HR5000-119

Reported

Cybersecurity Hiring Modernization Act

119th Congress Introduced Aug 19, 2025

Summary

What This Bill Does

This bill changes how federal agencies may use education requirements for cybersecurity hiring. For covered cybersecurity positions, agencies may prescribe a minimum education requirement only when a state, locality, or federal law requires it. Agencies may consider education as a minimum qualification only when the education directly reflects the competencies necessary to perform the job. Covered positions include the GS-2210 information technology management series and positions identified under the NICE cybersecurity workforce framework.

The bill also adds transparency requirements for the Office of Personnel Management. OPM must publish changes to federal qualification standards for covered cybersecurity positions and publish annual aggregate data on the educational attainment of people serving in those jobs. The policy goal is to reduce degree-based barriers that do not map to cybersecurity competencies while still allowing legally required or competency-specific education standards.

Who Benefits and How

Cybersecurity job applicants without four-year degrees benefit because agencies have less room to use broad education screens that do not directly match job competencies. Federal cybersecurity offices benefit from a larger talent pool for GS-2210 and NICE-framework positions. Federal hiring managers benefit from clearer rules tying education to job skills instead of generic degree requirements. Veterans, apprentices, and experienced cybersecurity workers benefit if practical skills count more than formal credentials. OPM qualification standards staff benefit from a clearer statutory instruction for cybersecurity classifications.

Who Bears the Burden and How

Federal agency human-resources offices must review cybersecurity vacancy announcements and minimum qualifications for compliance. OPM staff must publish qualification-standard changes and annual education-attainment data. Agencies that prefer degree-based screening bear an administrative burden because they must justify education requirements through law or direct competency relevance. University and credentialing programs may lose some hiring leverage if federal cybersecurity roles rely less on broad degree requirements. Inspectors general and congressional workforce committees may face oversight work reviewing agency compliance.

Key Provisions

  • Limits minimum education requirements for covered federal cybersecurity positions to legally required or competency-specific cases.
  • Requires education used as a minimum qualification to directly reflect job competencies.
  • Applies the rule to GS-2210 information technology management jobs and NICE-framework cybersecurity positions.
  • Requires OPM to publish qualification-standard changes for covered cybersecurity positions.
  • Requires OPM to publish annual aggregate educational-attainment data for covered cybersecurity employees.

Evidence Chain:

This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers with clause-level evidence links.

At a Glance

What This Bill Does

Restricts federal agencies from using minimum education requirements for covered cybersecurity jobs unless law requires them or the education directly reflects job competencies, and requires OPM to publish cybersecurity qualification-standard changes and annual education-attainment data.

Key Policy Areas

Federal Workforce, Cybersecurity, Civil Service, Hiring

Primary Purpose

Restricts federal agencies from using minimum education requirements for covered cybersecurity jobs unless law requires them or the education directly reflects job competencies, and requires OPM to publish cybersecurity qualification-standard changes and annual education-attainment data.

Policy Domains

Federal Workforce Cybersecurity Civil Service Hiring

House resolution provisions

Identified Gains
  • Cybersecurity job applicants without four-year degrees
  • Federal cybersecurity offices
  • Federal hiring managers
  • Veterans with cybersecurity experience
  • Cybersecurity apprentices
  • OPM qualification standards staff
Model: codex-gpt-5 | Version: bill_summary_v2 | Source: ih
Federal hiring managers:
Cybersecurity apprentices:
Federal cybersecurity offices:
OPM qualification standards staff:
Veterans with cybersecurity experience:
Cybersecurity job applicants without four-year degrees:
Identified Costs
  • Federal agency human-resources offices
  • OPM data reporting staff
  • Agencies preferring degree-based screening
  • University cybersecurity credential programs
  • Inspectors general
  • Congressional workforce committees
Model: codex-gpt-5 | Version: bill_summary_v2 | Source: ih
Inspectors general:
OPM data reporting staff:
Congressional workforce committees:
Federal agency human-resources offices:
Agencies preferring degree-based screening:
University cybersecurity credential programs:

Legislative Progress

Reported
Introduced Committee Passed
Feb 4, 2026

Ordered to be Reported (Amended) by the Yeas and Nays: …

Feb 4, 2026

Committee Consideration and Mark-up Session Held

Aug 19, 2025

Ms. Mace (for herself and Ms. Brown) introduced the following …

Aug 19, 2025

Referred to the House Committee on Oversight and Government Reform.

Aug 19, 2025

Introduced in House

Stakeholder Effects

cui bono?

How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.

Government
3 mentions across 1 clause
+1 positive -2 negative

Federal agency hiring officials, Federal cybersecurity offices, OPM qualification standards staff

Positive-direction: Federal cybersecurity offices

Negative-direction: Federal agency hiring officials, OPM qualification standards staff

Labor
1 mention across 1 clause
+1 positive

Cybersecurity job applicants without four-year degrees

Education
1 mention across 1 clause
-1 negative

University cybersecurity credential programs

1/2
sections analyzed
Full impact breakdown

Bill Structure & Actor Mappings

Who is "The Secretary" in each section?

Domains
Federal Workforce Cybersecurity Civil Service Hiring
Actor Mappings
"opm"
→ Office of Personnel Management
"nice"
→ National Initiative for Cybersecurity Education

We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.

Learn more about our methodology