Under siege for letting their platforms be co-opted by Russian hackers during the 2016 election, Silicon Valley companies are learning what many businesses with interests in Washington have long known: It pays to have staff with government security clearances.
Bringing former government cyber warriors on board at companies can facilitate interactions with US agencies like the NSA or CIA as well as help the firms understand how to build stronger systems on their own.
“They have the tradecraft,” said Ronald Sanders, a former associate director of the Office of the Director of National Intelligence and now director of the school of public affairs at the University of South Florida. “And the trade craft is some of the best in the world.”
One shared lesson from the 2016 election attacks and high-profile breaches at companies such as Sony Corp and Equifax Inc, analysts say, is that companies need to be more proactive in boosting their security.
“You have to hunt threats, otherwise threats will hunt you,’’ said Eric O’Neill, a national security strategist at cyber firm Carbon Black. O’Neill is also a former FBI agent and national security lawyer who worked on security clearances.
Finding skilled employees who come with clearances isn’t easy, and companies have to be prepared to spend more money to lure them.
The average annual salary for a systems engineer working for the US government with a security clearance is about $119,000, according to the latest compensation report from ClearanceJobs.com. And recruiting from the Central Intelligence Agency may the most expensive of all, with the average security-cleared employee earning $121,000 compared with about $101,000 from the Department of Energy, according to the report.
To get their clearances, applicants for government jobs first fill out a standard form, known as the SF-86, that requires listing every residence where the person has lived going back 10 years, including the name and current contact information for a “neighbor or other person” who knew them at that location.
Then they do the same for every job they’ve had over a decade. If the applicant was ever fired from a job, or left because of unsatisfactory performance reviews, they have to explain that in detail. Are they divorced? If so, they have to spell out where records of that separation can be found.