Employers say a variety of factors are contributing to the shortage: The cybersecurity field is fast-changing, so it’s difficult to find people with the most up-to-date skills. And while government and commercial clients may have pulled back in some areas, contracting firms said these clients have continued to focus heavily on cybersecurity because it is such an essential function. Therefore, few of these workers are being cut loose from their jobs and seeking new positions.
Foreground Security, which has an office in Herndon, has taken an aggressive approach to hiring cybersecurity professionals as it has scaled its workforce to 120 employees from 45 in the past year.
“I decided I can’t keep chasing this the same way everybody else is,” Amsler said. “So we decided that we’re going to build our own talent.”
Foreground acquired a training company called Cyberspann to build what it calls “Foreground Security University,” a three- to six-month program in which entry-level employees or interns learn to do more advanced cyber work.
Reston-based Leidos, which has a cyber division that pulls in $700 million a year, said that a critical part of its cybersecurity talent strategy has been to go after recent college graduates, even if they aren’t as experienced.
In part, that’s helpful because they don’t command as high a salary, said Sam Gordy, general manager of the integrated systems group within the company’s national security sector.
But, Gordy added, “The real benefit, from my perspective, is these kids are coming out with the cutting-edge knowledge.”
Over the past two years, the company, which recently separated from Science Applications International Corp., has tried a variety of tactics to lure cybersecurity workers. In particular, it has an effort it refers to as the “I-95 Campaign,” in which it has invested in building relationships with schools in that highway corridor, such as the University of Maryland’s Baltimore campus. It also has put up billboards near military bases. In the past two years, the team has experimented with commercials, e-mail newsletters and social media to trumpet that it is hiring for cybersecurity workers.
Additionally, Leidos has a sourcing team that works solely on developing an internal pipeline for more senior cyber positions.
“We don’t have our feet up,” said Chris Scalia, sector talent acquisition director.
Once they find and hire cyber professionals, employers say it is equally difficult to retain them. Unsurprisingly, competitive compensation remains a central part of their strategy for keeping top talent.
But, “if the only way you can keep people is to stay a dollar ahead of your competition, you’ll have terrible turnover,” said Sam Visner, head of cybersecurity of Falls Church-based Computer Sciences Corp.
Visner and other talent professionals said that they find the promise of further training and new challenges is often the most effective way to hang onto these workers.
At CSC, for example, workers can attend brown bag lunch events and townhall meetings to support their professional development, and they are encouraged to take up extracurricular projects that will help them learn new cyber skills.
“A lot of our people are really just hooked on the work,” Visner said, and so it’s important to provide opportunities to immerse themselves in it.
At Altamira, a McLean-based company that does cybersecurity work, employees are given the opportunity to seek funding and pursue their own research and development projects within the company, according to Chief Strategy Officer Craig Parisot.