Staying two steps ahead

By Myles Copeland

Thursday, January 18, 2018

Sandia going all-out to recruit top-tier cybersecurity talent

Sandia going all-out to recruit top-tier cybersecurity talent

SANDIA cybersecurity professional Wellington Lee says, “We have to be thinking two steps ahead of the adversary. We have the duty and obligation to do our jobs really well.”

Wellington Lee loves his job.

He loves it so much that when it’s over he does it on weekends, at his house, for hours on end, with friends, for fun.

Wellington is a cybersecurity professional at Sandia. “As a national lab and DOE facility, we’re on the forefront of cybersecurity,” says Wellington. “We have to be thinking two steps ahead of the adversary. We have the duty and obligation to do our jobs really well.”

When that demanding workweek ends, Wellington competes in capture-the-flag cybersecurity challenges as a member of Plaid Paliament of Pwning, a team from his alma mater, Carnegie Mellon University. Contrary to stereotype, Plaid teammates don’t swill Monster all night while talking on headsets, preferring instead to share snippets of code via Slack. According to, Google’s top search result for “capture the flag rankings,” the team is ranked ahead of Tawainese squad “217” for tops in the world.

“It is insanely gratifying,” Wellington says of the competitions. “When you solve a challenge, it feels really good.”

A worldwide shortage

Wellington seems to be exactly the person David White describes when asked what makes a good cybersecurity employee. “People who have a passion for not letting things go unsolved,” says David, director of Sandia’scybersecurity organization. “There are people who take it as a personal challenge, like life can’t go on without solving that challenge.”

Wellington’s qualities are needed in large quantity. A worldwide shortage of 2 million cybersecurity professionals looms by 2019, according to a November 2017 Washington Post article. The national labs are competing to fill these positions amidst exponential growth in demand stoked by news-making breaches at companies like Equifax.

“The demand for cybersecurity, I don’t see it going away,” says Talent Acquisition Operations and Workforce Planning manager Chuck Maheras. “Whether you are Dillard’s, a retail store trying to protect PII [personally identifiable information] on credit cards, the government, computing giants like Microsoft and Google, or a national security laboratory, there’s an insatiable demand for this talent across all industry segments.”

“We’ll go to universities,” says David, “and the entire master’s class has been hired by Google.”

To address this challenge, Labs leadership has identified cybersecurity and computer science recruitment and retention as a focus for 2018, and Sandia’s Staffing and Recruiting Team is collaborating with hiring managers from different organizations Labs-wide to target appropriate skillsets and speed hiring.

“Rather than letting hiring managers go it alone, we are bringing together a team from across the Labs’ programs that most often hire cybersecurity positions,” says Human Resources director Rob Nelson. 

Pooling resources

CYBER STRATEGIES — Annie Hanawalt, David Martinez, and Carol Manzanares of Sandia’s Talent Acquisition organization discuss the Labs’ cybersecurity personnel staffing requirements.

Under normal circumstances, a hiring manager will work with human resources to advertise, review applications, and conduct interviews for one vacant position in the manager’s area. With cybersecurity’s importance across Sandia’s programs, resources are being pooled to swiftly collect and review applications, then interview and hire candidates. Universal job requisitions have been created for cybersecurity and computer science positions, allowing for continuous recruitment for all positions in those disciplines. A team of managers from across the Labs reviews all cybersecurity applications and routes them to particular hiring managers whose needs match the applicants’ skills.

“It’s about continuously providing a pool of qualified applicants to managers for immediate and ongoing needs,” says Carol Manzanares, Talent Acquisition and HR Strategies senior manager, whose team, including Chuck, partners with managers to recruit and hire. 

For managers accustomed to being involved in the hiring process from start to finish, this is an innovative approach aimed at reducing the time it takes to hire. Since assuming her position a year ago, Carol has made changes that have optimized the Talent Acquisition structure and placed a focus on workforce diversity, customer intimacy, process efficiency, and integration and data analysis. These changes are designed to cut the hiring cycle times for all positions at Sandia through improved operational effectiveness and create a better understanding of hiring managers’ business needs.

“Cyber is the perfect example of why we need to be agile and at the ready,” says Carol. “We need to be able to identify and address the next cybersecurity-like recruiting challenge before it happens.”

“We are leveraging our recruiting resources to work for the overall needs of the Labs, rather than one center or one division,” says Talent Acquisition manager Margaret Quinn, another member of Carol’s team. “It’s somewhat of a paradigm shift.” 

Looking at the whole person

While Sandia’s cybersecurity positions require US citizenship and typically a master’s degree, the Labs’ 2017 removal of grade-point average requirements from recruiting consideration has created opportunities with some technically qualified candidates.

“We would find students who were exceptional in math and science but maybe bombed history,” says David. “Not having the GPA criteria can help us to identify them.”

“We haven’t lowered standards,” Carol says. “We’re looking at the whole person — the background, the diversity, the experience. As a national lab, this encourages the diversity of perspectives essential for our success.”

With limited candidates and stiff competition, Carol’s team is working with managers to improve the applicant experience. Recruiting manager David S. Martinez, who joined Sandia from Intel last fall, found that cybersecurity candidates were being asked to complete a three-page, essay-question intake. 

“We’re going to lose strong external talent with long, extended questionnaires, so we engaged with hiring managers to understand, what are the four or five areas that are most important,” says Carol, indicating the intake has been reduced to one page of simple-choice questions.

Understanding managers’ business is essential to the ability of Carol’s staff to anticipate and meet burgeoning challenges, like those presented by the global cybersecurity gap.

“There’s an increased focus on customer service and understanding the customers’ business,” says Staffing manager Annie Hanawalt. “We’re not just taking an order [for a position], but we want to so intimately understand that business that we are able to predict and be telling them, here’s what we see down the road.”

Quickly finding, vetting, and offering positions to candidates is part of the challenge Sandia faces in the competition for cybersecurity talent. Contending with employers who are able to offer stock options, what are Sandia’s advantages?

“It’s generally the importance of our mission, and it’s work-life balance,” says David White, explaining that cybersecurity personnel seem to maintain this balance despite critical mission responsibilities. “We have a well-managed organization. We tend to get our work done within the timeframes that we have. In general, I think the culture of Sandia is we are not trying to squeeze that extra dollar, so we are not cutting corners, which I think can be stressful.”

A peer-based approach

Wellington, who completed his master’s degree at Carnegie Mellon one year ago with financial backing from Sandia’s Master’s Fellowship program, has observed his classmates living in the world of California startups.

“Sometimes I take weekend trips to visit them, and they need to go into work on Sunday morning,” says Wellington. “It seems a lot more stressful than what I am facing personally. Cybersecurity at Sandia is taken seriously. Our management is really good about giving us the resources we need.”

In addition to Sandia’s rare cybersecurity tools, Wellington touts his team’s shared “love of learning,” which is facilitated by a relatively flat organizational structure.

“It’s sort of peer-based,” David White says of cybersecurity at Sandia. “There aren’t a lot of levels to the staff. Most people come in and feel like they’re a peer immediately.”

In line with this peer-based approach, Sandia’s Talent Acquisition team has organized manager listening sessions during early 2018 to garner additional ideas for innovation.

“Talent Acquisition is changing and we want be open and responsive to great ideas from managers throughout Sandia,” says Carol.

“Sandians are smart and resourceful and able to come up with solutions,” says Margaret, who is targeting a summer retirement after a late-career move to the Labs in 2006. “I have so much faith in Sandians rising to the occasion.”