, ,

Maine CIO Talks Cybersecurity Recruiting, Hiring, Partnerships

This Q&A is part of a new GovLoop series called “CIO Conversations.” Throughout 2018 we’ll feature conversational interviews twice a month with current and former federal, state and local chief information officers to get to know the people behind the titles. You’ll learn about the perks and challenges of their job, how they ended up in their current position, what’s top of mind for them, how they’ve rebounded from setbacks and more.

Connecting with the right job candidates can be one of the most challenging aspects of the recruitment and hiring process, especially when attracting highly in-demand cybersecurity professionals.

For Maine CIO Jim Smith, he isn’t just looking to woo talented, mid-career and senior professionals to work for the state. He is relying heavily on better branding and a structured and professionalized internship program that led to the state’s Office of Information Technology (OIT) hiring 78 percent of its interns. Interns are assigned mentors and given hands-on, impactful work to do, Smith said.

In addition to hiring stellar candidates, the state is also focused on partnering with organizations across Maine and even outside the state. “I think one of the great things in the state is that you can really share with other states, Smith said. “We’re not in competition so we work together”.

Over the past two years, Maine has participated in a  consortium of states with Mississippi, Rhode Island and Connecticut to share and build an unemployment insurance system. Mississippi had an existing system that the group used to serve multiple states, making it a multi-tenant, cloud-based system where states can use common software.

GovLoop recent sat down with Smith to talk about projects that are top of mind for his team, as well as the state’s success in recruiting and hiring budding IT talent.

GOVLOOP: What issues or projects are currently top of mind for you?

SMITH: On the risk side, probably every conversation starts with cybersecurity, whether it’s here at the state or [in] private industry. We turn away millions of attacks and probes per day. It’s a constant battle, and we work to keep software up to date, to train and test employees on cybersecurity, and to stay current with the industry. But it certainly never ends. The challenge is always there.

On the project side, I think it’s really always interesting when you’re in a state environment. In Maine, we have 16 agencies, which to our centralized IT shop is like 16 different lines of business. There’s always something interesting going on from the state police using drones, to the Internet of Things to cloud and SAS partnerships. 

GOVLOOP: The state’s 2014 five-year plan showed that the department anticipated 86 employees with over 1,600 years of IT experience leaving. How accurate were those projections, and how is the state responding?

SMITH: Unfortunately, they are accurate and we’re looking at about 24 percent of our IT workforce eligible for retirement, so that really hasn’t changed. The only thing that’s changed is we are seeing the retirements we predicted come into being. Some of the steps we’ve taken are [we’ve] built a pathway [through] our intern program. We ensure they have the technical skills before we bring them on. Interns have joined as analysts, developers or joined our service center or desktop techs or even cyber. And a good percentage of that, over 70 percent of the interns have become full-time employees.

The second thing when we’re thinking about steps to address is branding. States have really interesting jobs. What we’re trying to do is get that information out there. You can do anything from helping with technologies in prisons to learning about radio towers to maybe building mobile applications for game wardens. So we want people to understand the possibilities, especially, people like interns or someone just entering the workforce.

We’re expanding our reach. In the last couple of years, we started using social media [and] national job boards to start reaching candidates. We saw the number of applications for IT jobs jump about 25 percent when we started advertising nationally. The last thing is we really increased our reach out to veterans. It’s a little tricky because sometimes there’s not a list of returning veterans, so you’ve got to work with different agencies and understand where they are. But we see in the veterans really, there’s a maturity, there’s a strong work ethic, and a lot of times they have some IT background and they just need some refresher courses. We’ve partnered with our State Department of Labor and Veteran’s Affairs to find veterans, so that’s worked out pretty well for us.

GOVLOOP: What other innovative hiring approaches is Maine using? 

SMITH: All the states are struggling with this, and not only the states but all the private industries. We’re sort of all in the same scenario. Recently, I was at a meeting here in Maine with the CIOs from every major Maine company, and every one of them got up and the first thing they said was, ‘I can’t find the cyber resources.’ Interesting, their approach is they’re starting to build their own. They’re saying we can’t find them in the industry anymore. We’re going to take younger employees or other employees and start to train them.

We have about 1.3 million people here. We may have more moose and lobster than we have people. It’s easy to reach out and network with people from other organizations that build those partnerships. And cyber is one of those things we can build a partnership [around]. We created the Maine Cyber Security [Cluster] a couple of years ago to help us work together on cyber, and it’s a membership of people from private industry, and the universities, and National Guard, and the State Emergency Management Association and the state.

Through the university we created something called the Cyber Security Lab, which is really for students and private industry to go in and test cyber solutions and test different viruses in a secure environment. And one of the nice things we’ve seen when we created that lab, we saw a nice uptick in the university students majoring in cybersecurity because all of a sudden they could touch it, play with it, and it became real for them, and it generated some interest.

The last thing I’ll mention on this is we’re working with sort of the same group to create a Maine Cyber Security Apprenticeship Program. Maine companies are spending money right now trying to train their own, so why not create a unified approach to that? And the apprenticeship is really an earn-while-you-learn type of thing. So you have a formal training program, but you also employ the person, and they work for you part-time. So we’re pretty excited that that might help with the pathway.

GOVLOOP: When will you stand up this program?

SMITH: I’m just in the conversations now, so something in the next couple months, I think. I’ve got eight or ten companies saying, ‘Yeah, we want to be a part of this.’

GOVLOOP: What companies are you working with?

SMITH: Well, [we’ve] got L.L.Bean, which is a retail company. [We’ve] got different companies that are financial companies. I’ve got the hospitals, which have an association in Maine. It crosses quite a spectrum of industries, but people have common issues and challenges they’re trying to address.

GOVLOOP: To what do you credit the success of Maine’s OIT internship program?

SMITH: We started our technical intern program several years ago, and I hired a Director of Workforce Development to start that. She has a lot of enthusiasm. They had an intern program before that, but it was generally about young people looking to get involved in government, and we were really looking for the young technologists, so we sort of started our own sub-intern program. And we decided early on we wanted the program to be professional, to give students a great opportunity, and to really find future employees. That wasn’t the only reason we did it, but that was part of the reason.

First, we made sure the candidate is a fit. And we do group interviews just as if we were hiring a regular FTE, and so we treat it very professionally. We give them very meaningful work. They’re not making copies or anything like that. They’re developing production code or contributing to cybersecurity or learning about data analytics, so we really give them meaningful work.

One of the things I think that differentiates us is we really have a strong mentorship program. We carefully select our mentors. Not every employee becomes a mentor around here. We want people that really have enthusiasm and want to share what they know with the younger generation. And we’ve put together a manual, How to be a Mentor, and we follow up with people, make sure that mentorship is really working well. That’s really how interns feel like they’re part of the organization, and why so many of them come back and say, ‘I’m comfortable here, and I want to work here.’

GOVLOOP: If you were not a CIO, what would you be and why?

SMITH: I struggle with this question a little. I really can’t envision another career. I think, what other career could give you the window on the world to see how people use their smarts and creativity to solve problems? I really can’t envision another career path. Maybe I’d be an innkeeper, but I’ve thought about this before and I’ve had so much fun in this career and been so satisfied, I just can’t think of another one.

Leave a Comment

Leave a comment

Leave a Reply