Government ‘not cool enough’ for the best cybersecurity talent, admits MoJ

Recruiter says best white hat hackers see gov as a "monolithic monster"

The creme de la creme of cyber security talent don't think working in government is "cool", according to an internal recruiter at the Ministry of Justice (MoJ).

In a blog post, the recruiter said that he had interviewed his 10th candidate in three months for a security engineer role, but lamented the fact that security-minded people who can think originally don't perceive working in Whitehall as cool.

The MoJ recruiter said that these people had good reason too, as they see some government IT to be a "massive legacy monolithic monster", which he admitted was "partially true".

However, he said that the perception that if they were to work for government, they would "forever be in a dank corner, trying to troubleshoot memory issues in some mid-90s middleware, and be valued by how many colour-coordinated reports they can churn out" wasn't true.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The recruiter said that the MoJ had taken different approaches to hiring in a bid to attract the right talent, but as the interview process went on, the department was left underwhelmed with many of the candidates' answers.

However, the recruiter didn't blame the candidates entirely. "Of the countless years of experience they have, with hundreds of assessments they have done, they know to deliver a template report that looks like a list of results from an automated scan," the recruiter explained.

"Their client expects it, which means their risk team is happy, everyone's backs are covered and everyone gets paid. Happy days".

But the recruiter emphasised that this is not what the MoJ is looking for - it wants people who have ethically hacked systems to hack the MoJ's own computers.

"We expect a combination of consulting and architecting, with a massive entree of penetration testing ability, preferably with a niche area of expertise in networking or crypto or web application development. Real stars in the field!" the recruiter said.

The MoJ's changed approach to try and advertise in areas where its intended audience engages, such as Hacker News, did work to some extent, with the recruiter claiming that the MoJ found some "solid midlevel folk, with experience and understanding, who could've easily progressed to the senior role in a few months".

Advertisement - Article continues below

But the department's recruitment process was exacerbated when private sector firms swooped in and hired all of these people.

The MoJ recruiter said it was now up to the government to incentivise these talented people with flexibility both in terms of where they work and what hours they work.

"They already have the expertise to know what goes in a good policy and what broken guidance looks like. Let us show them how their efforts can make a difference."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/government-it-strategy/28305/ir35-news
Policy & legislation

Government announces review of IR35 off-payroll changes

8 Jan 2020

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020