The Office of Personnel Management (OPM) and the Office of Management and Budget (OMB) have worked with the Chief Human Capital Officer (CHCO) agencies, private industry and academia since October 2015 to develop the Federal Cybersecurity Workforce Strategy. We worked closely with agencies and the cybersecurity communities to identify existing and forward-leaning strategies that will help the Federal Government build a cybersecurity workforce pipeline; and recruit, hire, develop, and retain top talent.
The nature and scope of cybersecurity work is continually evolving. Efforts have been undertaken to identify the cybersecurity workforce within the Federal Government, which covers numerous occupations with unique technical skills. CyberCareers.gov was created as part of the Federal Cybersecurity Workforce Strategy to provide a platform for Cybersecurity Job Seekers, Federal Hiring Managers and Supervisors, Current Federal Cybersecurity Employees, Students and Universities consolidated online access to tools, resources, and a guide to the Cybersecurity workforce within the Federal Government.
Q. What workforce approaches are included in the Federal Cybersecurity Workforce Strategy?
A. The Strategy contains human resources approaches in four different categories seeking to: identify cybersecurity workforce needs, expand the talent pipeline through cybersecurity education and training, recruit and hire highly-skilled cybersecurity talent, and retain and develop highly-skilled cybersecurity talent.
Q. What factors were considered in developing the Federal Cybersecurity Workforce Strategy?
A. The following factors were considered in developing our Strategy:
- Cybersecurity is a shared responsibility among agency leadership, employees, contractors, private industry, and the American people.
- The cybersecurity workforce includes employees who join Federal service at different times in their careers and have different levels of expertise.
- The cybersecurity workforce includes a mix of technical and non-technical professionals focused on all aspects of institutional mission.
- This is a Government-wide human capital strategy, requiring ownership and action from multiple agencies and entities.
- The Strategy focuses primarily on the Federal workforce, with the understanding that contractors also play vital roles in Federal cybersecurity.
- The Strategy will provide corresponding resources to non-cyber professionals, such as foundational cybersecurity training and development and career mobility opportunities.
- While every agency is responsible for managing cybersecurity risks and will have staff that serves as part of the cybersecurity workforce, the majority of the civilian cybersecurity workforce will serve in positions at agencies with cybersecurity missions. These agencies include the Department of Defense (DOD), the Department of Homeland Security (DHS), the Department of Justice (DOJ), the Department of State, the Department of Commerce, the Department of Energy, and the Department of Treasury, among others.
Q. Why would someone want to pursue a cybersecurity career in the civilian Federal Government? (Note: the military workforce is not included in the Strategy.)
A. The Federal cybersecurity workforce has the exciting and challenging mission of protecting Government information technology (IT) systems, networks and data; safeguarding the Personally Identifiable Information and tax records of hundreds of millions of Americans; supporting our Nation’s financial systems; and securing our critical infrastructure, defense and intelligence systems. The Government also seeks to find ways to encourage cybersecurity professionals to join Federal service at different times in their careers, to create new opportunities for development and innovation.
Q. Which agencies have the most cybersecurity jobs?
A. While every agency is responsible for managing cybersecurity risks and will have staff that serves as part of the cybersecurity workforce, the majority of the civilian cybersecurity workforce will serve in positions at agencies with cybersecurity missions. For example, the Intelligence Community has a cybersecurity mission, as do the Department of Defense (DOD), the Department of Homeland Security (DHS), the Department of Justice (DOJ), the Department of State, the Department of Commerce, the Department of Energy, and the Department of Treasury, as well as others.