
Hackers Wanted: An Examination of the Cybersecurity Labor Market (2014) [pdf] - bricnbrac
http://www.rand.org/content/dam/rand/pubs/research_reports/RR400/RR430/RAND_RR430.pdf
======
sarciszewski
Meh. If the US federal government really needs cybersecurity professionals,
they probably ought to stop doing things that generally scares hackers away
from working with them:

    
    
        - Spying on everyone
        - Invoking the CFAA on ToS violations (Lori Drew, Andrew Auernheimer)
        - Copyright zeal
        - Persecution of computer hackers (Aaron Swartz, Lauri 
          Love, Glenn Mangham, Jonathan James, Stephen Watt, et al.)
    

I don't see them tipping their hand anytime soon. I certainly won't work for
them until they do, and the most skilled technologists I know are on the same
page.

------
pasbesoin
When your fundamental technology/approach are the rubber hose and the lead
pipe (at will, "because we can", might is right physical intervention -- I shy
away from using the tarnished term "legal"), you've already set the tone of
your pitch -- intended or not -- to something unattractive to the best of this
industry.

------
fapjacks
The document touches on something that I think is profound and prescient,
about the future of government in the face of tech: Giant, monolithic
government may not be sustainable as technology enables more and more direct
personal involvement of all kinds of activities. If I can use an app to
connect me directly with someone in a car to get a ride home, why can't I use
an app to connect me directly to the approval process for a bill? Or directly
to an appropriations decision? I don't think government will become
irrelevant, I just don't think it will survive in the form we've always
recognized. As the government begins to thin out under the influence of
decentralization and democratization, the need for "20,000 to 40,000" federal
cybersecurity employees begins to dwindle.

------
killnine
I personally have difficulty finding postings. While my resources do include
the normal hiring places, I find that both the amount of "cybersecurity" posts
in the normal places and the amount of "cybersecurity"-geared hiring places,
are surprising low.

Maybe my difficulty lies in my perceived demand quantities versus postings I
find.

With every HN Whos Hiring thread, I tell myself I need to write a tool to
filter the posts based on buzz words, because scanning hundreds of the job
openings for "security", "penetration", and the like is a major pain.

------
indrax
>Early in our work we discovered that there was a broad consensus on a
perceived shortage of cybersecurity professionals. The argument goes as
follows. Everyone wants better protectors in cyberspace. Good people are
snapped up quickly, and the best people tend to jump from employer to
employer, with each move bringing an upward ratchet in compensation.

This also applied to Beanie Babies.

