Uncle Sam Wants Your Security Skills, but Can't Get 'Em
Security is the most resilient technology area in terms of jobs, certifications and demand. This resiliency is posing a problem for the U.S. government, which is competing for talent from the technology industry. The answer? For starters, throw a ton of money at it.
If you are in need of a job or looking to switch out of a dead end in
technology, it may be time to buy an American flag lapel pin and get training,
certification and real-world experience in Internet, networking and computer
security. The Department of Homeland Security, the FBI and a host of other
government agencies are publicly asking for the best and brightest security
The problem is that Uncle Sam is competing with the private sector, and the apparent skill shortages are not being easily replaced, pointed out The San Francisco Chronicle in the article "Demand Keeps Growing for Cyber-security Workers." Despite a large unemployed technology base of workers looking for new jobs, the government and career experts say persuading top security talent in the industry to shift to taking a government gig is painful.
"We're all fighting for the same resources. We don't have thousands of unemployed security professionals," said Patricia Titus, chief information security officer for information technology firm Unisys, in the same Chroniclearticle. "Good IT professionals are still employed, and trying to entice them from private sector into the government is going to be difficult."
Department of Homeland Security Secretary Janet Napolitano did not shy away from asking security professionals to join the cause at the RSA conference in San Francisco at the beginning of last month. With a projected budget of $55 billion to be spent over the next five years by the feds on security, working for the government may become a larger reality for many technology professionals.
To put it bluntly, security is the most resilient field of all the technology areas in terms of job demand. Security skills are the only technology area with a consistent rise in demand in terms of jobs and certifications, said research analyst David Foote of Foote Partners, in a podcast with Dana Gardner, analyst with Interharbor Solutions. Foote told Gardner via the podcast transcript:
"We track the value of skills and premium pay for skills, and the only
segment of IT that has actually gained value, since the recession started in
2007, is security, and it has been progressive. We haven't seen a downturn in
its value in one quarter. ... Since 2007, when this recession started, overall
the market value of security certs is up 3 percent. But if you look at all 200
certified skills that we track in this survey that we do of 406 skills, overall
skills have dropped about 6.5 percent in value, but security certifications are
The range of security skills in demand, as Foote pointed out, is far reaching. If it's a big company or, in this case, the government, they generally are not going to outsource these functions because that increases risks, so know that you are getting into an area of technology with a bit more job stability than other areas.
Over the next three years, the DHS is slated to hire 1,000 cyber-security professionals and has extended offers to roughly 200 individuals so far. But beyond pure recruiting, the DHS and the National Security Agency are setting their sights on younger technology workers. Some are being enticed by a new competition called the United States Cyber Challenge, which began last May.
In terms of gaining security skills whether to be used for the purposes of the federal government or not, you may need some guidance on security certifications. So what certifications should you consider? Foote Partners puts out a hot certifications list every quarter, and half of the list is filled by security certs. Here is his description in the same podcast transcript from Foote:
"Twelve of 24 on this list of hot certifications are security. In order, the GIAC Certified Incident Handler is at the No. 3 position. The ISC-squared Systems Security Certified Practitioner is at No. 4. Check Point Certified Security Administrator is at No. 8. The CISA, the gold standard auditing certification from ISACA, is No. 11. And then at positions 14, 15 and 16 [are] Check Point Security Expert, the Forensics Analyst and Intrusion Analyst from SANS Institute."