HR1034-119

1. Short title This Act may be cited as the DHS Cybersecurity On-the-Job Training Program Act.

2. DHS Cybersecurity On-the-Job Training Program Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended by adding at the end the following new section: There is established within the Agency a DHS Cybersecurity On-the-Job Training Program (in this section referred to as the Program) to voluntarily train Department employees who are not currently in a cybersecurity position for work in matters relating to cybersecurity at the Department. The Program shall be led by the Director, in consultation with the Under Secretary for Management. In carrying out the Program under subsection (a), the Director— shall develop a curriculum for the Program, incorporating existing curricula as appropriate and applicable, such as the Federal Cyber Defense Skilling Academy and other initiatives or successor programs, and consistent with the National Initiative for Cybersecurity Education Framework or any successor framework, which may include distance learning instruction, in-classroom instruction within a work location, on-the-job instruction under the supervision of experienced cybersecurity staff, or other means of training and education as determined appropriate by the Director; shall develop criteria for participation in the Program and ensure cybersecurity personnel are appropriately coded to the National Initiative for Cybersecurity Education Framework and successor programs; in accordance with the curriculum described in paragraph (1)— shall make available cybersecurity training to employees of the Department; and may, as appropriate, make available cybersecurity training to other Federal employees; and shall, during the 7-year period beginning on the date of this enactment of this section, annually submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a report that includes— information relating to the number of employees who participated in the Program in the preceding year; an identification of the positions into which employees trained through the Program were hired after such training; a description of metrics used to measure the success of the Program, which may include a skill inventory for applicable positions; copies of the reports submitted pursuant to subsection (c)(1); and any additional information relating to the duties specified in this subsection. In carrying out the Program under subsection (a), the Under Secretary for Management shall— during the 7-year period beginning on the date of the enactment of this section, submit to the Secretary an annual report on the status of vacancies in cybersecurity positions throughout the Department; support efforts by the Director to identify and recruit individuals employed by the Department to participate in the Program; implement policies, including continuing service agreements, to encourage participation in the Program by employees throughout the Department; and conduct outreach to employees who complete the Program regarding cybersecurity job opportunities within the Department. The table of contents in section 1(b) of the Homeland Security Act of 2002 (Public Law 107–296; 116 Stat. 2135) is amended by inserting after the item relating to section 2220E the following new item: 2220F.DHS Cybersecurity On-the-Job Training Program (a)In generalThere is established within the Agency a DHS Cybersecurity On-the-Job Training Program (in this section referred to as the Program) to voluntarily train Department employees who are not currently in a cybersecurity position for work in matters relating to cybersecurity at the Department. The Program shall be led by the Director, in consultation with the Under Secretary for Management. (b)Duties of the DirectorIn carrying out the Program under subsection (a), the Director— (1)shall develop a curriculum for the Program, incorporating existing curricula as appropriate and applicable, such as the Federal Cyber Defense Skilling Academy and other initiatives or successor programs, and consistent with the National Initiative for Cybersecurity Education Framework or any successor framework, which may include distance learning instruction, in-classroom instruction within a work location, on-the-job instruction under the supervision of experienced cybersecurity staff, or other means of training and education as determined appropriate by the Director; (2)shall develop criteria for participation in the Program and ensure cybersecurity personnel are appropriately coded to the National Initiative for Cybersecurity Education Framework and successor programs; (3)in accordance with the curriculum described in paragraph (1)— (A)shall make available cybersecurity training to employees of the Department; and (B)may, as appropriate, make available cybersecurity training to other Federal employees; and (4)shall, during the 7-year period beginning on the date of this enactment of this section, annually submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a report that includes— (A)information relating to the number of employees who participated in the Program in the preceding year; (B)an identification of the positions into which employees trained through the Program were hired after such training; (C)a description of metrics used to measure the success of the Program, which may include a skill inventory for applicable positions; (D)copies of the reports submitted pursuant to subsection (c)(1); and (E)any additional information relating to the duties specified in this subsection. (c)Duties of the Under Secretary for ManagementIn carrying out the Program under subsection (a), the Under Secretary for Management shall— (1)during the 7-year period beginning on the date of the enactment of this section, submit to the Secretary an annual report on the status of vacancies in cybersecurity positions throughout the Department; (2)support efforts by the Director to identify and recruit individuals employed by the Department to participate in the Program; (3)implement policies, including continuing service agreements, to encourage participation in the Program by employees throughout the Department; and (4)conduct outreach to employees who complete the Program regarding cybersecurity job opportunities within the Department.. Sec. 2220F. DHS Cybersecurity On-the-Job Training Program. .

2220F. DHS Cybersecurity On-the-Job Training Program There is established within the Agency a DHS Cybersecurity On-the-Job Training Program (in this section referred to as the Program) to voluntarily train Department employees who are not currently in a cybersecurity position for work in matters relating to cybersecurity at the Department. The Program shall be led by the Director, in consultation with the Under Secretary for Management. In carrying out the Program under subsection (a), the Director— shall develop a curriculum for the Program, incorporating existing curricula as appropriate and applicable, such as the Federal Cyber Defense Skilling Academy and other initiatives or successor programs, and consistent with the National Initiative for Cybersecurity Education Framework or any successor framework, which may include distance learning instruction, in-classroom instruction within a work location, on-the-job instruction under the supervision of experienced cybersecurity staff, or other means of training and education as determined appropriate by the Director; shall develop criteria for participation in the Program and ensure cybersecurity personnel are appropriately coded to the National Initiative for Cybersecurity Education Framework and successor programs; in accordance with the curriculum described in paragraph (1)— shall make available cybersecurity training to employees of the Department; and may, as appropriate, make available cybersecurity training to other Federal employees; and shall, during the 7-year period beginning on the date of this enactment of this section, annually submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a report that includes— information relating to the number of employees who participated in the Program in the preceding year; an identification of the positions into which employees trained through the Program were hired after such training; a description of metrics used to measure the success of the Program, which may include a skill inventory for applicable positions; copies of the reports submitted pursuant to subsection (c)(1); and any additional information relating to the duties specified in this subsection. In carrying out the Program under subsection (a), the Under Secretary for Management shall— during the 7-year period beginning on the date of the enactment of this section, submit to the Secretary an annual report on the status of vacancies in cybersecurity positions throughout the Department; support efforts by the Director to identify and recruit individuals employed by the Department to participate in the Program; implement policies, including continuing service agreements, to encourage participation in the Program by employees throughout the Department; and conduct outreach to employees who complete the Program regarding cybersecurity job opportunities within the Department.