DHS creates Cybersecurity Service similar to DOD’s Cyber Excepted Service

DHS has established a system to hire cyber personnel in excepted service roles with their own qualification requirements and that are not subject to rules of traditional competitive service positions.
Department of Homeland Security, DHS
(U.S. Customs and Border Protection / Flickr)

The Department of Homeland Security has created the DHS Cybersecurity Service, a new way to hire and manage cybersecurity professionals outside of traditional civil service requirements.

DHS announced the Cybersecurity Service as part of its long-awaited Cyber Talent Management System in an interim final rule published Thursday in the Federal Register.

Personnel hired to the DHS-CS will take what the department is calling qualified positions — excepted service roles with their own qualification requirements and that are not subject to the appointment, pay, and classification rules of traditional competitive service positions, based on special hiring flexibilities. The Department of Defense has its own Cyber Excepted Service initiative based on similar hiring flexibilities to make itself more competitive and quick in hiring and managing civilian cybersecurity talent to its forces.

“The goal of the DHS-CS is to enhance the cybersecurity of the nation through the most effective execution of the DHS cybersecurity mission,” the rule says. “DHS will use [the Cyber Talent Management System] to hire, compensate, and develop DHS-CS employees to reinforce the values of expertise, innovation, and adaptability.”


DHS was granted the authority to create a new personnel system for cybersecurity in 2014. What came out of that was the Cyber Talent Management System, an “agile and innovative personnel system” that better equips DHS to “compete for cyber talent with the private sector — speeding up the hiring process, attracting talent from non-traditional educational backgrounds, using innovative tools to assess applicants, and offering more flexible performance-based compensation.”

When finalized, the rule will allow DHS to hire cybersecurity personnel at salaries based on their skills, up to $255,800 —the vice president’s salary. That, however, can be overridden in special circumstances, with an “upper limit of 150 percent of EX-I ($332,100 in 2021),” the rule says.

“To invoke the extended range for specific DHS-CS employees, the Secretary must determine based on the CTMS compensation strategy, that the employee’s qualifications, the employee’s mission impact, and mission-related requirements warrant adjusting the employee’s salary beyond the standard range,” says the rule.

On a new recruitment webpage, DHS also touts the Cybersecurity Service’s career development approach. “DHS Cybersecurity Service employees are encouraged to keep their skills sharp and remain aware of emerging technology and threats through regular training opportunities,” it says, adding that employees will “participate in a range of classroom and on-the-job learning activities based on their current responsibilities, skills, interests, and career goals.”

DHS received $62 million between fiscal 2014 and 2021 to design and build the Cyber Talent Management System and Cybersecurity Service. For fiscal 2022, it has requested $16 million to finally launch and administer the programs. The department also hopes to hire 150 cyber professionals using the system.


The interim final rule officially takes effect Nov. 15 and is open for public comment until Dec. 31.

Other organizations including the Partnership for Public Service are working on improving the pipeline of cybersecurity talent into federal government. Earlier this week the nonprofit announced the second cohort of participants in its cybersecurity talent initiative, which aims to improve knowledge sharing between the private and public sector.

Note: This article was updated to include details of the Partnership for Public Service’s cybersecurity talent initiative.

Latest Podcasts