While the Obama administration has made cybersecurity a national priority and put forth efforts to hire more than 1,000 cyber security experts at the DHS, Air Force and other government agencies, the question has been where will the government find these professionals.
A recent report by the Center for and International Studies (CSIS), a Human Capital Crisis in Cybersecurity, details the glaring need for cyber security experts and a credentialing program the create new ones in the years to come.
“The cyber threat to the United States affects all aspects of society, business, and government, but there is neither a broad cadre of cyber experts nor an established cyber career field to build upon, particularly within the Federal government,” the report states.
The report admits that while current cybersecurity programs may be “good" they are limited in focus and overall effect. The NCIS recommends the creation of a governance body that would create standards and certificates for cybersecurity certification.
The NCIS recommends the certification program from the International Information Systems Security Certification Consortium, Inc., (ISC)² as one of the best programs.
ISC² (classes) sees many electrical engineers get into the cyber security field, but also sees the value of a computer science background. According to the ISC², there are three primary fields in cyber security jobs: Cyber Security Technician with credentials/experience in forensics and ethical hacking; Penetration Testers who know how to perform ethical hacking and network breaches; and Cyber Security Managers.
Northrop Grumman, a major defense contractor for the government, is currently looking to fill numerous positions related to cyber security, especially reverse engineers. However, finding qualified candidates has been challenging.
“There is a growing shortage of cybersecurity professionals which hinders the ability of public and private sectors to adequately defend their portions of an increasingly vital information infrastructure,” said Claudine Farrell, manager, NGIS Talent Acquisition – Cyber Security and Ground System at Northrop Grumman.
Cybersecurity positions Northrop Grumman is looking to fill:
4. Intelligence Analysts (cyber focus)
Background, skills and qualifications required for these positions:
• Application Security
• Competitions-participated, won, lead (CyberDawn, National Collegiate Cyber Defense Competition (NCCDC), CyberWarrior, White Wolf, DefCon
• Computer Forensics
• Critical Infrastructure Networks
• Cybersecurity Modeling and Simulation
• Decomposable Systems
• Fast Forensics
• Identity Management
• Information Tagging Architectures
• IPv6 Transition
• Preferred: CISSP, MCSE
• SCADA systems experience
• Worked in a Network Operations Center (NOC)
• Disassemble software
• Read assembly language
• Analyze code to determine functionality
• Degrees (not limited to): Information Assurance, Cyber Security, Information Systems, Network Engineering, Computer Science, Engineering (general discipline), Math, Physics
Other qualifications desired:
• Need to be curious
• Well developed problem-solving skills
• Ability to stick with a problem long-term
• Military background
• Never shut down 24/7
• Situational awareness
• Top secret clearances with polygraph
The ideal candidate for these positions have:
• Astute situational awareness
• Familiarity with chain of command and reporting up. Candidate should be comfortable speaking up and promoting ideas through various levels of management and interacting with a variety of customers.
• Familiar with environment. It is helpful when a candidate has previous cybersecurity and technology experience and is familiar with our working environment/industry.
• Oral communication and presentation skills – ability to brief out
• Street smart and not just book smart