DHS announces major customer experience hiring initiative

CIO Eric Hysen explains the new hiring spree and tells FedScoop that DHS is pivoting away from a CMMC-like rulemaking approach to vendor cybersecurity.
Department of Homeland Security Chief Information Officer Eric Hysen speaks at FedTalks 2022. (Image credit: Pepe Gomez / Pixelme Studio)

The chief information officer of the Department of Homeland Security Wednesday announced a hiring spree as the agency looks to bring in further product management, customer experience and design expertise.

The hiring initiative will be an agency-wide effort to fill roles that are critical across all of DHS’s teams and bureaus, Hysen said at the FedTalks tech conference Wednesday, hosted by FedScoop.

“We’ll be launching department wide for two different skill sets, both product management, as well as customer experience and design will have open applications that will allow anyone to apply once for positions all across the department,” Hysen told FedScoop during an interview.

“Overall, we’ve seen that we really need a significant increase in customer experience and design skill sets across our federal workforce. This is something that started out as an OMB effort to do a government wide hiring push at the GS-13 team level last year that we’ve started to hire off of and we’re now expanding at the GS-14 and 15 level,” he added.


Hysen also said the DHS is pivoting away from the Defense Department’s Cybersecurity Maturity Model Certification, or CMMC rulemaking approach when it comes to implementing vendor cyber due diligence assessments and software assurance processes.   

“We don’t want to reinvent the wheel, we don’t want to make things more confusing for industry but we ultimately learned that CMMC was not the exact right model for us,” said Hysen. 

“So we’re exploring and looking at some different alternatives. Now, we’re not on the cusp of rolling out anything anytime soon but we’re continuing to work with industry on this,” he added.

DHS announced last April that it is developing a supply chain risk management program in the wake of the SolarWinds cyberattack and the ensuing Zero Trust initiative. 

The agency was initially looking to pilot the DOD’s CMMC approach within DHS’s vendor base, Hysen said during FedScoop’s IT Modernization Summit last year.


The department wants to implement vendor due diligence assessments and software assurance processes to understand the provenance of commercial off-the-shelf products before they’re purchased and used.

Hysen said the decision to move away from CMMC model was informed by DHS sampling its vendors earlier this year with a self-assessment questionnaire to evaluate their overall cyber-hygiene risk.

“One of the things we have learned is that we have a different type of vendor base. So we rely heavily on small innovative non-traditional businesses across all parts of the department,” said Hysen.

“And we need to make sure that we have a model that is not overly burdensome on them, that doesn’t lock us down or prevent us from working with those small and innovative businesses that are critical to our success,” he added.

Latest Podcasts