The Department of Homeland Security is poised to go on a geek hiring spree.
DHS Secretary Janet Napolitano announced Thursday that the agency has been cleared to hire at least 1,000 new cybersecurity professionals over the next three years to fill staffing gaps at various DHS agencies.
"This new hiring authority will enable DHS to recruit the best cyber analysts, developers and engineers in the world to serve their country by leading the nation's defenses against cyber threats," Napolitano said.
According to Napolitano, the department will look to fill "critical cybersecurity roles," including "cyber risk and strategic analysis, cyber incident response, vulnerability detection and assessment, intelligence and investigation, and network and systems engineering."
The DHS secretary made the remarks at a press conference Thursday to kick off National Cybersecurity Awareness Month. Interestingly, Thursday also marks the target date for the launch of the new U.S. Cyber Command (USCYBERCOM), according to a blog post from a group that includes Richard Clarke, the former special advisor to the president on cyber security during the Bush administration.
The Cyber Command is supposed to oversee government efforts to protect the military's computer networks, and potentially also assist in protecting the civilian government networks. The head of the Cyber Command will be National Security Agency Director Lt. Gen. Keith Alexander.
I mention the new command because some Beltway insiders believe a hiring frenzy currently underway at that upstart command could make it difficult for DHS to hire cyber security experts with the right in-the-trenches experience. Alan Paller, director of research at the SANS Institute, a cyber security research and training group based in Bethesda, Md., said the NSA has been aggressively poaching the best cyber security experts from the major defense contractors of late.
"The NSA is already stealing every human being from the other side, so there is no space for [DHS] to hire," Paller said. "They're going to have a helluva time getting people who are technically skilled -- not at just writing about cyber security -- but actually doing it."
Incidentally, the SANS Internet Storm Center is once again publishing a new cyber security tip each day of the month, in keeping with their annual observation of Cyber Security Month. Definitely worth a read.