Since January, thousands of federal government jobs have vanished through a combination of firings, layoffs and resignations. The cuts, a part of the zealous Department of Government Efficiency (DOGE) strategy, include swaths of cyber talent.
The Cybersecurity and Infrastructure Security Agency (CISA) has lost approximately a third of its workforce, according to Federal News Network. While CISA is a major repository of federal cyber talent, it isn’t the only one.
“[It] isn’t just at CISA. It’s also at NSA. It’s also at the DoD. You’re seeing a spike in deferred resignations and retirements that are happening,” says Jeff Le, the managing principal at 100 Mile Strategies and a fellow at George Mason University’s National Security Institute.
The impact of the federal cyber job cuts is spilling over into the consulting world, too. DOGE is hacking away at contracts, and some private sector companies are laying off employees. Plus, AI is compounding the tech workforce reduction trend.
Industry layoffs are adding to the competition for open roles. A lot of people with cybersecurity expertise, not just former federal workers, are looking for their next opportunity.
While job cuts may be trending, both in government and industry, cybersecurity has long been shaped by talent restraints. The current upheaval gives savvy CISOs the opportunity to snap up federal talent and fill vacant roles on their cyber teams.
Opportunity for public sector CISOs
With the federal government pushing cybersecurity responsibility to state and local governments, it stands to reason the public sector at those levels is going to need more talent.
California, New York and Wisconsin are among several states that have launched hiring campaigns targeting people who lost their jobs to the DOGE cuts. “From a state level service point of view, I think there’s just such hunger,” says Le.
And the states and local government CISOs do have a big selling point for many people who have dedicated their careers to public service. “You can feel that same sense of service working at state and local governments as well,” says Gary Barlet, public sector CTO at Illumio. “There’s certainly a large group of people out there that states and locals could attract with just that kind of siren call.”
Federal workers’ skills are likely to translate well to state and local government albeit on a smaller scale. A Q1 2025 survey from ZipRecruiter found that 48% of former federal workers moved into other government roles, particularly within state or local governments.
They may be able to step into roles similar to the ones they occupied at federal agencies.
While smaller governments may be hungry for more cyber workers, hiring them isn’t without its challenges. “Most state governments are going to pay less than the federal government,” says Le. “That is going to be a bit of a challenge in terms of how you [get] people who are used to a certain level of compensation.”
CISOs within smaller government might have to get creative to attract former federal cyber talent to their ranks. “I’ve seen a couple of states say, ‘Hey, we’ll give you credit for time and service in the federal government towards your state service,’ which is a very attractive offer,” says Barlet. “If [you’ve] got five or 10 years of service in the federal government…that five or 10 years can be counted toward a potential state retirement.”
Luring federal talent to the private sector
In the past, the federal government represented a stable career path. Many highly skilled people spent their entire careers within the federal government. But the current shakeup makes some of that talent, trusted and honed by federal agencies, available to industry CISOs.
Federal workers may look to state and local governments as the logical next step, but private sector cyber leaders have the opportunity to attract talent with the pay and perks that come with industry jobs.
For CISOs, insider threats are a constant risk to manage. The intense vetting and high security clearances obtained by federal workers could be a significant hiring motivation. “Industry, I think, would be very excited to have this swath of potentially security-cleared talent,” says Le.
How cybersecurity leaders can best place these talents
Cyber talent is, of course, a broad term. For one, there are hands-on-keyboard technical workers and people who focus on strategic management. Where could different types of government cyber workers land in the private sector?
Technical cyber talent that has spent their time on vulnerability management and threat hunting in government could be an asset to companies offering those kinds of services. “So, if you have cybersecurity companies or vendors that are in that space, I think that will be a great shoo-in,” says Michael Lyborg, CISO at Swimlane.
These same technical experts could be valuable hires for companies that need internal cybersecurity resources. “Commercial organizations that may not be as robust in testing their software, their platforms, their operations – with availability of the federal cyber experts that are now hitting the street, this may be a great time for them to actually hire and shore up their resources,” says Chris Coligado, executive vice president and federal market lead at Fedstack.
Cybersecurity professionals with years, or even decades, of experience could be valuable hires precisely because they understand the inner workings of the government. “I got brought into a company specifically because of my government background and my government knowledge,” Barlet shares. He was a federal CIO and Air Force cyber operations officer before making the switch to the private sector.
Enterprise CISOs can also benefit from non-technical cyber talent. Consulting firms that offer management, technology and policy services, for example, could tap their expertise. “These guys could be great advisors that can augment the team,” says Coligado. “They [companies] could really benefit from very strong policies and standards that’ve been honed in the government space.”
While DOGE is cutting federal contracts, that doesn’t mean there won’t be opportunities for new ones. DOGE’s purge of federal workers runs the risk of overcutting. The workers left behind in cybersecurity roles may not have the skills necessary to do the work, which may open the door for new contracts. “They’re going to need partners to help them upskill if they’re actually going to stay behind and do the work,” says Coligado.
Vendors looking to pitch their services to the current administration could benefit from hiring people who have firsthand experience and knowledge of how federal agencies do their work and engage with contractors.
Better pay and more benefits are the obvious appeal of making the jump from government to the private sector. But that jump can be a big transition. “There’re adjustments that need to happen on both sides to make that relationship fruitful,” says Coligado.
Workers accustomed to bureaucracy and government systems will need time to acclimate to the culture of a private sector enterprise. Le suggests a kind of buddy system to ensure a successful transition. “[Have] someone that you can pair with [them] who has been in the trenches for a while in the specific function, able to share best practices. I think that’s tremendously valuable,” he says.
On the other side of that relationship, private sector CISOs and their teams can learn from the experience these workers have built in government.
“The companies out there that are hiring, I really hope that they take advantage of this and treat these employees with the respect that they deserve and really embrace the possibility of hiring former government workers,” says Barlet.
No Responses