EB-2 NIW · Profession Guide
EB-2 NIW for Cybersecurity engineers: AAO Data, Denial Patterns & Evidence
How cybersecurity engineers can establish the critical-infrastructure link AAO routinely demands under Dhanasar prong one.
Based on 6,362 real USCIS AAO decisions · Last updated May 2026
Short answer
Across 156 Cybersecurity Engineer AAO decisions in our corpus, 8.3% were approved on appeal, 80.8% were denied, and 10.9% were remanded. The single most common denial reason for cybersecurity engineers is “Critical infrastructure link unclear.” AAO rates are lower than first-pass USCIS rates because these cases were already denied at least once.
AAO outcomes for cybersecurity engineers (156 decisions)
Read this carefully: AAO numbers reflect petitions that were already denied at least once and appealed. First-pass USCIS approval rates are substantially higher. Use these figures to understand which arguments USCIS finds insufficient at the highest scrutiny level.
Why cybersecurity engineers get denied at AAO
Most common AAO denial reason in this bucket:
Critical infrastructure link unclear
AAO denials in this bucket consistently fault petitions that describe security work in product-vendor terms ("hardened our SaaS application") rather than in critical-infrastructure terms (energy, finance, healthcare, defense, government). The technical work is often identical; the framing decides the case.
What strong cybersecurity engineer petitions tend to include
These are the evidence types that recur in approved Cybersecurity Engineer cases. Not every approved petition has all of them, but petitions missing several typically struggle at AAO.
- 1CVEs published with your name, ranked by CVSS score and downstream advisories (CISA, MITRE)
- 2Direct work on Sector-Specific Plans, ICS-CERT advisories, or DHS/CISA programs
- 3Refereed publications at S&P, USENIX Security, CCS, NDSS, with citation evidence
- 4CTF / bug-bounty leaderboard rankings on platforms with public scoreboards
- 5Open-source security tooling adoption metrics (GitHub stars, package install counts)
- 6Independent expert letters from security researchers at non-vendor institutions
How cybersecurity engineer cases fit the Dhanasar three-prong test
The Dhanasar framework asks USCIS to evaluate three things together: substantive merit, your positioning to advance the work, and whether waiving the labor cert makes sense on balance. Here is how the prongs typically frame for cybersecurity engineers.
Prong 1 — Substantive merit and national importance
Anchor in critical-infrastructure protection — energy, finance, healthcare, election security, defense supply chain.
Prong 2 — Well-positioned to advance the proposed endeavor
CVEs and refereed publications carry more weight than vendor certifications for this bucket.
Prong 3 — On balance, waiver is in the national interest
Argue waiver because incident-response timelines and threat-actor cycles do not survive labor-cert delays.
What approved Cybersecurity Engineer profiles look like
Published CVEs + refereed publications or open-source tooling adoption + a critical-infrastructure framing tied to specifics.
This is a composite based on patterns across 156 AAO decisions — not any single case. Your specific profile may clear with less, or struggle with more, depending on framing.
Run a personalized Cybersecurity Engineer case analysis
Aggregate data tells you what AAO has rejected for cybersecurity engineers. A $10 ai case review tells you which of those failure modes your profile is closest to — prong by prong, with the five most-similar AAO cases pulled directly from the same 6,362-decision corpus.
One-time payment, no subscription. Greenway AI is a data + document-generation platform, not a law firm; nothing here is legal advice.