Cybersecurity Hiring Modernization Act

This bill pushes federal agencies to hire cybersecurity workers based on skills, not just degrees. For most federal cyber jobs, agencies can only require a certain level of education if a law in that state or local area says it’s needed. Otherwise, education can only count if it clearly matches the real skills needed for the job. It also requires the Office of Personnel Management to post yearly updates about any changes to education standards for these jobs and share data on the education levels of new hires. The rules cover common federal IT/cyber roles, including the GS-2210 IT management series and other jobs labeled “cybersecurity” under the NICE framework.

What this means for people: more chances to get government cyber jobs if you have the right skills, even without a specific degree. What this means for agencies: clearer, skills-based hiring and more transparency about who they hire.

• Who is affected: Federal agencies hiring for competitive-service cybersecurity roles; job seekers for those roles.
• What changes: Degrees can be required only when local law demands it; education counts only if it directly reflects needed competencies; OPM must publish changes and annual education data on new hires.
• When: Within one year after the law takes effect, and then every year after that, OPM must post updates and data.