English 
Português 
Español 
The United States faces a chronic shortage of cybersecurity professionals. In March 2026, data from CyberSeek indicated more than 514,000 open positions in the sector, with a fill rate of only 74%-meaning one in every four positions remains vacant. For Brazilian and Portuguese-speaking professionals in the field, this scenario opens a concrete immigration pathway: the EB-2 NIW (National Interest Waiver), a green card category that waives the job offer requirement and allows for direct self-petition to USCIS.
Cybersecurity is not only a lucrative career-with a median salary of $103,700 in 2026-but also a role classified by the U.S. government as essential to national security. Understanding why this classification exists and how to translate it into immigration evidence is the first step toward solid planning.
Why the U.S. Needs You
The Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, classifies cybersecurity as a pillar of the defense of America’s critical infrastructure. This designation covers three strategic fronts that directly affect the lives of millions of people.
The first is the protection of critical infrastructure. Power grids, banking systems, hospitals, water treatment plants, and air traffic control all depend on professionals who prevent and respond to attacks. A successful incident against any of these systems can paralyze entire cities. Professionals working on this front line perform a function of unequivocal national interest.
The second front is defense against state-sponsored threats. Government agencies and strategic institutions are permanent targets of digital espionage and sabotage by state and non-state actors. Specialists in threat intelligence, incident response, and government systems security play a direct role in the country’s sovereignty.
The third is the stability of the digital economy. The American economy is highly digitized, and protection against ransomware, financial fraud, intellectual property theft, and data breaches is vital to maintain market confidence and business continuity.
The EB-2 NIW Pathway
The EB-2 NIW is an employment-based green card category that allows professionals to self-petition, without the need for a sponsoring employer or labor certification (PERM). The evaluation follows the Dhanasar framework, established by USCIS in 2016, which applies three cumulative criteria.
The first criterion requires that the proposed endeavor has substantial merit and national importance. For cybersecurity professionals, protecting critical infrastructure, financial systems, or government data directly meets this requirement-the impact transcends any individual company and affects the security of the country as a whole.
The second criterion assesses whether the petitioner is well positioned to advance the endeavor. This includes academic background, professional certifications, track record in relevant projects, technical publications, conference presentations, and recommendation letters from industry leaders.
The third criterion weighs whether, on balance, it is beneficial for the United States to waive the job offer requirements. The shortage of 514,000 professionals and the area’s classification as critical by DHS substantially strengthen this argument.
Evidence That Strengthens the Petition
Building a strong case depends on documentary evidence that demonstrates concrete impact. For cybersecurity professionals, the most relevant categories include:
- High-level certifications: CISSP, CISM, CEH, OSCP, GCIH, and similar credentials demonstrate internationally recognized technical qualifications
- Experience in critical infrastructure sectors: experience protecting financial, energy, healthcare, or government systems
- Participation in response to significant incidents or discovery of major vulnerabilities (published CVEs, high-impact bug bounties)
- Technical publications, presentations at conferences such as DEF CON, Black Hat, RSA Conference, or BSides
- Recommendation letters from security executives (CISOs, CTOs) or technical leaders attesting to the professional’s critical role
- Contributions to open source security projects or tools widely adopted by the industry
For offensive security professionals (pentesting, red team), this work is equally valued. The proactive identification of vulnerabilities before malicious actors exploit them is considered an essential component of any robust national defense strategy.
Costs and Timelines in 2026
| Item | Amount (USD) |
|---|---|
| I-140 (EB-2 NIW petition) | $715 |
| Asylum Program Fee (self-petition) | $300 |
| Premium processing (I-907, optional) | $2,965 |
| I-485 (adjustment of status, if in the U.S.) | $1,440 |
| DS-260 (consular processing) | $325 |
Standard processing for the I-140 for EB-2 NIW takes between 8 and 14 months as of April 2026. Premium processing, with a fee of $2,965 effective since March 2026, guarantees USCIS action within 45 business days. This action may be approval, denial, request for additional evidence (RFE), or fraud investigation-therefore, it is not a guarantee of approval.
Frequently Asked Questions
Do I need to have worked in government?
No. Protecting a large bank against ransomware, ensuring the security of an e-commerce platform with millions of users, or developing security solutions adopted by multiple organizations are all activities of national interest. Work in the private sector in any area of critical infrastructure is extremely relevant for the EB-2 NIW.
Does the shortage of professionals help?
Yes. Although the EB-2 NIW is not a program to fill vacancies, the fact that cybersecurity is recognized as a field with a critical talent shortage-with 26% of positions permanently vacant-reinforces the argument that the professional’s presence in the U.S. would be beneficial to the country. This data especially strengthens the third criterion of the Dhanasar framework.
Is offensive security accepted?
Yes, and it is highly valued. Pentesting, red team, and vulnerability research professionals who identify flaws before attackers exploit them play a role recognized as crucial to the national security posture. Certifications such as OSCP, OSCE, and documented experience in bug bounty programs strengthen the case.
Learn more about EB-2 NIW
- Category
- EB-2 NIW Green Card
- Self-petition
- Allowed (no sponsor needed)
- PERM
- Waived
- Processing
- 12-36 months
Victoria Harper
Editor-in-Chief
Leading journalism and editorial content at Visto n’ Visa, Victoria helps make immigration topics clear, trustworthy, and easy to understand. Her focus is on delivering useful, human, and relevant content for people exploring new paths abroad.
