This guide is all about how cybersecurity professionals can get a security clearance. Security clearances are an important facet of working in the cybersecurity industry and this guide will outline the different kinds of security clearances, what kinds of jobs require security clearances, and the process to follow to get a security clearance.
For the purposes of this article, a security clearance is an official determination that an individual may access some level of classified information, as determined by an agency of the United States government.
cybersecurityguide.org is an advertising-supported site. Clicking in this box will show you programs related to your search from schools that compensate us. This compensation does not influence our school rankings, resource guides, or other information published on this site.
Featured Cybersecurity Training
|School Name||Program||More Info|
|UC Berkeley||Berkeley Cybersecurity Boot Camp||website|
|Southern New Hampshire University||Online BS in Cybersecurity or Online MS in Cybersecurity||website|
|St. Mary's University of Minnesota||Cybersecurity Graduate Certificate||website|
|Syracuse University||MS in Cybersecurity | Complete in 15 Months||website|
|Northwestern||Northwestern Cybersecurity Boot Camp||website|
|University of Arizona||University of Arizona Coding Boot Camp||website|
Security clearance overview
Everyone employed by the United States federal government undergoes a basic background investigation of their criminal and credit histories. This ensures that all federal employees are “reliable, trustworthy, of good conduct and character, and of complete and unswerving loyalty to the United States.”
Additionally, federal employment positions that include access to sensitive information require a security clearance. This includes individuals employed by private firms in the capacity of a contractor for the federal government. This clearance must be obtained to determine the applicant’s trustworthiness and reliability before granting them access to national security information.
Security clearances are structured in a hierarchical manner with each designation indicating the maximum level of classified information that may be accessed by the clearance holder. From least restrictive to most restrictive the classification levels are:
- Confidential This type of security clearance provides access to information that may cause damage to national security if disclosed without authorization. It must be reinvestigated every 15 years.
A confidential clearance requires a National Agency Check with Local Agency Check and Credit Check (NACLC).
- Secret This type of security clearance provides access to information that may cause serious damage to national security if disclosed without authorization. It must be reinvestigated every 10 years.
A secret clearance requires a NACLC and a Credit investigation; it must also be re-investigated every 10 years. Investigative requirements for Department of Defense (DoD) clearances, which apply to most civilian contractor situations, are contained in the Personnel Security Program issuance known as DoD Regulation 5200.2-R, at part C3.4.2.
- Top Secret (TS) This type of security clearance provides access to information that may cause exceptionally grave damage to national security if disclosed without authorization. It must be reinvestigated every five years.
Top Secret is a more stringent clearance. A TS clearance is often given as the result of a Single Scope Background Investigation, (SSBI). TS clearances, in general, afford one access to data that affects national security, counterterrorism/counterintelligence, or other highly sensitive data. There are far fewer individuals with TS clearances than Secret clearances. In most instances, an individual with Top Secret clearance undergoes a reinvestigation every five years.
Having obtained a certain level of security clearance does not mean that the clearance holder automatically has access to or is given access to information cleared for that clearance level. In order to legally handle classified information, the clearance holder must have a clear “need to know” in addition to the appropriate level of clearance for the information. Need to know is generally determined by a disclosure officer assigned to the office of origin for the classified information.
There are also two categories of classified information that require additional handling and access restrictions:
- Sensitive compartmented information (SCI), which includes intelligence sources, methods, and processes.
As with a TS clearance, a SCI clearance is assigned only after the candidate has been through the rigors of an SSBI and a special adjudication process for evaluating the investigation. SCI access, however, is assigned only in “compartments”. These compartments are necessarily separated from each other with respect to the organization so that an individual with access to one compartment will not necessarily have access to another. Each compartment may include its own additional special requirements and clearance process. An individual may be granted access to, or read into, a compartment for any period of time.
- Special access programs (SAPs), which are highly sensitive projects and programs.
The DoD establishes SAPs when the vulnerability of specific information is considered exceptional and the normal rules for determining eligibility for access are not considered sufficient to protect the information. SAPs are typically employed to enhanced security measures that strictly enforce need-to-know. The number of people cleared for access to such programs is typically kept low. Information about new military technology, for example, frequently requires such special access.
These special categories are for classified information that has been deemed particularly vulnerable, and eligibility standards and investigative requirements for access to SCI and SAPs clearances are higher than for other clearances.
Security clearances are active only for the time when an individual holds the original job for which the clearance was designated. A clearance holder may be re-investigated at any time, but a formal review is required after the prescribed number of years.
A clearance may be reactivated in certain cases without going through the entire investigative process again. However, the break in the candidate’s employment must be less than two years and the original investigation cannot be more than 5, 10, or 15 years old for the top secret, secret, and confidential categories, respectively.
History of security clearances
The authority for classifying information and granting security clearances to access that information is found in Executive Orders (EOs) and US federal law. The origins of security clearances can be traced back to the Pendleton Act of 1883 which required applicants for federal employment to possess the requisite character, reputation, trustworthiness, and fitness for employment.
In 1941, Executive Order 8781 provided for the requirement that all federal employees be fingerprinted and investigated by the FBI and in 1948 the DoD unified the military security program and implemented standards and procedures similar to those put into effect for civilians under E.O. 9835.
Executive Order 10450 (1953) superseded E.O. 9835 and required investigations of federal employees to ascertain their reliability, trustworthiness, good conduct and character, and loyalty to the United States. It required that employment be “clearly consistent with the interest of national security.”
Jobs that require a security clearance
Many federal agencies and federal contractors working with those agencies necessarily require their employees to hold security clearances in order to do their job.
The need for a security clearance is dictated by a necessity to handle sensitive or classified information rather than a specific job description.
- Central Intelligence Agency
- Homeland Security
- Defense Intelligence Agency
- Office of National Security Intelligence
- Drug Enforcement Administration
- Federal Bureau of Investigation
- National Geospatial-Intelligence Agency
- National Reconnaissance Office
Anyone having access to classified data requires clearance at or higher than the level at which the data they must handle is classified. For this reason, security clearances are required for a wide range of jobs, from senior management to janitorial. Positions that may require a security clearance include secretaries, security officers, librarians, system administrators, and computer-support personnel who have access to classified documents or systems.
The December 2017 United States Government Accountability Office (GAO) Report to Congress states, “As of October 1, 2015, the latest date for which data are available, approximately 4.2 million government and contractor employees, at nearly 80 executive branch agencies, were eligible to hold a security clearance.”
The process for obtaining a security clearance
Before the process for obtaining a security clearance can even begin there must exist a verifiable need for the individual seeking the clearance to hold one. While companies with contracts or grants with the federal government may require employees to have a security clearance, no company without a contract with the federal government can independently seek a security clearance.
Only people employed by a federal agency or federal contractor can obtain a security clearance.
The scope of the background investigation needed depends on the position’s requirements as well as the level of security clearance needed for the position. This process can take several months or up to a year depending on the backlog, need for more information, depth of the investigation process and other factors.
Executive Order 10450 states in part, “The scope of the investigation shall be determined… according to the degree of adverse effect the occupant of the position sought to be filled could bring about, by virtue of the nature of the position, on the national security, but in no event shall the investigation include less than a national agency check (including a check of the fingerprint files of the Federal Bureau of Investigation), and written inquiries to appropriate local law-enforcement agencies, former employers and supervisors, references, and schools attended by the person under investigation.”
The length of time required to obtain a security clearance is growing and is a significant concern for federal agencies and contractors. Some instances wherein individuals would take longer than normal to be investigated are many past residences, having residences in foreign countries, having relatives outside the United States, or significant ties with non-US citizens.
If a hiring office requests an interim security clearance, an applicant may be granted an interim security clearance within a few weeks after submitting a complete security package. According to the Defense Security Service (an agency of the Department of Defense), all applicants for a personnel security clearance submitted by a cleared contractor will be routinely considered for interim eligibility. The interim eligibility is issued only when access to classified information is clearly consistent with the national security interests of the United States. The interim eligibility is issued at the same time as the initiation of the investigation and will generally remain in effect until the investigation is completed. At that time, the applicant is considered for final eligibility.
If an applicant feels they are a serious candidate for a position that requires a security clearance they may accelerate the process by gathering relevant information prior to receiving a job offer from the hiring agency or contractor. The hiring agency or contractor can direct the applicant to the appropriate forms for the level of clearance required for the position for which they are being considered.
The security clearance background investigation
The central component in the process of obtaining a security clearance is the background investigation. The process begins with the applicant registering and completing the appropriate forms through the U.S. Offices of Personnel Management’s (OPM) Electronic Questionnaires for Investigations Processing (e-QIP) application web site. The next phase of the process involves an investigation conducted by the OPM, the DoD, and the Office of the Director of National Intelligence or another investigation service provider (ISP), depending on the position.
There are five tiers of investigation standards that apply to applications for security clearances. The specific tier of investigation that is appropriate for a given candidate is determined by the classification and the risk associated with the information that the applicant will need to handle. The OPM e-QIP form needed for each tier is delineated in the table below.
|Tier 1||Low Risk, Non-Sensitive, including HSPD-12 Credentialing||Form SF85|
|Tier 2||Moderate Risk Public Trust (MRPT)||Form SF85P|
|Tier 3||Non-Critical Sensitive National Security||Form SF86|
|Tier 4||High-Risk Public Trust (HRPT)||Form SF85P|
|Tier 5||Critical Sensitive and Special Sensitive National Security, including Top Secret, and SCI||Form SF86|
The e-QIP form used for sensitive or national security positions is the SF-86 as indicated in Tier 3 and Tier 5 investigation standards. SF85 and SF85P are suitable for work in government agency positions requiring public trust rather than national security concerns.
In addition to and after the verification of the answers to the questions posed by the OPM e-QIP form, many investigations will include an interview as a routine part of the investigation process. The applicant may be asked to answer questions related to their completed form. This helps the investigator gain clarity about incomplete or unclear answers on the form. Declining the interview may result in the investigation, and related security clearance application, being canceled.
In addition to the questions on these forms, the investigator may also make an inquiry about the applicant’s adherence to security requirements, their honesty and integrity, their possible vulnerability to exploitation or coercion, or any other behavior that could potentially demonstrate that the candidate is not reliable, trustworthy, or loyal to the US Government.
The Department of State’s Diplomatic Security Service (DSS) conducts personnel security background investigations for the Department of State and other federal agencies. DSS describes the background investigation process as including these steps:
- A job candidate receives a conditional offer of employment and completes and submits the appropriate form – either a Questionnaire for National Security Positions, Questionnaire for Non-Sensitive Positions, or Questionnaire for Public Trust Positions – and other required forms to the appropriate hiring office.
- The hiring office reviews and submits the completed questionnaire and other required forms – known as the security package – to DSS.
- DSS reviews the security package and formally opens a background investigation.
- DSS conducts records and fingerprint checks against commercial and government databases.
- DSS verifies and corroborates key information and events from the candidate’s past and recent history. This may include interviews of people who know the candidate well. The investigator may conduct a face-to-face interview with the candidate as part of the process.
- After the investigation is complete, DSS adjudicates and determines the candidate’s national security eligibility according to the Security Executive Agent Directive (SEAD) 4: National Security Adjudicative Guidelines.
- In some cases, background investigations may be forwarded to a Department of State Human Resources suitability panel.
- After determining the candidate’s national security eligibility, DSS contacts the appropriate hiring authority.
The U.S. Criminal Code (title 18, section 1001) provides that knowingly falsifying or concealing a material fact is a felony that may result in fines and/or up to five (5) years imprisonment.
In addition, federal agencies generally fire, do not grant a security clearance, or disqualify individuals who have materially and deliberately falsified these forms, and this remains a part of the permanent record for future placements.
The Defense Security Service issues the following statuses throughout the investigation to let candidates know what is happening during the process:
- Received The investigative service provider (ISP) has acknowledged receipt of the investigation request and will be reviewing it for acceptability.
- Unacceptable The ISP determined the investigation request to be deficient. The applicant will then receive a message with the reason why the request was rejected. If the employee still requires a clearance, a new investigation request will need to be initiated and submitted with the corrected information.
- Scheduled The ISP has determined the investigation request to be acceptable and the investigation is currently ongoing/open.
- Closed The ISP has completed the investigation and the investigation has been sent for adjudication.
Why an applicant may be denied a security clearance
Various reasons exist for why an applicant may be denied a security clearance. The primary considerations in an investigation are the individual’s honesty, candor, and thoroughness in the completion of their security clearance forms.
Every effort is made to determine whether the granting or continuing eligibility for a security clearance is consistent with the interests of national security. A wide variety of factors may be investigated.
The scope of a security clearance background investigation is likely to include the following personal characteristics, proclivities, and behavior. Any indication that the applicant may have substantial problems in any of these areas will likely raise a flag indicating a need for further investigation and possible denial of the clearance.
- Allegiance to the United States
- Potential for foreign influence
- A foreign preference
- Sexual behavior
- Personal conduct
- Financial considerations
- Alcohol consumption
- Drug involvement and substance misuse
- Emotional, mental, and personality disorders
- Criminal conduct
- Handling protected information
- Outside activities
- Misuse of information technology
Unpaid bills, as well as criminal charges, will often disqualify an applicant for approval. However, bankruptcy will be evaluated on a case-by-case basis and is not an automatic disqualifier. Poor financial history is the number-one cause of rejection, and foreign activities and criminal records are also common causes for disqualification.
It is noteworthy that investigators may consider publicly available social media information in connection with an application for a security clearance. Security Executive Agent Directive 5, Collection, Use, and Retention of Publicly Available Social Media Information in Personnel Security Background Investigations and Adjudications, codifies federal background investigative authority to incorporate publicly available social media information in the security clearance process.
According to the Office of the Director of National Intelligence, this policy allows investigators to consider an applicant’s history on Twitter, Facebook, Instagram, and other similar sites.
The policy states that social media data collected as part of a background check will not be retained unless it is considered “relevant” to the security standing of the person in question.
Resources for obtaining a security clearance
Guidelines and updates related to security clearances from the U.S. Department of State.
The Government’s web-based portal for accessing Electronic Questionnaires for Investigations Processing (e-QIP) forms.
The Department of Defense (DoD) Personnel Security Program Regulation.
The information contained in this article is not legal advice and is not a substitute for such advice. State and federal laws change frequently, and the information in this article may not reflect your own state’s laws or the most recent changes to the law.