Government ‘not cool enough’ for the best cybersecurity talent, admits MoJ

Recruiter says best white hat hackers see gov as a "monolithic monster"

Cabinet Office

The creme de la creme of cyber security talent don't think working in government is "cool", according to an internal recruiter at the Ministry of Justice (MoJ).

In a blog post, the recruiter said that he had interviewed his 10th candidate in three months for a security engineer role, but lamented the fact that security-minded people who can think originally don't perceive working in Whitehall as cool.

The MoJ recruiter said that these people had good reason too, as they see some government IT to be a "massive legacy monolithic monster", which he admitted was "partially true".

However, he said that the perception that if they were to work for government, they would "forever be in a dank corner, trying to troubleshoot memory issues in some mid-90s middleware, and be valued by how many colour-coordinated reports they can churn out" wasn't true.

The recruiter said that the MoJ had taken different approaches to hiring in a bid to attract the right talent, but as the interview process went on, the department was left underwhelmed with many of the candidates' answers.

However, the recruiter didn't blame the candidates entirely. "Of the countless years of experience they have, with hundreds of assessments they have done, they know to deliver a template report that looks like a list of results from an automated scan," the recruiter explained.

"Their client expects it, which means their risk team is happy, everyone's backs are covered and everyone gets paid. Happy days".

But the recruiter emphasised that this is not what the MoJ is looking for - it wants people who have ethically hacked systems to hack the MoJ's own computers.

"We expect a combination of consulting and architecting, with a massive entree of penetration testing ability, preferably with a niche area of expertise in networking or crypto or web application development. Real stars in the field!" the recruiter said.

The MoJ's changed approach to try and advertise in areas where its intended audience engages, such as Hacker News, did work to some extent, with the recruiter claiming that the MoJ found some "solid midlevel folk, with experience and understanding, who could've easily progressed to the senior role in a few months".

But the department's recruitment process was exacerbated when private sector firms swooped in and hired all of these people.

The MoJ recruiter said it was now up to the government to incentivise these talented people with flexibility both in terms of where they work and what hours they work.

"They already have the expertise to know what goes in a good policy and what broken guidance looks like. Let us show them how their efforts can make a difference."

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Podcast Transcript: What’s so hard about public sector IT?
public sector

Podcast Transcript: What’s so hard about public sector IT?

3 Dec 2021
The IT Pro Podcast: What’s so hard about public sector IT?
public sector

The IT Pro Podcast: What’s so hard about public sector IT?

3 Dec 2021
Majority of UK's top business leaders are failing to manage supply chain security risks
supply chain management (SCM)

Majority of UK's top business leaders are failing to manage supply chain security risks

16 Nov 2021
HPE inks $2 billion high-performance computing deal with the NSA
high-performance computing (HPC)

HPE inks $2 billion high-performance computing deal with the NSA

1 Sep 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021