Cybersecurity Hiring Modernization Act
Summary
What This Bill Does
This bill changes how federal agencies may use education requirements for cybersecurity hiring. For covered cybersecurity positions, agencies may prescribe a minimum education requirement only when a state, locality, or federal law requires it. Agencies may consider education as a minimum qualification only when the education directly reflects the competencies necessary to perform the job. Covered positions include the GS-2210 information technology management series and positions identified under the NICE cybersecurity workforce framework.
The bill also adds transparency requirements for the Office of Personnel Management. OPM must publish changes to federal qualification standards for covered cybersecurity positions and publish annual aggregate data on the educational attainment of people serving in those jobs. The policy goal is to reduce degree-based barriers that do not map to cybersecurity competencies while still allowing legally required or competency-specific education standards.
Who Benefits and How
Cybersecurity job applicants without four-year degrees benefit because agencies have less room to use broad education screens that do not directly match job competencies. Federal cybersecurity offices benefit from a larger talent pool for GS-2210 and NICE-framework positions. Federal hiring managers benefit from clearer rules tying education to job skills instead of generic degree requirements. Veterans, apprentices, and experienced cybersecurity workers benefit if practical skills count more than formal credentials. OPM qualification standards staff benefit from a clearer statutory instruction for cybersecurity classifications.
Who Bears the Burden and How
Federal agency human-resources offices must review cybersecurity vacancy announcements and minimum qualifications for compliance. OPM staff must publish qualification-standard changes and annual education-attainment data. Agencies that prefer degree-based screening bear an administrative burden because they must justify education requirements through law or direct competency relevance. University and credentialing programs may lose some hiring leverage if federal cybersecurity roles rely less on broad degree requirements. Inspectors general and congressional workforce committees may face oversight work reviewing agency compliance.
Key Provisions
- Limits minimum education requirements for covered federal cybersecurity positions to legally required or competency-specific cases.
- Requires education used as a minimum qualification to directly reflect job competencies.
- Applies the rule to GS-2210 information technology management jobs and NICE-framework cybersecurity positions.
- Requires OPM to publish qualification-standard changes for covered cybersecurity positions.
- Requires OPM to publish annual aggregate educational-attainment data for covered cybersecurity employees.
Evidence Chain:
This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers with clause-level evidence links.
At a Glance
What This Bill Does
Restricts federal agencies from using minimum education requirements for covered cybersecurity jobs unless law requires them or the education directly reflects job competencies, and requires OPM to publish cybersecurity qualification-standard changes and annual education-attainment data.
Key Policy Areas
Federal Workforce, Cybersecurity, Civil Service, Hiring
Primary Purpose
Restricts federal agencies from using minimum education requirements for covered cybersecurity jobs unless law requires them or the education directly reflects job competencies, and requires OPM to publish cybersecurity qualification-standard changes and annual education-attainment data.
Policy Domains
House resolution provisions
Identified Gains
- Cybersecurity job applicants without four-year degrees
- Federal cybersecurity offices
- Federal hiring managers
- Veterans with cybersecurity experience
- Cybersecurity apprentices
- OPM qualification standards staff
Identified Costs
- Federal agency human-resources offices
- OPM data reporting staff
- Agencies preferring degree-based screening
- University cybersecurity credential programs
- Inspectors general
- Congressional workforce committees
Sponsors
Legislative Progress
ReportedOrdered to be Reported (Amended) by the Yeas and Nays: …
Committee Consideration and Mark-up Session Held
Ms. Mace (for herself and Ms. Brown) introduced the following …
Referred to the House Committee on Oversight and Government Reform.
Introduced in House
Stakeholder Effects
cui bono?How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.
Federal agency hiring officials, Federal cybersecurity offices, OPM qualification standards staff
Positive-direction: Federal cybersecurity offices
Negative-direction: Federal agency hiring officials, OPM qualification standards staff
Bill Structure & Actor Mappings
Who is "The Secretary" in each section?
- "opm"
- → Office of Personnel Management
- "nice"
- → National Initiative for Cybersecurity Education
We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.
Learn more about our methodology