Spending Intelligence · Intelligence Community Contractors
The $90B Black Box: How 70% of the US Intelligence Budget Flows to Private Contractors
The intelligence community spends roughly $90 billion per year — and more than 70% of that goes to private contractors. Booz Allen Hamilton alone pulls ~$5B annually from intelligence work. Edward Snowden was on their payroll. Here is what the recruiter's brochure doesn't say about the clearance economy.
Sources: ODNI budget disclosures · DNI workforce reports · Booz Allen, Leidos, SAIC 10-K filings (SEC EDGAR) · Washington Post “Top Secret America” (2010) · GAO acquisition reviews · POGO revolving door database · OPM/DCSA clearance process data · Congressional testimony, SSCI/HPSCI
Annual IC Budget (NIP + MIP)
~$90B
Combined National & Military Intelligence Programs — FY2023 estimate
IC Budget to Contractors
70%+
DNI workforce data; Priest & Arkin "Top Secret America" (WaPo, 2010)
Booz Allen IC Revenue/Year
~$5B
~97% of all Booz Allen revenue is U.S. government contracts
Cleared Contractor Workforce
~700K
Active TS clearances in private sector — DNI 2013 estimate; reforms since
Section 01
The $90B Black Box: What We Know and What Remains Classified
The United States intelligence budget is among the most classified elements of the federal government. Since 2007 — when the ODNI first disclosed the aggregate NIP figure following a Freedom of Information Act ruling — the government has released a single top-line number each year for the National Intelligence Program. The FY2023 NIP figure was $62.7 billion. The Military Intelligence Program adds an estimated $23–28 billion, bringing the combined intelligence budget to approximately $85–90 billion annually.
What the government does not disclose: how that money is divided among the 18 intelligence agencies, how much goes to each major program, what each contractor is paid for what work, or how the workforce is distributed between government employees and contractors. This information was classified long before it became financially consequential. It remains classified now, in part, because the disclosure would reveal capability gaps, collection priorities, and program structures — but also because classification conveniently shields the spending from the normal scrutiny that attaches to public expenditure.
What we know about the contractor share comes primarily from three sources: the ODNI's own workforce data (which disclosed in aggregate reports that contractors perform a substantial majority of IC labor hours), the Dana Priest and William Arkin “Top Secret America” investigation (Washington Post, 2010), which documented 1,900+ private companies and 850,000+ cleared employees in the intelligence orbit, and the public filings of the contractors themselves. Booz Allen Hamilton discloses in its annual 10-K that approximately 97% of its revenue comes from U.S. government contracts. At roughly $5B in IC-adjacent revenue, that single company represents 5–6% of the entire US intelligence budget.
What the Snowden Documents Revealed About the Budget
Among the documents Edward Snowden provided to journalists was the classified “Black Budget” for FY2013 — published by the Washington Post in August 2013. That document provided the first detailed breakdown of intelligence spending in decades: CIA received $14.7B, NSA received $10.8B, NRO received $10.3B, NGA received $4.9B. Combined with smaller agencies, the NIP total was $52.6B. The document also showed that the intelligence community had identified “foreign penetration of its networks and supply chains” as a critical vulnerability — and that it was simultaneously relying on a private contractor workforce of hundreds of thousands to manage those same networks. The structural irony was not lost on security researchers: the most sensitive networks in the U.S. government were administered, in substantial part, by private employees who were not subject to the same legal accountability as federal employees.
Source: Barton Gellman and Greg Miller, “U.S. spy network's successes, failures and objectives detailed in ‘black budget’ summary,” Washington Post, August 29, 2013. Classification status: the underlying document remains classified; the published excerpts are in public record.
Section 02 — Company Profiles
The Big Five IC Contractors: Who They Are, What They Do, What They Earn
Five companies dominate the intelligence community contractor market. Together, they employ more cleared workers than most individual IC agencies, and their combined IC revenue exceeds $12B annually. Revenue figures from SEC 10-K filings and public contract awards.
Booz Allen Hamilton
BAHNSA analysis, cyber operations, signals intelligence, IT modernization across all IC agencies
Est. IC Revenue
~$5B+/yr
~97% govt revenue
Booz Allen Hamilton is the single largest private employer of intelligence community workers in the United States. The company generates approximately 97% of its revenue from U.S. government contracts, primarily with NSA, DIA, NRO, ODNI, and DoD intelligence components. Booz Allen employees work inside IC facilities with access to classified networks, conducting missions that are legally and functionally indistinguishable from the work done by government employees at adjacent desks. The company's three-letter agency penetration is so deep that NSA insiders have referred to Booz Allen as "NSA's shadow workforce" — a characterization the company does not dispute. The firm employs more NSA alumni than any other organization outside the government itself. When Edward Snowden described his access to NSA's most sensitive programs in 2013, he was a Booz Allen Hamilton employee. His $200K annual salary was approximately 40–60% above the GS equivalent for his role and experience level.
Leidos
LDOSISR systems, signals collection infrastructure, satellite ground systems, cybersecurity operations
Est. IC Revenue
~$3–4B/yr (IC+DoD intel)
~87% govt revenue
Leidos was formed through the 2013 spin-off of SAIC's government services division and a subsequent 2016 merger with Lockheed Martin's IT services unit — a transaction that created the largest IT contractor in the federal market at the time. Leidos holds major contracts with the NSA, NRO, and intelligence components of the military services, spanning signals collection infrastructure, satellite ground systems, and cybersecurity operations centers. Its Intelligence Group division alone employed thousands of cleared analysts and engineers. Leidos is less publicly visible than Booz Allen because it focuses more on technical infrastructure (systems, networks, collection platforms) than on human analytical services, but its financial exposure to the intelligence market is comparable in scale.
SAIC (Science Applications International Corp.)
SAICIT systems modernization, C2 platforms, geospatial intelligence, training and simulation for IC
Est. IC Revenue
~$2–3B/yr
~99% govt revenue
SAIC has operated inside the intelligence community since the 1970s and maintains one of the deepest relationships of any contractor with the defense intelligence agencies — DIA, NGA, and the service intelligence components. SAIC was for many years the third-largest employee-owned company in the United States, a structure that gave it a distinctly institutional culture. After multiple restructurings and spin-offs, the current SAIC focuses on IT modernization, logistics systems, and C2 platforms. Its NGA relationship — supporting geospatial intelligence production and analysis infrastructure — is particularly significant. SAIC's revenue is essentially 100% government-derived. Unlike Booz Allen, which does more human capital work, SAIC tends toward systems integration and technology programs.
CACI International
CACICounterintelligence, interrogation support, IT services, enterprise resource planning for IC agencies
Est. IC Revenue
~$1.5–2B/yr
~95% govt revenue
CACI became one of the most scrutinized IC contractors in the post-Iraq era when it was identified as the employer of civilian interrogators at Abu Ghraib prison during the period when detainee abuse occurred. The Army's Taguba Report (2004) named CACI employees among those involved in Abu Ghraib interrogation operations. CACI disputed the findings and was not criminally prosecuted in connection with Abu Ghraib. Subsequent civil litigation by Abu Ghraib detainees against CACI produced decades of legal proceedings, including a Fourth Circuit ruling in 2022 allowing survivor lawsuits to proceed. CACI's contracts were not terminated. Today CACI is a major enterprise IT and intelligence support contractor with contracts spanning ODNI, DIA, and military intelligence components. The Abu Ghraib association has not measurably affected its ability to win intelligence contracts.
ManTech International
Acquired by Carlyle Group (2022)Cyber operations, digital forensics, signals intelligence support, mission IT for three-letter agencies
Est. IC Revenue
~$1–1.5B/yr
~99% govt revenue
ManTech International was taken private in a $4.2B leveraged buyout by the Carlyle Group in 2022 — a transaction that illustrates the private equity appetite for cleared contractor businesses. The investment thesis is straightforward: ManTech's revenue is approximately 99% government-derived, contracts tend to be multi-year, customer relationships (based on cleared workforce and institutional knowledge) are durable, and the cleared workforce itself is a competitively scarce asset that competitors cannot easily replicate. ManTech operates heavily in NSA-adjacent cyber and signals intelligence support, providing mission IT, digital forensics, and operations support to IC agencies. The Carlyle acquisition converted a public company with public disclosure obligations into a privately held entity with significantly reduced transparency requirements.
Section 03
The Snowden Lesson: What a Contractor's Access Level Revealed About Oversight Gaps
Whether you view Edward Snowden as a traitor or a whistleblower — or something more complicated than either — his case exposed structural facts about the IC contractor system that had not been publicly acknowledged. Here is what the case established, in documented terms.
Access Scope: What a Mid-Level Contractor Could See
Snowden was a 29-year-old Booz Allen Hamilton infrastructure analyst assigned to the NSA's Kunia facility in Hawaii. His job was systems administration — managing the technical infrastructure that other analysts used. He was not a senior analyst or a program manager. Yet his access extended to highly classified programs across multiple compartments: PRISM (bulk collection from tech companies), XKeyscore (global internet traffic analysis), MUSCULAR (Google and Yahoo backbone tapping), and others. The breadth of access available to a mid-level contractor systems administrator revealed something the NSA had not publicly acknowledged: the shared infrastructure model that makes contractor integration efficient also makes compartmentalization much harder. When everyone uses the same internal systems, and systems administrators have root access to those systems, the technical controls that should enforce need-to-know become porous.
The Vetting Theater Problem
Snowden obtained and maintained a TS/SCI clearance through the standard adjudication process. His background investigation was conducted by USIS — a private contractor hired by OPM to perform background checks, which is itself a comment on the cleared contractor ecosystem. USIS was later found to have submitted approximately 665,000 incomplete investigations in what DOJ called a "systematic failure" to meet contract requirements. USIS paid $30M to settle the civil fraud case in 2014. The Snowden case did not involve an obvious red flag that the background investigation should have caught; it involved a contractor who believed he was witnessing unconstitutional surveillance and made a deliberate choice. The post-Snowden debate focused on continuous evaluation (monitoring cleared personnel for ongoing behavioral and financial red flags) — an important reform, but one that addresses the "disgruntled employee" threat model more than the "principled whistleblower/ideological defector" threat model.
What Changed After Snowden
The intelligence community's response to Snowden was operationally significant but structurally limited. Changes included: expanded continuous evaluation (CE) systems that monitor cleared personnel for financial problems, foreign contacts, and behavioral red flags; user activity monitoring (UAM) on classified networks to detect anomalous data access and exfiltration; insider threat programs formalized under ODNI's National Insider Threat Policy; reduced privileged access for systems administrators (implementing least-privilege principles that should have already been in place); and increased oversight of contractor access to cross-compartment information. What did not change: the fundamental structure of 70%+ contractor dependency, the pay differential that makes it rational for experienced government analysts to leave for contractor roles, or the access model that places contractor employees inside IC facilities with access to classified systems.
What Snowden's Pay Revealed About the Clearance Market
Snowden's $200K annual salary at 29, as a Booz Allen systems administrator, was reported by Snowden himself and not publicly disputed. For context: the GS-13 pay scale in 2013 (the approximate government equivalent for his experience and role in Hawaii) was $73,846–$96,004. The contractor premium — the gap between what Booz Allen charged the government for his labor and what an equivalent government employee would cost — was roughly 50–80% at fully-loaded rates. This gap is not unique to Snowden. It is structural: the IC cannot match contractor compensation, so it loses its best technical talent to the contractors, then pays contractor rates to get the same people back. The government trains them, loses them, and then buys them back at a markup. This cycle is the designed operating model of the cleared contractor economy.
Section 04
The Cost Arithmetic: Contractor vs. Government Analyst
The POGO (Project on Government Oversight) has documented in multiple studies that IC contractors performing the same work as GS equivalents typically cost the government 20–30% more at minimum — and often 50–80% more when fully-loaded contractor billing rates are compared to fully-loaded government employee costs. The government continues to use contractors not because they are cheaper, but because they provide FTE flexibility (they don't count against congressionally-mandated staffing caps), faster surge capacity, and specialized skills that government salary scales cannot attract or retain.
The following comparison uses actual government pay scale data (OPM) and aggregated contractor compensation data. “Govt loaded total” includes salary, benefits, retirement accrual, and overhead. “Contractor billed” is what the government pays the company — which includes the employee's compensation plus the contractor's overhead, G&A, and profit margin.
Junior Intelligence Analyst (3–5 yr experience)
GS-11/12Govt Base Salary
$60K–$82K
$90K–$120K loaded
Billed to Govt
$140K–$200K billed to govt
Take-home: $100K–$140K
Contractor Premium
+55–80%
cost to govt vs. GS
Senior SIGINT/HUMINT Analyst (8–12 yr)
GS-13/14Govt Base Salary
$84K–$130K
$130K–$195K loaded
Billed to Govt
$200K–$300K billed to govt
Take-home: $140K–$200K
Contractor Premium
+40–60%
cost to govt vs. GS
Cleared IT / Systems Engineer (TS/SCI)
GS-12/13 or GG equivalentGovt Base Salary
$72K–$100K
$110K–$155K loaded
Billed to Govt
$175K–$280K billed to govt
Take-home: $120K–$180K
Contractor Premium
+60–80%
cost to govt vs. GS
Senior Cyber Operator / CNE Specialist (TS/SCI + polys)
GS-14/15 or SESGovt Base Salary
$122K–$185K
$185K–$275K loaded
Billed to Govt
$300K–$450K billed to govt
Take-home: $200K–$300K
Contractor Premium
+60–70%
cost to govt vs. GS
Why DoD/IC Keeps Hiring Contractors Despite the Cost Premium
FTE Ceiling Games
Congress sets statutory limits on government full-time equivalent (FTE) employees for each agency. These ceilings were established as part of 1990s downsizing mandates and have never been systematically revisited for the post-9/11 IC expansion. Contractor employees do not count against FTE ceilings. An IC agency that needs 500 more analysts can hire them as contractors immediately, without any change in its authorized staffing level. Adding the same positions as government employees requires legislative action — committee markups, floor votes, conference committee, presidential signature. The contractor path is months. The government path is years, if it happens at all.
Budget Flexibility
Personnel costs for government employees are sticky — difficult to reduce quickly in response to changing priorities or budget cuts. Contract costs are more flexible: at the end of a contract period, the agency does not renew. This makes contractors a natural tool for managing budget uncertainty, which is endemic in the IC given the classified nature of appropriations and the annual continuing resolution problem.
Rapid Surge Capacity
After 9/11, the IC needed to roughly double its analytical workforce within 2–3 years. The government hiring pipeline — security investigations, civil service processes, onboarding — could not produce that many cleared employees that quickly. Contractors could. The surge capacity argument was legitimate in 2001. The dependency it created has persisted 25 years later.
Section 05
The Clearance Economy: TS/SCI as a Career Asset
A Top Secret/Sensitive Compartmented Information clearance is not merely a background check. It is a portable credential worth $100K+ to create, and the market for cleared talent is structurally different from any other labor market in the U.S. economy.
~700K
Private sector employees with active TS clearances (2013 DNI estimate; likely similar or higher today)
More than 5x the CIA's total workforce. Cleared contractor employees outnumber GS-equivalent cleared government workers in most IC agencies.
$100K–$120K
Estimated government cost per Top Secret clearance investigation and adjudication
The full TS/SCI process including polygraph, lifestyle polygraph, initial investigation, periodic reinvestigation, and administrative overhead — amortized across the adjudication cycle.
2–3 years
Average time for initial TS clearance in peak backlog years (2016–2019)
The backlog peaked at over 700,000 pending investigations in 2018. The CAF (Central Adjudication Facilities) processed backlogs through 2019–2021 using a combination of Continuous Evaluation and accelerated review. DCSA took over investigations from OPM in 2019.
$15K–$30K
Typical signing bonus offered by major IC contractors for employees bringing active TS/SCI clearances
The clearance itself, maintained at government expense, functions as a portable credential that contractors pay a premium to acquire. Cleared hiring is effectively subsidized by taxpayers who funded the investigation.
60–90 days
Time to hire a cleared employee vs. 12–24 months to clear a new hire
This timeline asymmetry is the core driver of contractor value. Cleared talent is the bottleneck; companies with large cleared workforces can surge capacity instantly. This makes the talent pool itself the competitive moat.
Clearance Tier Market Value (Contractor Compensation Impact)
Secret
Basic defense and government work
Signing Bonus
$0–$5K
Salary Premium
Minimal
Common in defense industrial base; not scarce
Top Secret
Broader access, still relatively common in defense
Signing Bonus
$5K–$10K
Salary Premium
10–20%
TS alone without SCI is increasingly common in DoD IT
TS/SCI
Intelligence community standard; required for most IC work
Signing Bonus
$15K–$25K
Salary Premium
40–70%
The primary credential that IC contractors compete for
TS/SCI + Lifestyle Polygraph
NSA, NRO, NGA standard; most IC agencies require this
Signing Bonus
$20K–$30K
Salary Premium
50–80%
Polygrpah completion significantly narrows the eligible pool
TS/SCI + Full Scope (CI) Polygraph + Compartments
Most sensitive programs; CIA, NSA SIGINT, cyber operations
Signing Bonus
$25K–$50K+
Salary Premium
70–100%+
SAP access commands the highest market premium; scarcest credential in the cleared market
Section 06
JEDI and the Cloud Wars: A $10B Contract, Years of Litigation, Zero Performance
The DoD's JEDI cloud contract is the highest-profile procurement disaster since the F-35 program — and one of the clearest examples of how contractor lobbying, revolving door dynamics, and procurement litigation can paralyze modernization.
The Defense Digital Service and DoD CIO begin developing the Joint Enterprise Defense Infrastructure (JEDI) cloud strategy — a single $10B, 10-year contract to modernize DoD's IT infrastructure. The single-award structure, intended to drive cloud adoption quickly, immediately generates controversy. Critics argue single-award limits competition and creates undue advantage for one vendor. Supporters argue split-award contracts with government agencies have historically produced slower adoption and integration problems.
In October 2019, DoD awarded JEDI to Microsoft over Amazon Web Services — a decision immediately protested by Amazon, which alleged that White House pressure from President Trump (who had a publicly adversarial relationship with Amazon founder Jeff Bezos) influenced the evaluation process. Amazon's protest cited specific instances where evaluators deviated from established criteria in ways that disadvantaged AWS. The Government Accountability Office found Amazon's protest had merit on some grounds. A federal court issued a temporary restraining order blocking performance. DoD conducted a re-evaluation — and again selected Microsoft.
Amazon's continued litigation and additional court orders kept JEDI frozen. Microsoft built out cloud infrastructure and hired personnel in anticipation of performance. That investment ultimately proved wasted. Estimates of the cost to the government from the litigation delay — in terms of deferred modernization, contract management overhead, and program management costs — vary, but the DoD itself acknowledged the program had been effectively paralyzed. GAO's analysis of similar delayed procurements suggests opportunity costs in the hundreds of millions.
In July 2021, DoD cancelled JEDI entirely. Deputy Secretary of Defense Kathleen Hicks announced that the program's original requirements no longer reflected DoD's cloud needs after years of delay, and that the litigation environment made performance uncertain. JEDI was replaced by the Joint Warfighter Cloud Capability (JWCC) — a multi-vendor contract vehicle awarding to Microsoft, Amazon, Google, and Oracle. The multi-vendor structure directly addressed the competition concerns that had driven the JEDI protest.
JWCC was awarded in December 2022 with a $9B ceiling across four vendors (Microsoft, AWS, Google Cloud, Oracle). The contract structure allows task order competition between vendors. Early task orders under JWCC have gone primarily to Microsoft and AWS, with Google and Oracle receiving smaller awards. The revolving door connections in cloud contracting are significant: multiple senior DoD technology officials who shaped cloud strategy left for positions at Microsoft, Amazon, and Google before and after the JEDI decision — a pattern documented by POGO's revolving door tracker.
The Revolving Door in Cloud Contracting
Multiple senior DoD technology officials who shaped cloud strategy left for positions at Microsoft, Amazon, and Google before and after the JEDI decision. Deap Ubhi, who joined DoD's Defense Digital Service and worked on the JEDI requirements, was found to have had undisclosed communications with Amazon prior to joining DoD and subsequently returned to Amazon. DoD's Inspector General found that Ubhi failed to recuse himself despite conflicts of interest. The IG investigation concluded that the JEDI acquisition process was tainted by his involvement, though DoD maintained the evaluation outcome was sound. The pattern — technology officials cycling between the agencies that write cloud requirements and the companies that compete for cloud contracts — is not unique to JEDI. It is the standard operating model of the DoD technology acquisition ecosystem.
Source: DoD Inspector General Report DODIG-2020-078, “Evaluation of the DoD Interactions with Ubhi and Cloud Computing Procurement,” April 2020.
Section 07
Oversight Gaps: What IC Contractors Can Do That Government Employees Cannot Be Held Accountable For
The SSCI/HPSCI Oversight Limitation
The Senate Select Committee on Intelligence (SSCI) and House Permanent Select Committee on Intelligence (HPSCI) exercise statutory oversight over the intelligence community. Their oversight mechanisms — hearings, budget reviews, access to classified programs — are well-established for government employees and agency programs. For contractors, the oversight is indirect: the oversight committees can question agency leaders about contractor performance and compliance, but they do not have direct legal authority over contractor employees in the way they do over government personnel. A contractor employee who refuses to testify, invokes Fifth Amendment rights, or simply leaves employment before a congressional inquiry gains traction presents a fundamentally different legal situation than a government employee who can be compelled through administrative and civil service mechanisms.
Inspector General Jurisdiction Over Contractors
The IGs of the various IC agencies (CIA OIG, NSA OIG, DNI OIG, etc.) have jurisdiction to investigate allegations of waste, fraud, and abuse within their agencies — including conduct involving contractors. However, Inspector General authority over contractors is more limited than authority over government employees. IGs can compel testimony from government employees; for contractors, they typically must work through the contracting agency and the contractor's own compliance mechanisms. IG subpoena authority for contractors varies by statute and is not uniform across agencies. In practice, significant IC contractor misconduct investigations have often stalled at the contractor boundary — particularly when the contractor's own legal counsel advises employees not to cooperate with IG investigations outside of formal legal process.
Whistleblower Protections: Government vs. Contractor Employees
The gap between whistleblower protections for government employees and contractor employees in the intelligence community is substantial. Government IC employees have access to reporting channels established by the Inspector General Act and the Intelligence Community Whistleblower Protection Act (ICWPA). These channels, while imperfect, provide a legal framework for reporting illegal activity without first going to the press or Congress. IC contractors do not have equivalent protections. The False Claims Act provides some whistleblower protection for contractors who report fraud against the government — but this applies to financial fraud, not civil liberties violations or illegal surveillance programs. A contractor who believes an IC program is illegal has essentially no protected channel that does not require going outside the classification system. This is precisely the situation Snowden described. Whether or not one agrees with his choices, the legal structure he faced was accurately characterized by him: there was no compliant reporting path that he believed would be effective.
Classification as a Accountability Shield
The classification system, designed to protect sources and methods from foreign adversaries, also functions as a shield against domestic accountability for contractor misconduct. When an IC contractor overcharges, underperforms, or commits misconduct in the context of a classified program, the entire accountability chain — the IG investigation, the congressional notification, the legal proceedings — must operate within classification constraints. Classified IG reports are not publicly disclosed. Congressional notifications to intelligence committees are not made public. Legal proceedings involving classified programs can be closed to the public and subject to CIPA (Classified Information Procedures Act) restrictions. The result: the most consequential contractor misconduct — conduct in classified programs — is also the least accountable.
Section 08
What Service Members With Clearances Should Know
Your clearance, your training, and your operational experience have concrete dollar values in the private market. Here is what the transition briefing typically doesn't say.
Your Clearance Is Worth More Than You Think
If you separate from military service with an active TS/SCI clearance — particularly with specialized compartments (SIGINT, HUMINT, cyber/CNO, space, special access programs) — you are entering the civilian job market with a credential that costs $100K+ to create from scratch and takes 2–3 years to obtain. Contractors pay premiums of $15K–$30K in signing bonuses just to acquire active clearances. Your base salary will typically be 50–100% higher than equivalent GS civilian positions. The Booz Allens of the world do not merely want to hire you — they need your clearance to perform the contracts they have already been awarded.
The 35X/35N/35P Pipeline Into Contracting
Military intelligence MOS fields — 35X (all-source), 35N (SIGINT), 35P (cryptologic linguist), 35Q (cryptologic network warfare), 17C (cyber operations), Air Force 1N (intelligence series), Navy Intel officers — feed directly into IC contractor demand. The most sought-after are those with technical specialties: SIGINT collection experience, cyber operations, geospatial intelligence analysis, and counterintelligence. Booz Allen, Leidos, SAIC, CACI, and ManTech all have veteran-targeted hiring pipelines specifically designed to absorb military intelligence separatees. Many companies maintain relationships with transition offices at Fort Meade, Fort Huachuca, Fort Gordon (now Eisenhower), and Goodfellow to recruit before the ETS date.
Realistic Salary Ranges at Major IC Contractors (2025)
Based on aggregated compensation data, cleared contractor compensation ranges by role: Junior intelligence analyst (3–5 yr, TS/SCI): $100K–$140K. Mid-level all-source analyst (5–10 yr, TS/SCI + compartments): $140K–$185K. Senior SIGINT analyst or collection manager: $175K–$220K. Cyber operations / CNE specialist with active tool suite experience: $200K–$300K+. Program manager on large IC contracts: $175K–$250K. Cloud security engineer (TS/SCI + AWS/Azure certifications): $160K–$230K. These ranges are significantly above equivalent GS positions and above what military pay tables provide for equivalent time-in-service. The gap is wider in high-cost areas (D.C. metro, Maryland, Virginia corridor near NSA/Fort Meade) where most IC work is concentrated.
The Brain Drain Is Structural, Not Accidental
The intelligence community has long recognized that it trains analysts at government expense, then loses them to contractors who offer 50–100% pay increases. ODNI and the IC agencies have periodically attempted compensation reform — expanded pay bands, special rate positions, retention bonuses — but the fundamental asymmetry persists because government pay is constrained by legislation and political optics in ways that contractor compensation is not. The result is that the IC's most experienced analysts and operators disproportionately concentrate in the contractor workforce. The government's own assessment programs consistently find that contractor employees performing inherently governmental-adjacent functions often have more experience and greater institutional knowledge than their government counterparts. This is not a accident — it is the predictable result of a system where the government paid for the training and the contractor captured the human capital.
Understanding the Contractor Status Tiers
In the IC contractor world, not all work is equivalent in prestige, pay, or career trajectory. Tier 1 (IDIQ task orders under vehicles like ENCORE, SeaPort-e, or agency-specific vehicles): high volume, competitive, often staff augmentation with thin margins. Tier 2 (multi-year program contracts): substantial scopes, larger teams, more stable work. Tier 3 (program of record support): technically demanding, better career development, higher clearance requirements. Special category (Special Access Programs, compartmented programs): highly paid, very selective, often requires polygraph beyond the standard lifestyle poly. The Tier 3 and SAP-adjacent work is where former military intelligence personnel are most competitive — civilian applicants rarely have the compartment access or operational context that active-duty or reserve-duty service provides.
The Ethical Dimension: Inherently Governmental Functions
Federal Acquisition Regulation (FAR) and OMB policy define "inherently governmental functions" as activities so closely related to the public interest that they must be performed by government employees. In theory, this includes analysis that supports policy decisions, activities that involve the exercise of government authority, and work that commits the government to specific courses of action. In practice, IC contractors routinely perform work that many government ethics experts characterize as inherently governmental — intelligence analysis that directly informs executive decisions, collection activities, and in some cases operational support. The line between "support to" and "performance of" governmental functions is frequently blurred and sometimes crossed. This is not illegal under current interpretations, but it is a structural ambiguity that former service members entering the contractor workforce should understand.
Post-Service Contractor Compensation: Benchmarks by MOS/Rate (2025)
35N — SIGINT Analyst
$110K–$165K
TS/SCI required; SCI compartments add 20–30%
35Q — Cryptologic Network Warfare
$130K–$200K
Cyber-adjacent; CNO experience commands top ranges
35P — Cryptologic Linguist
$100K–$160K
Language + clearance combo; rarer languages at top range
35X (35F/35G/35D) — All-Source
$95K–$150K
Breadth of analytical experience matters significantly
17C — Cyber Operations
$150K–$280K
Technical tool suite experience commands highest premium
Air Force 1N-series (Intelligence)
$95K–$155K
Collection management experience highly valued
Navy Intel Officer (181X)
$110K–$175K
Depends heavily on specialty and compartment access
SOF Intel (18F / MOS 35 variants)
$130K–$220K
SAP access from SOF service commands significant premium
Ranges based on aggregated compensation data from Glassdoor, LinkedIn Salary Insights, ClearanceJobs.com salary surveys, and IC contractor job postings. Ranges reflect total cash compensation (base + bonus). Location adjustments apply: D.C./Maryland/Virginia corridor typically 10–20% above these figures. Ranges as of Q1 2025.
Section 09
Accountability: Why the Structural Problem Persists
Oversight is not merely difficult in the IC contractor space — it is structurally impaired. These are not failures of individual officials. They are designed features of a system that makes accountability expensive and reform politically costly.
The "Necessary Secrecy" Shield
Congressional oversight of the IC operates under a fundamental constraint: most of what there is to oversee is classified, and the classification system is itself controlled by the executive branch agencies that are being overseen. This creates a structural conflict of interest. The agencies that have the most to hide from oversight are the same agencies that decide what gets classified and at what level. When an IC contractor is accused of misconduct in the context of a classified program, the oversight process must be conducted inside a SCIF, with access limited to the cleared handful on the relevant committees. Public accountability — the mechanism that works in most other government contexts — is designed out of the system.
The "National Security Necessity" Argument Against Reform
Every serious reform proposal aimed at reducing IC contractor dependency has encountered the same argument: the IC cannot accomplish its mission without contractors. This argument is partially true and extensively abused. It is true that the IC's technical infrastructure requires commercial expertise that the government cannot fully develop in-house. It is extensively abused in the sense that it has been used to block reforms that would reduce contractor overhead, impose accountability mechanisms, or shrink the contractor footprint in areas that are not technically specialized. The "national security necessity" argument is often deployed by contractors themselves or by their government clients whose careers advanced through the contractor ecosystem — a conflict of interest that is rarely acknowledged in congressional testimony.
Congressional Capture and the Cleared Jobs Argument
The IC contractor ecosystem, like the defense contractor ecosystem more broadly, is geographically distributed in ways that create congressional constituencies. Northern Virginia, Maryland's DC suburbs (home to NSA and NRO), and pockets in Ohio, California, and Texas contain large concentrations of cleared contractor employees. Their congressional representatives have direct constituent interests in maintaining contractor employment levels. Reform proposals that would reduce IC contractor spending — converting contract positions to government positions, imposing cost caps, requiring competition — threaten employment in these districts. The political calculus is not abstract: constituents with $150K contractor jobs are more politically engaged and better organized than the taxpayers who fund them.
The Co-Optation of Reformers
A particularly effective structural mechanism: the reformed often become contractors themselves. Officials who criticize IC contractor spending while in government — even those who genuinely believed in reform — frequently leave government and join the contractor ecosystem, because the financial incentives are overwhelming and the professional networks are concentrated there. This is not corruption in any individual sense; it is a rational response to the structure of compensation in the cleared workforce market. The effect, however, is that the pipeline of potential reformers is systematically drained into the system being reformed. Counterintelligence analysts call this kind of structural dynamic "capture." In organizational theory, it is sometimes called "revolving door capture." The mechanism does not require conspiracy — it emerges from ordinary individual decisions made in a structurally perverse incentive environment.
What Meaningful Reform Would Require
Why it matters: Without closing the 50–100% pay gap between government and contractor IC roles, the brain drain continues indefinitely. The cleared workforce concentrates in the contractor sector because the government cannot compete on compensation.
Obstacle: Federal pay legislation, political resistance to "paying bureaucrats more," OPM/OMB structural constraints on special rate authorities.
Why it matters: Require IC agencies to affirmatively justify contractor performance of analysis, collection support, and operational roles against the inherently governmental standard — and default to government employment when the standard is not clearly met.
Obstacle: IC agencies resist because contractors provide FTE flexibility (they don't count against congressionally-mandated FTE caps), budget flexibility, and surge capacity.
Why it matters: Extend ICWPA-equivalent protections to IC contractor employees, providing a compliant channel for reporting illegal activity that does not require breaking classification.
Obstacle: Requires legislation. IC agencies and their contractors have lobbied against expanded whistleblower protections on grounds that it creates security risk.
Why it matters: Give IC IGs explicit subpoena authority over contractor employees and documents in the same way DoD IGs can compel cooperation from military contractors under specific statutes.
Obstacle: Contractor opposition, legal complexity of extending federal authority over private employees, classification concerns about IG access to contractor intellectual property.
Why it matters: Extend the 1-year cooling off period for senior IC officials to 3–5 years for positions at IC contractors, and expand the scope to cover advisory roles, not just direct representation.
Obstacle: Former officials lobby against it. Congress is populated with former officials or officials who expect to be former officials. The post-service contractor path is a retirement plan for much of the IC senior leadership.
Section 10
The Revolving Door in Intelligence: When Directors Become Contractors
The intelligence community revolving door is structurally identical to the defense contractor revolving door — but more legally complex, because the knowledge being monetized is classified. The 18 USC 207 cooling-off period limits specific representations on specific contracts for one year. It does not restrict general advisory work, board membership, or strategic counsel.
The following examples are drawn entirely from public record — press reporting, SEC filings, and confirmed employment announcements. No classified information is implied.
Michael Hayden
Government: Director, NSA (1999–2005); Director, CIA (2006–2009)
Post-government: Principal, Chertoff Group; various board and advisory positions including Booz Allen Hamilton
Hayden became one of the most prominent post-government intelligence executives, leveraging NSA and CIA experience in advisory roles. The Chertoff Group, where Hayden was a principal, advises clients on security and intelligence matters — clients who include defense contractors with IC contracts.
James Clapper
Government: Director of National Intelligence (2010–2017); Director, DIA (1991–1995)
Post-government: Partner, Deloitte; board member and advisor to multiple defense and IC-adjacent firms
Clapper moved to Deloitte's government and public services practice after leaving DNI — a practice that advises and supports IC contractors on their own government contracts. The cooling-off period (18 USC 207) restricts specific representations on specific contracts but does not restrict general advisory work.
Keith Alexander
Government: Director, NSA (2005–2014); founding commander, U.S. Cyber Command (2010–2014)
Post-government: Founded IronNet Cybersecurity; board member at multiple defense firms
Alexander founded IronNet Cybersecurity immediately after leaving NSA, initially reporting that the firm was charging banks $1M/month for cybersecurity services. Senate Intelligence Committee members raised concerns about whether Alexander was monetizing classified knowledge of NSA capabilities. IronNet ultimately failed as a public company and dissolved in 2023 — a rare outcome for a former NSA director's venture — but the business model of monetizing IC-adjacent knowledge continued.
James Clapper (USIS Connection)
Government: OPM/NBIB oversight structure
Post-government: USIS — the background investigation contractor
USIS (U.S. Investigations Services) was the largest private contractor performing background investigations for OPM — the investigations that clear people for IC employment. USIS was found to have submitted approximately 665,000 incomplete investigations in a scheme DOJ called a "systematic failure to perform quality reviews." USIS paid $30M to settle. The company's leadership included former government officials. The background investigation system itself — the security apparatus meant to catch people who shouldn't have clearances — was itself a contractor enterprise with its own accountability gaps.
The 1-Year Cooling Off Period and Its Limits
18 USC 207 is the primary federal statute governing post-government employment conflicts of interest. For senior officials (those earning above a threshold that roughly corresponds to SES/flag officer level), the cooling-off period prohibits for one year any communication with or appearance before the former agency on a matter in which the official had personal and substantial involvement, or on any pending matter that was under their official responsibility in the last year of government service.
What 207 does not prohibit: advising the contractor on what the government is likely to do. Providing strategic insight on government procurement priorities. Attending meetings where the former official does not personally “communicate” with former colleagues. Sitting on boards. Giving speeches. Writing reports. All of these activities — which are commercially valuable precisely because of the former official's government experience and relationships — are legal from day one.
For IC officials specifically, there is an additional layer: the knowledge they carry is classified. Technically, a former NSA director cannot share classified information in any post-government role. In practice, the value a former IC director brings to a contractor is not the specific classified facts they know — it is their understanding of how the IC works, what it prioritizes, which programs are vulnerable to competition, and who the key decision-makers are. None of that is legally classified in a way that 207 or the classification system can effectively restrict.
For the full revolving door analysis — names, destinations, legal framework, and the loopholes in 18 USC 207's cooling-off period — see the dedicated page:
The Revolving Door: When Officials Become the Contractors →Frequently Asked Questions
What is the National Intelligence Program (NIP) and Military Intelligence Program (MIP)?
The U.S. intelligence budget is divided into two components. The National Intelligence Program (NIP) covers the 17 intelligence agencies under the Director of National Intelligence, including CIA, NSA, NRO, NGA, and others. The Military Intelligence Program (MIP) covers defense intelligence activities more directly tied to military operations — DIA, service intelligence commands, and tactical intelligence programs. The NIP budget was approximately $62.7B in FY2023 (the most recent publicly disclosed figure); the MIP adds roughly $23–28B, bringing the combined IC budget to approximately $85–90B annually. These figures are among the few aspects of the intelligence budget that are publicly disclosed — the breakdown by agency and program remains classified.
How was the 70% contractor figure derived?
The 70%+ figure comes primarily from two sources: aggregate budget disclosures from the Office of the Director of National Intelligence, and investigative reporting by Dana Priest and William Arkin of the Washington Post in the "Top Secret America" series (2010). Priest and Arkin built a database of more than 1,900 private companies working on top-secret intelligence contracts and counted more than 850,000 people with top-secret clearances — roughly 265,000 of whom were private contractors. ODNI's own workforce data, when combined with budget allocation analysis, produces contractor share estimates in the 68–73% range. The precise figure varies by how "contractor spending" is defined (prime contracts only, or including subcontractor tiers; operating versus capital), but the 70% figure has been consistently cited by ODNI, academic researchers, and congressional sources since 2010 and has not been materially challenged.
Why does the government keep hiring contractors instead of government employees?
The most important reason is not often discussed: FTE ceilings. Congress sets limits on the number of full-time equivalent government employees each agency can employ. These ceilings were established as part of budget control efforts dating to the 1990s downsizing. Contractor employees do not count against FTE ceilings. This means that an IC agency that needs 200 more analysts can hire them as contractors without congressional approval — whereas adding 200 government positions requires an act of Congress. This structural feature makes contractors a budget flexibility tool that is almost impossible for agencies to give up. Secondary reasons include: speed to hire (cleared contractors can be on-boarded in 60–90 days vs. 12–24 months for a new-hire clearance), specialized technical skills that government salary scales cannot attract, and genuine surge capacity for contingency operations.
What are the polygraph requirements for IC contractor work?
IC contractors are subject to the same polygraph requirements as government employees performing equivalent functions. The standard TS/SCI adjudication process typically includes a lifestyle polygraph (questions about criminal history, drug use, foreign contacts, and financial integrity). For access to more sensitive compartments — particularly NSA-related SIGINT, special access programs, and cyber operations — a full scope polygraph (also called a counterintelligence polygraph) is required. This polygraph includes all lifestyle questions plus counterintelligence questions about foreign recruitment attempts, unauthorized disclosure of classified information, and espionage. Full scope poly requirements significantly narrow the eligible workforce and correspondingly increase compensation for those who hold the relevant accesses. Some IC programs require periodic re-poly (typically every 5 years).
What happened with JEDI and the DoD cloud contracts?
The Joint Enterprise Defense Infrastructure (JEDI) was a $10B, 10-year cloud contract that DoD awarded to Microsoft in October 2019. Amazon Web Services immediately protested, alleging political interference from the Trump White House (which had a publicly adversarial relationship with Amazon founder Jeff Bezos). The Government Accountability Office and federal courts found merit in some of Amazon's protest claims. JEDI was ultimately cancelled in July 2021 after years of litigation that prevented any meaningful performance. DoD replaced JEDI with the Joint Warfighter Cloud Capability (JWCC), a multi-vendor contract awarded in December 2022 to Microsoft, AWS, Google, and Oracle with a combined ceiling of $9B. The years of delay on JEDI are estimated to have cost the government hundreds of millions in deferred modernization and program management costs, though an official estimate has not been publicly released.
As a separating military member with a clearance, what should I know about the contractor market?
Your clearance is portable, valuable, and time-sensitive. The government invested $100K+ to create it. Contractors will pay a premium to acquire it — typically $15K–$30K in signing bonuses plus 50–100% higher base salaries than equivalent GS positions. The most valuable clearances are active TS/SCI with compartments (particularly SIGINT, cyber/CNO, or special access program access), lifestyle or full scope polygraph on record, and recent use (cleared employees who haven't accessed classified information in 2+ years can face re-adjudication). The most in-demand military separatees for IC contractors are: 35N (SIGINT analyst), 35Q (cryptologic), 35P (linguist), 17C (cyber), Air Force 1N-series, and Navy Intel officers. You should start conversations with contractors 6–12 months before your ETS date, because the clearance handoff process requires planning. Be aware: once you are in the contractor ecosystem, it is very difficult to return to government service at an equivalent level — government pay cannot match what contractors offer.
Explore More
Sources and methodology: Intelligence community budget figures from ODNI aggregate budget disclosures (FY2013–FY2023), available at dni.gov. The 70%+ contractor share derived from ODNI workforce data and Dana Priest and William Arkin, “Top Secret America,” Washington Post, July 19–21, 2010. Booz Allen Hamilton, Leidos, SAIC, CACI, and ManTech revenue from company 10-K annual filings (SEC EDGAR). Black Budget details from Barton Gellman and Greg Miller, Washington Post, August 29, 2013 (based on documents provided by Edward Snowden). JEDI procurement history from GAO protests B-417415 and DoD IG report DODIG-2020-078. Snowden salary and access scope from Snowden's own public statements, Guardian and Washington Post reporting (June 2013), and subsequent congressional testimony by NSA officials. OPM/DCSA clearance process data from OPM annual reports and PCRB (Personnel Vetting Transformation) public documentation. GS pay scales from OPM.gov. Contractor compensation ranges aggregated from ClearanceJobs.com salary surveys, Glassdoor and LinkedIn Salary Insights data, and publicly posted IC contractor job descriptions. Revolving door examples from POGO revolving door database (pogo.org), public company announcements, and press reporting. All named individuals cited from public record. No classified information is described, implied, or sourced in this document. All information derives from public sources.