17 comments

[ 5.2 ms ] story [ 48.5 ms ] thread
I hope they pay well. At least six figures after a year or two.
The first they need to do is get rid of the 'cyber' prefix on everything. It doesn't add anything and it makes them look even more out of touch with the day-to-day realities of computer and network security than they already are.

The second thing they need to do is pay well. A solid programmer can get high five-figure or low six-figure salary at Google. This is for two reasons. First, the cost of living in the Bay Area is extraordinarily high. Second, and more importantly, solid programmers (not even rockstars, but solid, competent programmers) are valuable. Can the government make offers that are competitive with Google? After all, DC isn't a cheap place to live either.

Somehow, I don't think either of these things will happen, and this will be another bureaucratic turf war where millions of taxpayer dollars will be spent filling out forms and progress reports whilst nothing of substance will actually be achieved.

solid programmers are valuable

I wonder though if even a mediocre to weak programmer could be a solid programmer, in the right kind of organization?

It's possible, given time, for a weak programmer to become a solid programmer, but the programmer has to 1) recognize that they're a weak programmer 2) want to improve their programming ability and 3) be part of an organization that allows them to do so.

From what I've seen of government bureaucracies and the sort of people they attract, I'd be willing to suggest that none of those things (especially (3)) will be generally true of this new organization.

Ahh the government "cyber" job. This is a job where you see the problem, have the means and the desire to solve it, and are by no means permitted to actually do it.
<sarcasm> Every time I hear Janet Napolitano's voice over the airport speakers, I think to myself, "I'd really like to work for her organization." </sarcasm>
right. "it's not about the money". let's check that out:

here's the GS pay schedule, for reference: http://www.opm.gov/oca/12tables/html/gs.asp

note how you're not going to crack 6 figures until the end of your GS-14. How long does it take to get to GS-14? somewhere between 5-10 years in service, if you're lucky. if you're not lucky, you might never make it.

why so long? because advancement through grades is entirely based on time in service. there is nothing your management chain, up to the president, can do to pay you more. it would take, literally, an act of congress.

hooray! oh yeah, as a graduate with a CS degree from a good (CMU, MIT, etc) school, you will start as a GS-7 or a GS-9. which is about 40k. 2nd tier tech companies and consulting companies will start you at literally double that. if you are really good, companies like msft and amazon will start you at literally TRIPLE that.

so... how is this a choice for anyone? why does the government delude itself that it isn't about the money?

So I guess most of the 'real' work will be done by private contractors.
Well, the government has never been directly competitive on wages- things like job stability and pensions have been offered to help balance things out.

Aside from that, DoHS may not need $80k CMU/MIT grads. There is a whole middle of the pool to draw from that didn't go to CMU/MIT. They probably don't intend to develop the next SELinux as much as apply existing technology in an intelligent way.

I make a point about salary because in the article, a DHS official is quoted as saying that the retention problems are not caused by money. I claim that's BS. they're totally caused by money.

even if you go to a crappy school, if you are a solid programmer or system administrator, you should be able to walk into a tech job out of graduation for no less than $60k. I was able to get an IT job in the private sector with just a HS diploma that made more than ($40k) what new government workers with relevant skills and a 4 year degree were offered/making, and after 6 months at that job I had offers for 50% more (how long would you have to be on the GS scale to see this kind of movement? a lot longer than 6 months).

also, no more pensions for government workers (AFAIK), at least many of them. you do have essentially job permanence though, is that worth only earning 1/3rd of your potential?

the salary thing is initially okay though, cos you were broke in college so whatever, you're still broke. later, when you're 26, making $60 doing computer programming, your friends are 26, making $140 doing computer programming, and your wife looks at you and says "hey so why can Tom and Nancy have children and also live in a house instead of share an apartment with another couple?" ...

$140k with a bachelor's and 4 years experience? If you start at $60k (the number you gave first), that's like a 25% raise every year. Man, did I pick the wrong career.
numbers are based off of data from glassdoor etc, conversations with recruiters, and my personal experiences / my friends and acquaintances experiences (where those personal experiences include salary negotiations with candidates)

sorry :(

140K with 4 years experience seems really really fast to me, but if you are good at negotiation/politics, perhaps it can be done. Or if you are hired by a bubble company.
"I claim that's BS. they're totally caused by money."

I disagree. The best hackers I know HATE working for the gobertment, because they hate working for "the man", or any bureaucratic organization, and gob is the definition of bureaucracy. Being told constantly what to do, no freedom, and stupid political bosses is the main reason, not money.

Looking at some successful startups in the very recent past can easily be a counterpoint to your statement. I don't think I need to say more.
AS the Security Service official history says this is a problem in the UK and is teh major gripe for the staff
The interesting problem with "cyber security" in this country is that the field generally sucks, same with IT. The large problem is that none of it has bite.

I work for a company that contracts for the US gov. I can tell you right now that the government has its shit together. They have some very strict requirements which SHOULD be inherent knowledge to all IT organizations but it is not. The field is largely thankless. As long as people on the "business side" continue to get in the way nobody's going to want to stick around long. And on top of that you want to underpay them?

If the government wanted to crack down on security they would audit all of their contractors and drop contracts if they were out of compliance. Te business types have yet to experience this so it's not well known in the circles yet.