Cybersecurity Jobs in USA with Visa Sponsorship
Cybersecurity professionals are in exceptionally high demand in the US, with hundreds of thousands of unfilled positions nationwide creating strong employer willingness to sponsor international talent. Most sponsored roles are in the private sector at tech companies, financial institutions, and healthcare organizations, since government and defense positions typically require security clearances limited to US citizens. Industry certifications such as CISSP, CompTIA Security+, and CEH carry significant weight in both hiring and visa petition support.
See All Cybersecurity JobsOverview
Showing 5 of 9,019+ cybersecurity jobs


Have you applied for this role?


Have you applied for this role?


Have you applied for this role?


Have you applied for this role?


Have you applied for this role?
See all 9,019+ Cybersecurity jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Cybersecurity roles.
Get Access To All Jobs
Who We Are:
At Avnet, relationships matter. We are a global, FORTUNE ® 500 technology distributor and solutions company that delivers design, supply chain and logistics expertise to customers at every stage of a product’s lifecycle. Our employees have a front row seat to the latest innovations shaping the world we live in and the future we share. We’re driven to help our customers around the world succeed and we do so by earning the trust of some of the biggest names in technology. Working at Avnet means being a part of a global team. We work collaboratively and with integrity, doing business the right way. For more than a century, we have partnered together to help our customers, suppliers and teammates realize the transformative possibilities of technology. Experience what’s next at Avnet!
Role Summary
The Program Manager, Cybersecurity Strategy and Metrics (BISC) serves as both a key operational leader within Avnet’s business-aligned cybersecurity function. The Program Manager helps establish, mature, and operationalize the BISO program, executing hands-on business engagement while shaping the standards, processes, and metrics that will define the function long-term.
Key Responsibilities
1) Program Build-Out & Continuous Improvement
- Partner with the Director to establish and refine the BISO operating model, including engagement patterns, role delineation, standard artifacts, and escalation paths.
- Conduct a formal proof-of-value (PoV) to demonstrate program impact, measure risk-reduction effectiveness, capture workload and volume metrics, and translate results into repeatable operational standards.
- Assess and forecast BISO workload, helping size the team appropriately based on demand, complexity, and business footprint.
- Define logical lanes of responsibility for current and future BISOs (e.g., vulnerability support, governance, audit coordination, system assessments).
- Establish and evolve operational standards—intake processes, assessment frameworks, risk templates, reporting dashboards, and governance cadences.
2) System Assessments, Categorization & Control Selection
- Lead and guide junior BISOs in conducting standardized system assessments, ensuring security requirements are right-sized based on risk, data sensitivity, business criticality, and regulatory needs.
- Champion consistent control selection and tailoring, preventing both over-engineering and under-protection.
- Work closely with Enterprise Cybersecurity, IT, and engineering teams to align system-level decisions to enterprise guardrails while minimizing business friction.
3) Risk Translation, Prioritization & Action Planning
- Translate complex and technical security risks into clear business-impact narratives, articulating implications across operational disruption, customer trust, revenue exposure, and compliance obligations.
- Partner with business units to develop action plans, compensating controls, or formal risk acceptances for vulnerabilities, supplier issues, audit findings, and system gaps.
- Ensure every risk or exception is evaluated, documented, approved, monitored, and periodically reviewed—with complete visibility to leadership.
4) Local Governance & Risk Visibility
- Establish recurring business-level governance mechanisms, providing transparency on risk posture, remediation progress, secure baseline adoption, assessments status, and upcoming obligations.
- Ensure business leaders have a clear understanding of risk hot spots, competing priorities, and potential escalations.
- Drive accountability by aligning BU decisions with enterprise risk tolerance and CISO-level expectations.
5) Escalation of BU-Specific Risks & Project Needs
- Surface business-specific risks, systemic blockers, resource needs, and project dependencies to enterprise cybersecurity leadership.
- Ensure issues do not remain isolated or siloed within a single business area by enabling centralized visibility and prioritization.
- Help guide enterprise trade-off decisions by providing concise, contextual, and data-driven escalation narratives.
6) Vulnerability Management & Secure Baselines
- Support business units in interpreting vulnerability findings, assessing business impact, and prioritizing remediation in alignment with SLAs.
- Coordinate cross-functional remediation strategies, removing blockers and driving adherence to enterprise remediation expectations.
- Champion the deployment, maintenance, and periodic validation of secure configuration baselines across systems within assigned scope to improve audit readiness and reduce systemic vulnerabilities.
7) Hands-On BISO Support for Assigned BU(s)/Region(s)
- Serve as the primary cybersecurity advisor and engagement point for designated operating companies or regions.
- Advocate for the business within the cybersecurity organization while ensuring consistent application of enterprise security policies and risk standards.
- Support revenue-critical functions including customer security inquiries, audits, RFP responses, and contract security obligations.
8) Governance, Audit Coordination & Risk Oversight
- Coordinate audit response activities with assigned business units, ensuring coherent remediation plans and consistent treatment of similar findings.
- Rationalize risk acceptances within business units and ensure alignment with enterprise risk appetite.
- Track and report remediation deadlines, exceptions, and emergent risk themes across the BISOs you manage.
9) Metrics, Reporting & Decision Support
- Define and maintain operational dashboards covering workload, risk themes, SLA performance, exception volume, remediation velocity, and system assessment throughput.
- Provide executive-ready reporting to business leadership and the CISO organization.
- Use trend analysis to identify systemic issues, capability gaps, and high-impact focus areas.
10) Certifications & Regulatory/Customer Security Expectations
- Support determination of certification applicability (e.g., ISO 27001, CMMC, Cyber Essentials, and regional schemes).
- Assist BUs in readiness assessments, control gap remediation, and sustaining governance to avoid fragmented or redundant certification efforts.
Work Experience: Typically 8+ years with bachelor's or equivalent.
Education and Certification(s): Bachelor's degree or equivalent experience from which comparable knowledge and job skills can be obtained.
#LI-HYBRID
What We Offer:
Our employees work hard to live our values and help us grow. Our total rewards strategy supports Avnet’s ability to attract, engage, develop, and reward our employees, while promoting a diverse and inclusive environment. We offer competitive compensation and benefit programs — from time away and flexible working arrangements to programs supporting employee well-being and opportunities to give back to your community.
- Generous Paid Time Off
- 401K and Pension Plan
- Paid Holidays
- Family Support (Paid Leave, Surrogacy, Adoption)
- Medical, Dental, Vision, and Life Insurance
- Long-term and Short-term Disability Insurance
- Health Savings Account / Flexible Spending Account
- Education Assistance
- Employee Development Resources
- Employee Wellness, Leadership Development and Mentorship Programs
Benefits listed above may vary depending on the nature of your employment with Avnet.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.
Avnet is an Equal Opportunity Employer committed to providing equal opportunities to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex (including pregnancy), age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other characteristic protected by law. This policy of non-discrimination also applies to religious dress and grooming practices. Avnet will accommodate employee religious dress standards and grooming practices that do not result in undue hardship for the Company. If you are interested in applying for employment with Avnet and need special assistance or an accommodation to apply for a posted position contact our Human Resources Service Center at (888) 994-7669.

How to Get Visa Sponsorship in Cybersecurity
Take advantage of the cybersecurity talent shortage
The U.S. has hundreds of thousands of unfilled cybersecurity positions, which works in your favor for sponsorship. Employers facing critical security staffing gaps are more willing to sponsor visas when they can't find qualified domestic candidates.
Earn industry certifications that employers prioritize
CISSP, CISM, CEH, and CompTIA Security+ are among the most recognized cybersecurity credentials. Holding one or more of these certifications makes your specialty occupation case clearer and signals readiness for senior security roles.
Focus on private-sector roles that don't require security clearance
Many government and defense cybersecurity positions require U.S. security clearance, which is limited to citizens and permanent residents. Target private-sector companies, financial institutions, and healthcare organizations where clearance is not a barrier.
Specialize in cloud security or application security
Cloud security architects, AppSec engineers, and penetration testers are among the hardest cybersecurity roles to fill. Specializing in one of these areas makes you a stronger sponsorship candidate than a generalist security analyst.
Use STEM OPT to build your security track record
Cybersecurity and information security degrees are STEM-eligible, providing 12 months of OPT plus a 24-month STEM extension. Use this time to earn certifications, respond to real incidents, and build the experience that makes you an obvious sponsorship candidate.
Explore cap-exempt cybersecurity roles at universities and research institutions
University IT security teams and federally funded research centers are H-1B cap-exempt. These roles let you bypass the lottery entirely and can serve as a stepping stone to private-sector positions once you have U.S. work experience.
See all 9,019+ Cybersecurity jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Cybersecurity roles.
Get Access To All JobsFrequently Asked Questions
Do cybersecurity roles with visa sponsorship require security clearances?
Most sponsored cybersecurity positions do not require security clearances. Clearances are primarily required for government agencies, defense contractors, and intelligence community roles, and are generally limited to U.S. citizens or permanent residents. Private-sector roles at technology companies, financial institutions, healthcare systems, and managed security service providers rarely require clearances and are where the vast majority of sponsorship occurs.
Does the cybersecurity talent shortage actually make it easier to get sponsored?
Yes. With hundreds of thousands of unfilled cybersecurity positions in the U.S., employers face sustained difficulty hiring domestically, which increases their willingness to invest in visa sponsorship. This shortage also strengthens the labor market test for green card processing (PERM labor certification), as employers can more easily demonstrate that qualified U.S. workers are unavailable. Candidates with hands-on experience in penetration testing, incident response, or cloud security are in particularly strong positions.
Which cybersecurity certifications strengthen a visa petition?
CISSP, CompTIA Security+, CEH (Certified Ethical Hacker), and OSCP are the most recognized credentials and carry weight in both hiring and immigration documentation. These certifications provide concrete evidence that the role demands specialized knowledge beyond a general IT background. While certifications alone do not replace the bachelor's degree requirement for H-1B, they meaningfully support the specialty occupation argument when included in the petition package.
Can cybersecurity professionals qualify for the O-1 visa?
Yes, if you have notable contributions to the field. Published vulnerability disclosures, conference presentations at events like DEF CON or Black Hat, widely used open-source security tools, or significant bug bounty achievements can all serve as evidence of extraordinary ability. The O-1 bypasses the H-1B lottery and has no annual cap, making it a strong alternative for cybersecurity researchers and practitioners with a visible track record.
What cybersecurity specializations are most in demand for visa sponsorship?
Cloud security, application security, and incident response are among the highest-demand specializations because they require deep technical expertise that is genuinely scarce. Security engineering roles at SaaS companies and financial institutions are particularly well-sponsored. GRC (governance, risk, and compliance) roles can also qualify but may face more H-1B scrutiny since USCIS sometimes questions whether these positions require a specific technical degree.
See which Cybersecurity employers are hiring and sponsoring visas right now.
Browse Cybersecurity Jobs