CYBERSECURITY JOB HUNTING GUIDE
Working in the US
includes remote work/internship for a US company as a non US citizen
Author: Stefan Waldvogel
Things you need to know about moving to the US
The citizenship problem
If you want to work or an internship in the US in Cybersecurity, you might need a Green Card, and many times this is not enough. A lot of jobs require US citizenship. Do you want to work as a penetration tester? I would say >90% need US citizenship, and if a company can pick the employee, they will choose someone with US citizenship. Many times, you cannot have dual citizenship for these jobs. It is tough to gain trust if you are not a US citizen. Some countries have security agreements with each other. UK, Australia, and the US are close together.
The blue side is better, but not much. Here, you need a Green Card to get a call for an interview. Green Cards are very hard to get, and if you live in India, it is nearly impossible. 2019, the US issued 26,000 employment-based Green Cards. This number is tiny and the waiting time to get a Green Card is up to 50 (fifty) years.
Visa/work permit?
You can work as a foreigner in the US, but you need a visa. One popular visa is H1B. To get such a visa, you have to find a company that sponsors this visa. The company has to prove different things, but the main point is that you are very highly qualified, and every unemployed US citizen cannot do this job.
Do you want an idea how worse it is?
The situation in entry-level can look like this: 847 people apply for two open positions.
You find some stats here: www.linkedin.com/posts/micmerritt_cybersecurityanalyst-incidentresponse-activity-6798975377575415808-L3Eh
Most likely, you see the issue. If you want a Cybersecurity related H1B, your level must be world-class. Do you have a master's in Cybersecurity? That is nothing... too many unemployed US citizens have a master's in this field.
The alternative way
Cybersecurity is vast, and there are many jobs without this restriction. One example: If your English is excellent, you can work as an educator or Cybersecurity teacher. My Cybersecurity professor at the Community College was Turkish. This way works. In the US, we have few educators, and therefore some companies, schools, etc., will sponsor a visa/work permit. Find the “garbage” jobs in Cybersecurity. Remember, you only get a visa/work permit if the company cannot fill a position with US citizens. The company has to prove this and pay a high application fee. Then, the USCIS (US immigration service) has stringent rules and will scrutinize the application. If USCIS gives a green light, follow many rules with an interview at the end.
Many people are with a special visa in the US. Most visas have stringent rules, but you may live here. If you are in the US, it is easier to get a full work permit because most companies do not hire you if you are not in the States. It has something to do with trust, and it is expensive for the company; it has political reasons, and the paperwork with tax, etc., is complicated.
Sometimes I get messages like: “I am in Country x, can you find me an internship or job in country y?” This way does not work and cannot work because of legal reasons. Stick to the official path and do your homework.
Exceptions to the rule (remote working for a US company)
Generally, US companies do not offer remote work/internships for non-US citizens in Cybersecurity. This is often related to trust and has to do with paperwork (laws), but there are some exceptions. Very few companies like BHIS and Crowdstrike sometimes hire internationals and pay US salaries.
If you want such a job... you compete against hundreds or more people. You have to stand out like a diamond.
-> Never send a message like: "I want an internship in Cybersecurity, can you give me one?" The reason is, out of these hundreds of people, most bring something to the table, and if you just want something... you are out because you have nothing to offer. Show what you did and try everything to stand out. If you say: "I am a hard worker," that is fine, but a lot of people say it... you must prove it because others do.
If you want to work or an internship in the US in Cybersecurity, you might need a Green Card, and many times this is not enough. A lot of jobs require US citizenship. Do you want to work as a penetration tester? I would say >90% need US citizenship, and if a company can pick the employee, they will choose someone with US citizenship. Many times, you cannot have dual citizenship for these jobs. It is tough to gain trust if you are not a US citizen. Some countries have security agreements with each other. UK, Australia, and the US are close together.
The blue side is better, but not much. Here, you need a Green Card to get a call for an interview. Green Cards are very hard to get, and if you live in India, it is nearly impossible. 2019, the US issued 26,000 employment-based Green Cards. This number is tiny and the waiting time to get a Green Card is up to 50 (fifty) years.
Visa/work permit?
You can work as a foreigner in the US, but you need a visa. One popular visa is H1B. To get such a visa, you have to find a company that sponsors this visa. The company has to prove different things, but the main point is that you are very highly qualified, and every unemployed US citizen cannot do this job.
Do you want an idea how worse it is?
The situation in entry-level can look like this: 847 people apply for two open positions.
You find some stats here: www.linkedin.com/posts/micmerritt_cybersecurityanalyst-incidentresponse-activity-6798975377575415808-L3Eh
Most likely, you see the issue. If you want a Cybersecurity related H1B, your level must be world-class. Do you have a master's in Cybersecurity? That is nothing... too many unemployed US citizens have a master's in this field.
The alternative way
Cybersecurity is vast, and there are many jobs without this restriction. One example: If your English is excellent, you can work as an educator or Cybersecurity teacher. My Cybersecurity professor at the Community College was Turkish. This way works. In the US, we have few educators, and therefore some companies, schools, etc., will sponsor a visa/work permit. Find the “garbage” jobs in Cybersecurity. Remember, you only get a visa/work permit if the company cannot fill a position with US citizens. The company has to prove this and pay a high application fee. Then, the USCIS (US immigration service) has stringent rules and will scrutinize the application. If USCIS gives a green light, follow many rules with an interview at the end.
Many people are with a special visa in the US. Most visas have stringent rules, but you may live here. If you are in the US, it is easier to get a full work permit because most companies do not hire you if you are not in the States. It has something to do with trust, and it is expensive for the company; it has political reasons, and the paperwork with tax, etc., is complicated.
Sometimes I get messages like: “I am in Country x, can you find me an internship or job in country y?” This way does not work and cannot work because of legal reasons. Stick to the official path and do your homework.
Exceptions to the rule (remote working for a US company)
Generally, US companies do not offer remote work/internships for non-US citizens in Cybersecurity. This is often related to trust and has to do with paperwork (laws), but there are some exceptions. Very few companies like BHIS and Crowdstrike sometimes hire internationals and pay US salaries.
If you want such a job... you compete against hundreds or more people. You have to stand out like a diamond.
-> Never send a message like: "I want an internship in Cybersecurity, can you give me one?" The reason is, out of these hundreds of people, most bring something to the table, and if you just want something... you are out because you have nothing to offer. Show what you did and try everything to stand out. If you say: "I am a hard worker," that is fine, but a lot of people say it... you must prove it because others do.
© 2021. This work is licensed under a CC BY-SA 4.0 license