Security Clearance Jobs Blog

Our popular ongoing series allows you to ask your most complex questions regarding security clearances and our regular contributors of present and former clearance investigators and adjudicators will try to answer them. The rules are listed below. Failure to abide by them will mean your question will be deleted.

NOTE: Due to the volume of questions we receive, we cannot answer all of them. Selected questions that have not been answered in the past will likely be answered.

If you would like a guaranteed private answer to your question, please see here.

Note: All questions are moderated. After you post, it can take up to a week for the question to be “live” on the site and our panelists to see it and answer it.

1. Please do not address a contributor by name to ensure anyone who has knowledge might answer.
2. Do not include your own name, email address, or other information that can identify you. This is a public forum and clearance holders have a responsibility for covertness.
3. If you have questions regarding careers, job hunting, salaries, interviewing, or other career-related topics, see the other threads dedicated to this purpose.
4. Provide full details about your case in your initial question thread.
5. Do not post your questions in previous versions of this thread.
6. Understand that the suggestions and comments contributors provide are their opinions only. The owners of this site are not responsible for the suggestions and guidance from outside contributors.

Note: If your post does not appear on this site, you may not be following the rules above.

If you would like a guaranteed private answer to your question, please see here.

Please read over previous threads to see if your question has already been answered. Use the Search tool to locate specific keywords.

Related Articles:

• Employment Suitability Versus Security Clearance
• Criminal Conduct and Security Clearances
• Drug Involvement and Security Clearances
• Rebutting and Appealing Security Clearance Denials
• Alcohol Consumption and Security Clearances
• Personal Finances and Security Clearances

186 Comments »

IMPACT 2011 took place in Chantilly, Va. this week and while the event was off-the-record, it’s worth reporting the hot topics discussed in this gathering of security officers and experts. With hundreds of Facility Security Officers and Information System Security Officers in attendance the forum was a hot venue for information sharing and discussion of the current security landscape. The trends you’ll note in the agenda aren’t surprising, and spotlight the evolving digital landscape today’s security professionals face. Here are the highlights:

• Cybersecurity. Unless you’ve been living under a rock in the past several years it’s probably no surprise that cybersecurity is a watch word across the intelligence and security industries. Whether you adhere to the Defense Department argument of cyberspace as a warfighting domain, or are with the State Department camp looking to broaden Internet access in order to promote democracy, wars of the future will be waged along the Internet superhighway. Government and private industry are looking for cybersecurity professionals with the necessary skills to compete in this growing market.
• The mission matters. Security is a customer focused profession (and you thought it was all about defending networks and hunting down Russian spies….). Security experts have an important goal in keeping their communities safe, and the human component of any security position – even within the IT industry – is a powerful one. Several presentations focused on briefing skills and the importance of training and education. That’s certainly a trend we see with training and education related positions posted at ClearanceJobs.com.
• Progress has been made in the security clearance process…but it’s far from over. Representatives from the Defense Security Service (DSS), the Defense Office of Hearings and Appeals (DOHA) and others highlighted the improvements made in efficiency and reciprocity, but were cautious not to toot their own horns too loudly. They acknowledged that more steps need to be taken to make the process clearer and easier for both applicants and the security officers with companies and within the government who facilitate applications.

10 Comments »

On December 30, 2010 the International Association of Chiefs of Police (IACP) released a report on their yearlong study of police cybervetting policy, “Developing a Cybervetting Strategy for Law Enforcement.” The report was a collaborative effort by the IACP and the Defense Personnel Security Research Center (PERSEREC). The report states that:

Using the Internet to gather information concerning job applicants and incumbents is an extension of existing background investigations conducted on persons applying for positions and promotions within law enforcement. The Internet is merely a new source to identify and collect information about people’s behavior.

The report doesn’t provide a “model” or “suggested” policy, but rather guidelines for agencies to develop their own policy based on the needs of their individual departments and the communities they serve. According to a September 2010 IACP survey, 31% of law enforcement agencies are already using cybervetting for law enforcement applicants.

Cybervetting Guidelines are presented at Appendix C of the report. In view of the “Bozeman Blunder” perhaps the most controversial aspect of the recommended guidelines is the provision that:

With the consent of applicants, candidates, and incumbents, law enforcement agencies may review online information about these individuals available on websites, where a subject’s password is required to view content. . . . Applicants, candidates, and incumbents may be asked to access password-protected websites so that the recruiter or background investigator can review their profiles, blogs, or other online forums for disqualifying content. . . . Law enforcement agencies should not ask for passwords.

Additionally a recommended supplemental questionnaire asks for information regarding an applicant’s past and present:

• e-mail addresses
• online screen names, handles, or nicknames (except those used for banking or healthcare).
• websites or blogs where they are members, frequent, or contribute

PERSEREC produced a separate report, “Developing a Cybervetting Strategy for National Security Positions,” in part from the same study, but it will not be available to the public.

42 Comments »

Secretary Gates said the “freedom of communication and the nature of it is a huge strategic asset for the United States…there are clearly a number of governments, around the world, that try to control these communications…but these governments “can’t draw the net tight enough to stop everything”…

However, the DOD also warns against the dark side of social networking as well. The problem is not so much people twittering away secrets as letting slip many smaller pieces of information that an adversary can piece together.

Where’s the middle ground? What precautions do you take?

Update:  Just today, a Washington Post article points out that even the super-secret National Security Agency is on Facebook.  Not only the NSA, but the CIA, FBI, and DIA.

Comments Off

Per this new article on Wired, the CIA is using its relationship with In-Q-Tel to buy into a company called Visible Technologies. Visible Technologies is a software company that specializes in monitoring the social web, including Twitter, blogs, Facebook, YouTube, and others.

In-Q-Tel says it wants Visible to keep track of foreign social media, and give spooks “early-warning detection on how issues are playing internationally,” spokesperson Donald Tighe tells Danger Room.

Good idea? We think so. The ability to communicate quickly via social networks is no doubt an attractive prospect to terrorists. By compiling data, seeing trends, and possibly getting early warnings, the U.S. intelligence community is smart to jump into this game early.

2 Comments »

Last week during the Telework Exchange Town Hall Meeting, OPM Director John Berry credited the approx. 5,000 investigators who worked from home in reducing the average time needed for a security clearance investigation from a year in ’01 to 37 days.

The Department of Defense (DoD) had the greatest number (16,871)  of employees teleworking. Although cybersecurity concerns may undermine the ability of many defense employees to work at home.  However, as noted a few months ago, the DoD will test a program aimed to set up a secure telework site in the D.C. metro area for federal employees who need to access classified networks.

Status of Telework in the Federal Government [pdf] | telework.gov

13 Comments »

A Washington Post article on June 24, 2009 reported the planned establishment of a Department of Defense (DoD) Cyber-Defense Command by October 2009 with full operational capability by October 2010. The Cyber-Defense Command’s mission will be to defend military networks, but will assist federal civilian networks.

But a July 22, 2009 Associated Press article reported that a private study found “severe shortages of computer specialists in the federal government. Of concern is the potential threat to national security from increasing coordinated cyberattacks. In the article Ron Sanders, chief human capital officer for the national intelligence director’s office, acknowledged that the intelligence community has more flexibility and resources to attract computer specialists but said there is still an overall shortfall of U.S. citizens with the needed expertise who can also meet security clearance requirements. DoD claims more than 90,000 cybersecurity workers; other federal agencies are estimated to have a total of 35,000 to 45,000 personnel. The private study, Cyber IN-Security: Strengthening the Federal Cybersecurity Workforce, “which details serious problems within the professional community charged with protecting the government’s computer networks against attacks, was produced by the Partnership for Public Service and Booz Allen Hamilton.

Related articles: U.S. CyberSecurity Initiative Puts Focus on IT Security Skills, Cyberspace Policy Review, Cyber Threat Posed by North Korea and China to South Korea and US Forces Korea

8 Comments »

In the fiscal 2010 Defense appropriations bill a test program aims to set up a secure telework site in the D.C. metro area for federal employees who need to access classified networks. Nextgov reports that at least two sites in the D.C. area will be identified where they can test the efficacy of a secure teleworking location for government workers.

Teleworking is seen as a retention and recruitment tool to help deal with the latest BRAC round where DISA is being forced to move employees from Northern Virginia to Fort Meade. Approximately 70% of DISA employees live in Northern Virginia. More than 2,000 DISA employees already work remotely, but on unclassified work only.

8 Comments »

According to a May 25, 2009 article at FederalTimes.com, “Fifty-three federal and contractor falsified security clearance background investigations since 2005. . . . All of them have either been fired or left their jobs, and six were prosecuted within the last year for criminal misconduct.” The investigators worked directly or indirectly for the Federal Investigative Services Division (FISD) of the Office of Personnel Management (OPM). OPM chose to prosecute six investigators to send a message to potential offenders that they can face felony charges and jail time, instead of just being fired.

Other current and former investigators blame the problem on crushing workloads and constant pressure from supervisors to meet shorter deadlines for completing investigations. The article quoted Kathy Dillaman, Associate Director of FISD, as saying, “There are certainly pressures to perform. The taxpayers deserve that. But this isn’t your job if you can’t handle those pressures.

20 Comments »

Worried about being denied a security clearance because of bad credit? Considering a credit repair company to fix your credit report?

In an AARP Bulletin Today Scam Alert article, Credit Repair’s Dirty Business, Steven Baker of the Federal Trade Commission (FTC) was quoted as saying, “In the last year, we’ve seen an increase of 50 percent in reports of credit repair scams. And to date, we’ve never seen a legitimate credit repair company. False promises, upfront fees, and worthless services may be the norm.

Since 1998 the FTC has brought action against over 50 credit repair firms that allegedly misrepresented their credit-related services. The FTC also prosecuted more than a dozen companies that allegedly offered debt relief but misrepresented the cost or nature of the relief.

Comments Off

A FCW.com article on the 4 Feb 09 has confirmed that SRA International‘s computer network was infected by a virus, which may have exposed a number of federal employees’ personal information.

“The breached information could include names, addresses, dates of birth, health information and Social Security numbers. Personal company computers with data from questionnaires related to employees security positions may have been exposed to unauthorized access too, according to SRA’s notification letter.”

Hackers may have also been able to access the data SRA collects in its security position questionnaires, the company said. SRA doesn’t know if any data has been compromised but is taking the precaution of notifying customers that their data may have been accessed…

Comments Off