dismissed H-1B Case: Computer Security

ibi@ing data deleted to 
WVent clearly U,IIW~~ 
hion of- Pivscy 
PUBLIC COPY 
U.S. Department of Homeland Security 
20 Massachusetts Ave. NW, Rm. 3000 
Washington, DC 20529 
U.S. Citizenship 
and Immigration 
FILE: EAC 04 119 52151 Office: VERMONT SERVICE CENTER Date: AuG 1 5 2006 
PETITION: petition for a Nonimmigrant Worker Pursuant to Section 101(a)t15)(H)(i)(b) of the 
Immigration and Nationality Act, 8 U.S.C. Ij 1 lOl(a)(lS)(H)(i)(b) 
ON BEHALF OF PETITIONER: 
INSTRUCTIONS: 
This is the decision of the Administrative Appeals Office in your case. All materials have been returned to 
the office that originally decided your case. Any further inquiry must be made to that office. 
Robert P. Wiemann, Chief 
Administrative Appeals Office 
EAC 04 119 52151 
Page 2 
DISCUSSION: The service center director denied the nonimrnigrant visa petition. The matter is now on appeal 
before the Administrative Appeals Office (AAO). The appeal will be dismissed. The petition will be denied. 
The petitioner is an IT management services and consulting company. It seeks to employ the beneficiary as a 
computer security analyst and to continue his classification as a nonimmigrant worker in a specialty occupation 
pursuant to section lOl(a)(lS)(H)(i)(b) of the Immigration and Nationality Act (the Act), 8 U.S.C. 
§ 1 lOl(a)( 15>(H)(i)(b>. 
The director denied the petition on the ground that the record failed to establish that the proffered position 
qualifies as a specialty occupation. 
Section 214(i)(l) of the Act, 8 U.S.C. 1184(i)(l), defines the term "specialty occupation" as an occupation 
that requires: 
(A) theoretical and practical application of a body of highly specialized knowledge, and 
(B) attainment of a bachelor's or higher degree in the specific specialty (or its equivalent) 
as a minimum for entry into the occupation in the United States. 
As provided in 8 C.F.R. § 214.2(h)(4)(iii)(A), to qualify as a specialty occupation the position must meet one 
of the following criteria: 
(I) A baccalaureate or higher degree or its equivalent is normally the minimum 
requirement for entry into the particular position; 
(2) The degree requirement is common to the industry in parallel positions among 
similar organizations or, in the alternative, an employer may show that its particular 
position is so complex or unique that it can be performed only by an individual with a 
degree; 
(3) The employer normally requires a degree or its equivalent for the position; or 
(4) The nature of the specific duties is so specialized and complex that knowledge 
required to perform the duties is usually associated with the attainment of a 
baccalaureate or higher degree. 
Citizenship and Immigration Services (CIS) interprets the term "degree" in the criteria at 8 C.F.R. 
$ 214.2(h)(4)(iii)(A) to mean not just any baccalaureate or higher degree, but one in a specific specialty that is 
directly related to the proffered position. 
The record of proceeding before the AAO contains (1) Form 1-129 and supporting documentation; (2) the 
director's request for evidence (RFE); (3) the petitioner's response to the RFE; (4) the notice of decision; and 
(5) the appeal (Form I-290B). The AAO reviewed the record in its entirety before issuing its decision. 
In its initial submission, including the Form 1-129 and an accompanying letter, the petitioner described itself 
as a provider of information technology services with core competencies in information systems 
EAC 04 119 52151 
Page 3 
securitylinformation assurance, systems engineering, research and development involving artificial 
intelligence, and physical security. The petitioner indicated that its business was established in 1992, has 170 
employees, and earned gross annual income of $6,121,424 in 2003. The petitioner proposes to employ the 
beneficiary as a computer security analyst for three years, at an annual salary of $72,000, and provided the 
following job description in its initial letter to the service center: 
Provides technical support in response to computer security incidents by applying knowledge 
of Windows XP, NT 4.0 Server and Windows 2000 Server, Unix, Trend Micro, IronMail, 
Intruder Alert and McAfee; develops quarterly forecasting reports with regard to areas of 
information security and prepares graphical reports depicting historical trends and 
projections; provides security incidents response support by recommending policies, 
standards, procedures, and products to address viruses, worms, Trojan horse programs, 
hacking attempts, and hoaxes and supporting virus detectionlidentification and recovery 
activities. 
According to the petitioner, the minimum educational requirement for the proffered position is a bachelor's 
degree in computer science, MIS, E-Business or a related field. The beneficiary is qualified for the position, 
the petitioner declares, by virtue of his master of business administration/master of science in E-Business 
from Temple University in Philadelphia, Pennsylvania, granted on May 23, 2002. 
In response to the RFE the petitioner furnished a more detailed description of the proffered position's duties, 
and the percentage of time the beneficiary would spend on each. It reads as follows: 
Database Security Administration - 60% 
To provide technical support in the response to computer security incidents in the environment of 
Windows XP, NT 4.0 and Windows 2000 Server, the detailed job duties include: (1) Architect 
and develop CSIRT Automated Virus Reporting database, Security Patch Management database 
and CSIRT Incident Management database using extensive database design language and tools, 
including SQL Server 6.517.012000, Oracle 7/8/8i/9i, Access 9712000 and MySQL. Database 
design and development includes creating Oracle database tables, indexes, and constraints that 
allow the developed production system to function smoothly. This includes sizing database 
tables, controlling rollback segments, preventing data fragmentation, and ensuring the integrity of 
the database. (2) Administer daily operation of the FDIC Computer Security Incident Response 
Team (FDIC-CSIRT) by handling virus attacks, networklhost based intrusions, phishing scams 
and distributed denial-of-service attacks with database analysis using extensive computing tools 
and language including T-SQL, DTS, OLAP, PLISQL, SQL*Loader, XML, in a NET 
environment. (3) Identifies type of virus attacks and conditions of damage in a timely manner 
and implements necessary procedures to ensure the above mentioned three large information 
security databases for FDIC in proper operating condition. 
Database Security Analysis Report - 30% 
Develops quarterly forecasting reports with regard to areas of information security based on daily 
and monthly virus statistical analysis and incident response performance by conducting security 
assessment, security control assessment and risk assessment. Performing database security 
EAC04 119 52151 
Page 4 
assessment involves extensive knowledge of computer security software and tools including 
Intruder Alert, Trend Micro, McAfee, ManHunt, ISS Real Secure, SurfControl, Entrust, Cisco 
PIX Cisco 5251535, etc. Prepares graphical reports depicting historical trends and projections to 
identify deficiency of database security and improve virus protection program. Provides 
recommended policies, standards, procedures, and products to address viruses, worms, Trojan 
horse programs, hacking attempts, and hoaxes as well as in virus detectionlidentification and 
recover activities to ensure FDIC's security database compliance with the Federal Information 
Security Management Act. 
Assist other IMSI Personnel with Task Assignments - 10% 
Coordinates with other security analyst(s) in analyzing and evaluating security products and 
performs other duties as required. 
In her decision the director cited the description of computer security analysts in the Department of Labor 
(D0L)'s Occupational Outlook Handbook (Handbook) as indicating that a baccalaureate degree in a directly 
related field is not the minimum educational requirement for entry into such a position. Rather, it was 
possible to enter the occupation with less than a baccalaureate level education. The director referred to the 
internet job announcements in the record, but found that they failed to establish that a degree requirement is 
common to the petitioner's industry in parallel positions among similar organizations. Though the petitioner 
claimed that it had never hired a computer security analyst without a bachelor's degree for a security analyst 
position, the director noted that the petitioner's current computer security analysts have degrees in a variety of 
fields. The director concluded that the record failed to establish that the proffered position meets the statutory 
definition of a specialty occupation. 
On appeal counsel reiterates the petitioner's contention that the duties of the position require a baccalaureate 
or higher degree in a computer-related specialty like the beneficiary's. In counsel's view, two years of 
college coursework in computers would be insufficient for the job. 
In determining whether a position meets the statutory and regulatory criteria of a specialty occupation, CIS 
routinely consults the DOL Handbook as an authoritative source of information about the duties and 
educational requirements of particular occupations. Factors typically considered are whether the Handbook 
indicates a degree is required by the industry; whether the industry's professional association has made a 
degree a minimum entry requirement; and whether letters or affidavits from firms or individuals in the 
industry attest that such firms "routinely employ and recruit only degreed individuals." See Shanti, Inc. v. 
Reno, 36 F.Supp. 2d 115 1, 1165 (D.Minn. 1999) (quoting HiraYBlaker Corp. v. Suva, 712 F.Supp. 1095, 1102 
(S.D.N.Y. 1989)). CIS also analyzes the specific duties and complexity of the position at issue, with the 
Handbook's occupational descriptions as a reference, as well as the petitioner's past hiring practices for the 
position. See Shanti, Inc. v. Reno, id., at 1165-66. 
Computer security specialists are described in the DOL Handbook as a subcategory of the broader 
occupational category of "computer support specialists and systems administrators." As explained in the 
Handbook, 2006-07 edition, at 113: 
Computer support specialists provide technical assistance, support, and advice to customers 
and other users . . . . 
EAC 04 119 52151 
Page 5 
Network administrators and computer systems administrators design, install, and support an 
organization's local-area network (LAN), wide-area network (WAN), network segment, 
Internet, or intranet system. . . . 
In some organizations, computer security specialists may plan, coordinate, and implement the 
organization's information security. These workers may be called upon to educate users 
about computer security, install security software, monitor the network for security breaches, 
respond to cyber attacks, and, in some cases, gather data and evidence to be used in 
prosecuting cyber crime. The responsibilities of computer security specialists has increased 
in recent years as there has been a large increase in the number of cyber attacks on data and 
networks. This and other growing specialty occupations reflect an increasing emphasis on 
client-server applications, the expansion of Internet and intranet applications, and the demand 
for more end-user support. 
In accord with the director's decision, the AAO determines that the duties of the proffered position are those 
of a computer security specialist, as described in the Handbook. 
The Handbook describes the training and educational requirements of the occupation as follows: 
Due to the wide range of skills required, there are many paths of entry to a job as a computer 
support specialist or systems administrator [including computer security specialists]. While 
there is no universally accepted way to prepare for a job as a computer support specialist, 
many employers prefer to hire persons with some formal college education. A bachelor's 
degree in computer science or information systems is a prerequisite for some jobs; however, 
other jobs may require only a computer-related associate's degree. For systems 
administrators, many employers seek applicants with bachelor's degrees, although not 
necessarily in a computer-related field. 
Id. at 114. As indicated above, a four-year baccalaureate degree in a specific specialty is not the normal 
minimum requirement for entry into a position as a computer security specialist. Some companies may accept 
two-year associate degrees, and relevant work experience can substitute to some extent for formal education. 
Moreover, the Handbook indicates that a bachelor's degree in a variety of majors, which may not be closely 
related to the computer field, can lead to employment as a computer security specialist. In accordance with the 
foregoing information in the Handbook, the AAO determines that the proffered position does not meet the first 
alternative criterion of a specialty occupation, at 8 C.F.R. 5 214.2(h)(4)(iii)(A)(I), because a baccalaureate or 
higher degree in a specific specialty, or its equivalent, is not the normal minimum requirement for entry into 
the position. 
With respect to the second alternative criterion of a specialty occupation, at 8 C.F.R. 5 214.2 (h)(4)(iii)(A)(2), 
the record includes six internet job announcements for computer security analyst positions. One 
advertisement states that a bachelor's degree is required, without indicating any particular specialty. Two 
others state that relevant work experience can substitute in whole or in part for education. Only three of the 
advertisements specify that a bachelor's degree in a computer-related specialty is required, and at least one of 
those is from a company whose scale of operations is greater than the petitioner's. The AAO determines that 
the internet job advertisements are not persuasive evidence that a baccalaureate or higher degree requirement 
.. ( 
EAC 04 119 52151 
Page 6 
in a specific specialty is common to the petitioner's industry in parallel positions among similar organizations, 
as required for the proffered position to qualify as a specialty occupation under the first prong of 8 C.F.R. 
5 214.2(h)(4)(iii)(A)(2). Nor does the record demonstrate that the proffered position is so complex or unique 
that it can only be performed by an individual with a baccalaureate or higher degree in a specific specialty, as 
required for the position to qualify as a specialty occupation under the second prong of 8 C.F.R. 
5 2 14.2(h)(4)(iii)(A)(2). 
As for the third alternative criterion of a specialty occupation, at 8 C.F.R. 5 214.2(h)(4)(iii)(A)(3), the 
petitioner asserts that it has always required a bachelor's degree for the proffered position, and has furnished 
the names of five individuals who it states are currently employed as computer security analysts, along with 
evidence of their degrees. Only three of those individuals has a degree in computer science or a related 
specialty, however, while the other two have degrees in international business and biology. The petitioner 
asserts that it also employs a sixth computer security analyst, but has not identified that individual or 
furnished any information about his or her degree. Thus, the petitioner's past hiring history does not establish 
that it normally requires a degree in a specific specialty for the proffered position. Furthermore, the record 
includes two versions of the petitioner's job advertisement for a computer systems analyst, one of which 
states that "appropriate experience may substitute for a degree" and the other of which states that "a college 
degree" is required, without indicating a specific specialty. Accordingly, the petitioner's own job 
announcements refute its contention that it normally requires a degree in a specific specialty for the proffered 
position. As the foregoing evidence clearly indicates, the proffered position does not qualify as a specialty 
occupation under 8 C.F.R. 5 2 14.2(h)(4)(iii)(A)(3). 
Lastly, the record does not establish that the duties of the proffered position are so specialized and complex 
that the knowledge required to perform them is usually associated with a baccalaureate or higher degree in a 
specific specialty. The evidence of record does not show that the duties of the position exceed the scope of a 
typical computer security specialist, which the Handbook indicates does not require baccalaureate level 
knowledge in a specific specialty. The AAO concludes that the duties of the proffered position could be 
performed by an individual with less than baccalaureate level knowledge in a specific specialty. Accordingly, 
the proffered position does not meet the fourth alternative criterion of a specialty occupation at 8 C.F.R. 
5 2 14.2(h)(4)(iii)(A)(4). 
For the reasons discussed above, the proffered position does not meet any of the qualifying criteria of a 
specialty occupation under 8 C.F.R. 5 214.2(h)(4)(iii)(A). The petitioner has not established that the 
beneficiary will be coming temporarily to the United States to perform services in a specialty occupation, as 
required under section lOl(a)( lS)(H)(i)(b) of the Act, 8 U.S.C. 5 1 lOl(a)( 15)(H)(i)(b). 
The petitioner bears the burden of proof in these proceedings. See section 291 of the Act, 8 U.S.C. 5 1361. The 
petitioner has not sustained that burden. Accordingly, the AAO will not disturb the director's decision denying 
the petition. 
ORDER: The appeal is dismissed. The petition is denied.