[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3107 Introduced in House (IH)]

113th CONGRESS
  1st Session
                                H. R. 3107

      To require the Secretary of Homeland Security to establish 
  cybersecurity occupation classifications, assess the cybersecurity 
    workforce, develop a strategy to address identified gaps in the 
            cybersecurity workforce, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                           September 17, 2013

  Ms. Clarke introduced the following bill; which was referred to the 
                     Committee on Homeland Security

_______________________________________________________________________

                                 A BILL


 
      To require the Secretary of Homeland Security to establish 
  cybersecurity occupation classifications, assess the cybersecurity 
    workforce, develop a strategy to address identified gaps in the 
            cybersecurity workforce, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Homeland Security Cybersecurity 
Boots-on-the-Ground Act''.

SEC. 2. CYBERSECURITY OCCUPATION CLASSIFICATIONS, WORKFORCE ASSESSMENT, 
              AND STRATEGY.

    (a) Cybersecurity Occupation Classifications.--
            (1) In general.--Not later than 90 days after the date of 
        the enactment of this Act, the Secretary of Homeland Security 
        shall develop and issue comprehensive occupation 
        classifications for individuals performing activities in 
        furtherance of the cybersecurity mission of the Department of 
        Homeland Security.
            (2) Applicability.--The Secretary of Homeland Security 
        shall ensure that the comprehensive occupation classifications 
        issued under subsection (a) may be used throughout the 
        Department of Homeland Security and are made available to other 
        Federal agencies.
    (b) Cybersecurity Workforce Assessment.--
            (1) In general.--Not later than 180 days after the date of 
        the enactment of this Act, the Secretary of Homeland Security, 
        acting through the Chief Human Capital Officer and Chief 
        Information Officer of the Department of Homeland Security, 
        shall assess the readiness and capacity of the Department to 
        meet its cybersecurity mission.
            (2) Contents.--The assessment required under paragraph (1) 
        shall, at a minimum, include the following:
                    (A) Information where cybersecurity positions are 
                located within the Department of Homeland Security, 
                specified in accordance with the cybersecurity 
                occupation classifications issued under subsection (a).
                    (B) Information on which cybersecurity positions 
                are--
                            (i) performed by--
                                    (I) permanent full time 
                                departmental employees;
                                    (II) individuals employed by 
                                independent contractors; and
                                    (III) individuals employed by other 
                                Federal agencies, including the 
                                National Security Agency; and
                            (ii) vacant.
                    (C) The number of individuals hired by the 
                Department pursuant to the authority granted to the 
                Secretary of Homeland Security in 2009 to permit the 
                Secretary to fill 1,000 cybersecurity positions across 
                the Department over a three-year period, and 
                information on what challenges, if any, were 
                encountered with respect to the implementation of such 
                authority.
                    (D) Information on vacancies within the 
                Department's cybersecurity supervisory workforce, from 
                first line supervisory positions through senior 
                departmental cybersecurity positions.
                    (E) Information on the percentage of individuals 
                within each cybersecurity occupation classification who 
                received essential training to perform their jobs, and 
                in cases in which such training is not received, 
                information on what challenges, if any, were 
                encountered with respect to the provision of such 
                training.
    (c) Workforce Strategy.--
            (1) In general.--Not later than 180 days after the date of 
        the enactment of this Act, the Secretary of Homeland Security 
        shall develop a comprehensive workforce strategy that enhances 
        the readiness, capacity, training, and recruitment and 
        retention of the cybersecurity workforce of the Department of 
        Homeland Security.
            (2) Contents.--The comprehensive workforce strategy 
        developed under paragraph (1) shall include--
                    (A) a multiphased recruitment plan; and
                    (B) a 10-year projection of Federal workforce 
                needs.
    (d) Information Security Training.--Not later than 270 days after 
the date of the enactment of this Act, the Secretary of Homeland 
Security shall establish and maintain a process to verify on an ongoing 
basis that individuals employed by independent contractors who serve in 
cybersecurity positions at the Department of Homeland Security receive 
initial and recurrent information security training comprised of 
general security awareness training necessary to perform their job 
functions, and role-based security training that is commensurate with 
assigned responsibilities. The Secretary shall monitor and maintain 
documentation to ensure that training provided to an individual under 
this subsection meets or exceeds requirements for such individual's job 
function.
    (e) Updates.--Together with the submission to Congress of annual 
budget requests, the Secretary of Homeland Security shall provide 
updates regarding the cybersecurity workforce assessment required under 
subsection (b), information on the progress of carrying out the 
comprehensive workforce strategy developed under subsection (c), and 
information on the status of the implementation of the information 
security training required under subsection (d).

SEC. 3. DEFINITION.

    In this Act, the term ``cybersecurity mission'' means activities 
that encompass the full range of threat reduction, vulnerability 
reduction, deterrence, incident response, resiliency, and recovery 
activities to foster the security and stability of cyberspace.
                                 <all>