Cybersecurity Hiring Modernization Act

Bill Summary: H.R. 5000 – Cybersecurity Hiring Modernization Act

Overview

The Cybersecurity Hiring Modernization Act aims to modernize the federal government's approach to recruiting cybersecurity talent. The bill seeks to reduce reliance on traditional educational degrees as a prerequisite for hiring, instead prioritizing practical competencies and skill-based qualifications for specific technical roles within the competitive service.

Main Purpose and Intent

The primary goal of the bill is to broaden the talent pool for federal cybersecurity positions. By limiting the ability of agencies to mandate degrees unless legally required, the bill recognizes that cybersecurity expertise is often acquired through certifications, specialized training, and professional experience rather than traditional four-year academic degrees.

Key Provisions

The bill amends Title 5 of the United States Code to implement the following changes:

1. Restrictions on Educational Requirements

For "covered positions," federal agencies are restricted in how they use education as a hiring criterion:
* Minimum Requirements: An agency may only prescribe a minimum educational requirement if that qualification is required by law to perform the duties in the state or locality where the position is located.
* Evaluation of Candidates: Education can only be considered as a means of satisfying a minimum qualification if the candidate's education directly reflects the competencies necessary to perform the duties of the position.

2. Definition of "Covered Positions"

The restrictions apply to specific roles, including:
* Positions in the competitive service classified under the GS-2210 Information Technology Management series (or its successors).
* Any other competitive service position designated as "cybersecurity" under the NICE Cybersecurity Workforce Framework (NIST Special Publication 800–181) or a successor framework.

3. Transparency and Reporting

To ensure accountability, the Office of Personnel Management (OPM) must:
* Publish all changes made to minimum educational qualification standards for these positions on its website.
* Provide annual aggregate data on the educational attainment levels of all new hires (accessions) for covered positions, sorted by classification. This reporting must begin within one year of the Act's enactment.

Affected Parties

• Federal Agencies: Hiring managers and HR departments will need to shift their evaluation processes from degree-centric models to competency-based models.
• Job Seekers: Individuals with non-traditional backgrounds (e.g., bootcamp graduates, self-taught experts, or those with industry certifications but no degree) will have greater access to competitive service cybersecurity roles.
• Office of Personnel Management (OPM): Tasked with updating standards and maintaining public data on hiring trends.

Procedural Status

• Introduced: August 19, 2025.
• Committee Action: The bill was referred to the House Committee on Oversight and Government Reform.
• Recent Progress: On February 4, 2026, the committee held a mark-up session and ordered the bill to be reported (amended) with a unanimous vote of 44-0, indicating strong bipartisan support.