeks later asking for their jobs back, because while they are indeed being compensated better, they are miserable.

petedude

instant000 wrote: »

As it is now, the GS pay scale can be seen as low, compared to similar responsibilities in the private sector.

But benefits and job security may outweigh salary for some in the current economic climate.

dmoore44

They have been saying the same damn thing every year for the past several years and they can't recruit anyone. Why? They want skills that less than 1% of the IT workforce has.

Very true - and to make it worse, they won't pick and choose amongst skills - the recruiters have an "all or nothing" approach. I know because I've applied. Do I posses all of the skills they're looking for? Heck no, but I do posses a couple of them. Have they called me back? Nope.

MiikeB

petedude wrote: »

But benefits and job security may outweigh salary for some in the current economic climate.

Most people with these skills are relatively young I would assume and highly talented and in demand. I do not think job security is that worrisome to them.

In my experience working as a government contractor around tons of federal employees I have found most are either 1) Not very good at what they do but they somehow got in and god knows they aren't leaving because they know they aren't very good at what they do either so they will not find a comparable job elsewhere 2) Got force promoted from years of service or worse, got promoted in to the position because they couldn't do their last job and couldn't be fired, so they had to do something with them (way more common than you would want to believe) or 3) Were at the top of their craft 7 years ago but since they cannot be fired they got comfortable and stopped learning new things.

Roguetadhg

Time to hone on the security certs!

broli720

Roguetadhg wrote: »

Time to hone on the security certs!

In all honesty, certs won't teach you this. Maybe some offensive security certs but really it comes down to learning the skills and practice. I think sometimes we focus so much on getting the next cert instead of actually becoming an expert on a certain topic. I just think when you get to this level you have to be a master at your craft, be it networking or pen testing. It's hard for a jack of all trades to be proficient technically.