MoJ Struggling To Attract ‘Cooler’ Cyber Security Staff

houses of parliament

Government is losing top talent because ethical hackers don’t want to work for it, writes a senior recruiter

The Ministry of Justice (MoJ) has been forced to take unusual steps to attract security engineers in the face of perceptions that working for the government isn’t “cool”, according to a senior security leader at the department.

A new blog post, published anonymously, described the frustration of recruiting for the role of security engineer role at MoJ Digital and Technology, and finding that most of those who applied were only capable of delivering a “templated report that looks like a list of results from an automated scan”.

‘Ethical hackers’

hacking with a laptop in hotel room

“This is not what we are looking for,” the recruiter wrote. “We want people who have ethically hacked systems to hack our systems.”

Rather than hackers willing to be ethical, the MoJ said it found most candidates to be “ethical folk (who) want to hack”.

The department turned to advertising in venues used by more technically minded or academic researchers, such as forums, Internet Relay Chat (IRC) channels and conferences.

That resulted in interest either from top talent abroad who couldn’t relocate or from promising mid-level individuals who were quickly snapped up by industry, the MoJ said.

“We all know how much more rewarding it is to secure an investment bank over the justice system (not!),” the recruiter wrote.

‘Not cool’

The experience of interviewing 10 candidates in three months showed that “security-minded folk who can think originally still don’t think working for government (which is not all about intelligence agencies) is cool”, according to the recruiter.

The department concluded that it’s necessary for government agencies to provide a flexible environment where people capable of unconventional thinking can “put to use what they’ve traditionally done purely for the kicks”.

It advocates giving talented staff “nearly” free reign and allowing them to “shape security practices… along the lines they feel comfortable”.

Such practices could help to change the perception that government IT is a “massive legacy monolithic monster (partially true)” where engineers are valued only for “how many colour-coordinated reports they can churn out (not true)”, the recruiter wrote.

Turmoil

Central government IT is currently in the midst of broad-ranging shifts amidst troubled shared services centres projects and budget pressures.

Last month’s departure of Government Digital Service (GDS) executive director Stephen Foreshew-Cain was taken by some industry observers to reflect a confused and fragmented government digital strategy.

Such speculations prompted the GDS’ new head to say there were no plans to break the service up.

Are you a security pro? Try our quiz!