The Office of Personnel Management wants to create a database of federal cybersecurity positions that it hopes will help agencies identify potential gaps in their high-tech workforces.
A new memo from acting OPM Director Elaine Kaplan directs agency managers to collect, review and submit data by the end of fiscal 2014 on their existing positions and future cyber-hiring needs.
“This new databank will enable agencies to identify and address their needs for cybersecurity skill sets to meet their missions,” Kaplan wrote in the memo to agency heads.
Creating the new database will require agencies to do a bit of housekeeping in terms of job classification, though. Kaplan directed HR and IT managers to update their cyber job classifications using new definitions established in a framework created by the National Initiative for Cybersecurity Education (NICE).
“This particular work function has extensively changed over the last decade, and these revisions provide consistency and a common language in describing the skill sets needed to perform the work successfully,” the memo stated.
OPM is collaborating with White House Office of Science and Technology Policy, the Chief Human Capital Officers Council and the Chief Information Officers Council to implement the project. The Obama administration has made reducing critical cyber workforce gaps one of its top “cross-agency” goals.
While the report indicated a majority of cyber professionals have more than 10 years until they actually become retirement-eligible, a sizable percentage of the participants of the survey were eligible within the year, according to the report.
“This potential loss of experienced personnel can lead to a shortage of skilled employees and place a greater burden on the existing cybersecurity staff, as well as seriously affect the daily operations of the federal government,” the report concluded.
Under OPM’s new project, agency managers will have to create action plans, including meeting quarterly milestones, to meet the “fast-paced” end-of-2014 goal, Kaplan said.
Among the new requirements:
Agencies will have to review existing cyber positions to make sure they meet the new definitions established by the NICE framework.
Agencies should review all positions in the IT Management 2210 Occupation Series as well as positions in the Computer Specialist 0334 Occupation Series.
By the end of March 2014, agencies should have reviewed and coded at least 60 percent of their positions in the 2210 and 0334 occupation series and begun to include any other positions where cyber work is performed.
By the end of fiscal 2014, agencies should have reviewed and coded at least 90 percent of those positions.
The cyber workforce report from earlier this year indicated agencies may be having trouble onboarding new cyber recruits. Only about 5 percent of the federal cyber workforce is made up of people under 30, the report found.
The creation of the database could eventually help also bolster agencies’ cyber-hiring goals, OPM said.
“As new and future positions performing cybersecurity work are classified after FY2014, the agency’s special action plan will be assimilated into the agency’s hiring and position classification processes,” Kaplan’s memo stated.
In recent years, OPM has worked to better define the role of cybersecurity workers. While it declined, in 2011, to make cyber its own career series, OPM, along with the CIO Council, worked to develop competency models for cyber workers and to settle on common definition of the role.