Do federal hiring processes discourage qualified applicants?

Shortage of qualified IT security professionals not helped by government's cumbersome policies

Information technology security has been identified as a critical area in which thousands of employees will have to be hired just to replace aging federal workers who are eligible for retirement in the next few years. Officials warn of a serious shortage of professionals qualified to fill these jobs, but one frustrated applicant says getting a government job can be as tough as the biblical challenge of getting a camel through the eye of a needle.

“I have applied to nine different positions in three agencies (Defense Information Security Agency, IRS and Veterans Affairs) since March 2009,” he said. He has had one interview, and it is now going on six weeks with no word back from the agency. The status of the other eight job listings has not changed in five months. “I inquired on one of them last month [July] and was told that ‘the external resumes haven't been reviewed yet.'”

It is not that he isn’t qualified. He is a certified IT security professional working for a major defense contractor with 20 years experience and security clearances from the Defense and Homeland Security departments. “I’m a gold-plated candidate,” he said.

The Office of Management and Budget did not respond to requests for an interview on hiring practices. But the applicant, who prefers to remain anonymous in order to protect his current job, blames government bureaucracy. “The process is so weighted down with paperwork and process, there is no way it could get done quickly.”

A study released last week by the Partnership for Public Service estimates that nearly half of the federal IT workforce of 56,463 will reach retirement age over the next three years, and a survey of agencies shows that they intend to hire more than 11,500 workers from fiscal 2010 to 2012.

The same organization released a report in July found in which it concluded that “our federal government will be unable to combat [cyber] threats without a more coordinated, sustained effort to increase cybersecurity expertise in the federal workforce.” It quoted Defense Secretary Robert Gates as saying that the Pentagon is “desperately short of people who have capabilities (defensive and offensive cybersecurity war skills) in all the services and we have to address it.” Three quarters of CIOs, CISOs, IT hiring managers and human-resources professionals surveyed for the report said attracting skilled cybersecurity talent would be a high or top priority through the next two fiscal years.

Citing what some experts are calling a “radical shortage” of skilled cybersecurity professionals, a government and industry coalition in July announced the U.S. Cyber Challenge, a collection of long-term programs to identify skilled students at the high school level and earlier, and to foster their educational and professional development to help fill the human resources pipeline for the cybersecurity professionals needed in coming years.

But if federal hiring practices are not changed, that pipeline will find itself backed up as applicants begin to emerge. The Partnership for Public Service study identified a handful of hiring roadblocks, including:

  • Fragmented governance and uncoordinated leadership that hinders the ability to meet federal cybersecurity workforce needs.
  • Complicated processes and rules that hamper recruiting and retention efforts.
  • Disconnects between front-line hiring managers and government HR specialists.

That has been the experience of the frustrated applicant. “Each agency has its own rules,” he said. One agency official told him that the hiring process now takes from four to nine months.

This applicant can afford to wait. He likes his present job and is looking for a government berth primarily to find work closer to his home and family. But that lead time for employment will eliminate many qualified workers, he said.

“No qualified individual is going to wait five to eight months to find out if they got the job,” he said. And there are limits to his own patience. “I want to be challenged and give something back to the feds, but ...”

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Fri, Sep 11, 2009 Riaz Sahibzada Bowie

I remember being asked to screen applicants three years after they had applied. For caricature details, I refer you to my blog:www.sahibsview.blogspot.com

Fri, Sep 11, 2009

The applications process is cumbersome and frustrating. After filling out a few applications completely and even more half-way I gave up and took a high paying contractor job.

Fri, Sep 11, 2009 James

I've worked as a government contractor for years, have degrees, certifications, certificates, and skills that few in the industry have and yet I get passed over... why? Because they are looking to hire internally at the organization I've applied at. They post just to dot their is and cross their ts... they don't actually mean it. At issue is that the government continues to take itsown, even if those individuals are not qualified... the claim that they want to get young blood or new blood (non-civil servants) is bogus. This organization doesn't care so long as the good ol' boys continue to rule.

Fri, Sep 11, 2009

I am an FTE working in IT who was also a contractor providing IT services to the federal government at one time. The looming shortage of qualified FTE cybersecurity is ironic. The pool of FTEs with cyber (IT) background and experience that could "grow up" to fill those positions and the lead-in IT/cyber jobs they occupied, have been heavily culled in the last eight plus years. Why? Because the IT jobs where people actually do the hands-on IT/cyber work are considered "not inherently governmental" making the jobs ideal outsourcing candidates. The only thing left is the "inherently-governmental" management-level positions. Many of these positions are filled by people who with limited/ dated IT/cyber experience. There is an attitude/belief among many, that one doesn't have to really know/understand/be technically experienced to manage IT. While the Clinger-Cohen Act validated the CIO role,there is an assumption the people who fill the management postions, will some how spring forthwith the appropriate federal knowledge and IT/cyber background/ skills. Or the assumption is that the people with the needed IT experience for those GS-13, 14, 15, SES positions can be easily recruited from outside the federal government. The inefficiency and fallacy of this assumption is obvious, based both on the slow, bureacratic federal hiring process and many of the comments posted here. Of course, there will be a tendency to want to provide progression from within the ranks of the existing federal workforce, among whom there might be someone with "management" skills but limited cyberskills. But, then, the assumption seems to be that the void in true cyberskills, will be filled by outsourcing. A solution would be to recognize that one must both grow "one's own" from within while also allowing for recruiting talent from outside as well. Additionally, the FTE workforce filling those positions from within should indeed be required to meet the same criteria, qualifications, etc.as required of the external candidates or contractors. As a contractor, it constantly amazed me when the federal technical COTR and many of the IT FTEs I worked with could not have met the minimum skills/knowledge requirements in the RFP/SOWs. Frequently, the success of the project depended on a COTR or FTE that knew enough to know what he and she didn't know, and who had the insight and background knowledge to ask the right IT questions. One other aspect of the federal hiring process that needs to be understood is that the application for the job has to get through the HR gatekeepers. No matter what your qualifications, if the sections of the application are not filled in according to the gatekeeper's checklist, your resume/application will never make it past the gate. It is really important to fill in that application with the gatekeepers as your target audience. Once you get past them, hopefully your resume/KSAs will speak for you.

Fri, Sep 11, 2009

I don't know where this supposed IT professionals shortage is. Whenever we announce for any GS-2210 vacancy, we get swamped with beaucoup well qualified applicants. OPM has had direct hire authority in place for IT types with a security background since 2003, but there is also no discernible shortage in this specialization area either. Our hiring managers can afford to be very picky, as this has long been an occupational buyers' market. There seems to be a serious disconnect here between perception and reality.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above