Building a cybersecurity community

Defense Point Security in Alexandria takes pride in helping defend the nation against outside threats. Instead of using guns, however, the company uses technology.

“We are part of one cybersecurity community that helps to make the government a more secure environment,” says company CEO George McKenzie.

“Everybody we hire is part of the community we have fostered. They come to work here to be part of that community.”

McKenzie founded the company in 2007 with two other owners — today he is one of five owners — after deciding cybersecurity was an industry “that needed to be run differently” than traditional IT consultant services. “We wanted to be customer focused,” he says.  

The company’s services touch on all types of cybersecurity issues, from security engineering and architecture to policy creation and incident response. It specializes in computer forensics known as “digital media analysis,” which provides timely information that can help determine whether a security incident has occurred.

Last year the company won contracts from the Centers for Medicaid & Medicare Services. “That allowed us to expand into another marketplace — health care,” McKenzie says. “This is our first large contract outside of Homeland Security, which accounts for the bulk of our work.”

Most of the company’s 52 employees and contractors weren’t affected by last year’s 16-day partial government shutdown. “We did have a select few employees working on a government contract that were impacted,” McKenzie says.

Rather than letting employees affected by the shutdown take unpaid leave, the company brought them into the office to work on continuing education.

They also were asked to help develop computer-based modules that could be used by other employees. “The people that came into the office leveraged their time to bring up the whole community,” McKenzie says. “That was a bright point for us: to keep them working and also help advance the company rather than have them just sit at home.”

Since 2012 the company has more than doubled its number of employees, thanks to a growing number of government contracts. “From the top down, every employee is a security professional,” says McKenzie.

The company’s benefits package attracts applicants. Defense Point pays 100 percent of the premium for medical insurance for the family and individuals. It also reimburses employees for home Internet and cellphone fees. “We provide every employee with a cellphone. If they have a good smartphone, we will reimburse them for theirs and pay for the phone,” McKenzie says. “Once every two years we allocate $200 so they can buy the latest smartphone out there.”

Because of the company’s strong commitment to education, employees who have received certifications are rewarded with monetary bonuses. Each quarter an employee is recognized for outstanding performance with a Shield Award.

The company has also established a fellows program for its technical leaders and subject-matter experts. The program covers different areas of cybersecurity. “It’s for the best and the brightest,” McKenzie says. “They do presentations and how-to videos that we post on YouTube.”

The fellows program is 100 percent employee-run. “To have an employee-driven, employee-run fellowship within a small company is unique in the industry,” McKenzie says.

Each quarter the company hosts a celebratory event. “We are known for our Christmas parties,” McKenzie says. “We also have had picnics, and we rent out restaurants for events.”

Almost all of the company’s employees work on government sites, not the corporate headquarters. “It’s hard to keep that community feel when most of the employees don’t report to our office every day,” McKenzie says, noting that the office has a gym as well as a large computer lab area that is open 24 hours a day, seven days a week. “They can come in to play with the technology and learn their craft anytime.”

The company also holds internal brown-bag training sessions. One of the most recent sessions focused on computer hacking. “We set up some virtual images and walked employees through computer exploitation,” McKenzie says. “A lot of people liked it because they were never exposed to that.”

The company’s culture has attracted the attention of many experienced cybersecurity professionals. “People say they want to become part of the company,” McKenzie says. “We are waiting for new business to bring them onboard. There is a demand for positions, and I am excited about that.”

Best Places to Work 2014 list of small employers