Fed CISOs Seek Fresh Grads

Survey: 20% of New Hires Will be Scholarship for Service Students With so much emphasis on cybersecurity, federal chief information security officers (CISOs) are aggressively seeking well-trained and qualified IT security professionals. And to do so, they are turning to fresh college graduates.

This is the news from the survey, "The 2010 State of Cybersecurity from the Federal CISO's Perspective," conducted by (ISC)2. According to the report, many government CISOs are turning to the Scholarship for Service (SFS) program to fill their hiring needs. The survey finds that 44 percent of the CISOs expect to hire one-to-five SFS students in the coming year, while 12 percent will hire more than six. In all, 20 percent of their new hires will be SFS students.

"This is the time for guaranteed full-term employment for professionals embracing cybersecurity," says Lynn McNulty, (ISC)2 consultant and member of (ISC)2 U.S. Government Advisory Board for Cyber Security. "The students from the SFS program are well prepared and come with a focus on the government's cybersecurity problems and are in a position to contribute immediately."

These students are hired for broad roles such as security analysts, network security and firewall specialists, and on average they start out with a salary range of anywhere between $45,000-60,000 per year.

The SFS program is sponsored by the National Science Foundation for students advancing their skills and learning in information assurance. This program provides scholarships that fully fund the typical costs that students pay for books, tuition, room and board while attending an approved institution of higher learning in information assurance. Additionally, participants receive stipends of up to $8,000 for undergraduate and $12,000 for graduate students.

In return, graduates promise to work at a federal agency for a minimum period of two years. The students who win these scholarships must study at an established Center of Academic Excellence (CAE) accredited by the National Security Agency and the Department of Homeland Security.

The benefits of this CAE academic education are seen in the private sector as well, where fresh cybersecurity graduates are being absorbed in the current workforce. Many of these college students are in demand within large system integrators and traditional consulting companies to implement new projects related to network security, says David Graziano, Operations Director, Security, US Public Sector at CISCO.

"These students are very advanced and have real world experience through internships at federal government agencies that gear them in adapting to these cybersecurity roles fairly well," he says. "They have worked on cool projects and definitely have a promising career going forward".

Also, to further strengthen the capabilities of the IT federal workforce the Cybersecurity Act of 2009 includes several provisions under which the Scholarship for Service program would be dramatically expanded to up to 1,000 students per year.

These initiatives in cybersecurity education are leading to a new talent breed whose goal is to reduce vulnerabilities in the nation's critical information infrastructure and fill the growing gap within the IT security workforce.

"The future of the cybersecurity profession is being defined now, and this is where young graduates can make a difference," says McNulty.

Among the survey's other key findings:

  • Focus on Certifications -- Security certifications are seen as significant to career advancement and promotions within the public sector, with 75 percent of CISOs advocating mandatory certifications across the government, and 32 percent indicating that certifications are of high value while hiring and promoting candidates. The CISSP, followed by CISM and NSA-IAM, are the prevalent certifications most desired by federal CISOs.

  • Staffing Solutions -- Government leaders are aggressively looking to augment their cybersecurity staff by converting 30 percent of current contractors into full time employees, tapping another 29 percent qualified practitioners from the private sector and a similar number from internal sources within the organization.

  • Social Media -- 78 percent of federal CISOs have jumped on the social media policy boat and have enforced security policies in place for social networking activities within their organization.

  • Job Satisfaction -- 63 percent of federal CISOs confirm they are satisfied with their jobs, which is attributable in part to their strong belief that they have a significant impact on the security of their organizations.

About the Author

Upasana Gupta

Upasana Gupta

Contributing Editor, CareersInfoSecurity

Upasana Gupta oversees CareersInfoSecurity and shepherds career and leadership coverage for all Information Security Media Group's media properties. She regularly writes on career topics and speaks to senior executives on a wide-range of subjects, including security leadership, privacy, risk management, application security and fraud. She also helps produce podcasts and is instrumental in the global expansion of ISMG websites by recruiting international information security and risk experts to contribute content, including blogs. Upasana previously served as a resource manager focusing on hiring, recruiting and human resources at Icons Inc., an IT security advisory firm affiliated with ISMG. She holds an MBA in human resources from Maharishi University of Management, Fairfield, Iowa.

Around the Network