How to Get a Security Clearance?

How to Get a Security Clearance

How to Get a Security Clearance- This tutorial will show you how to obtain a security clearance as a cybersecurity specialist. Working in the cybersecurity field necessitates security clearances, and this article will explain the many types of security clearances, which positions require security clearances, and how to obtain a security clearance.

For the purposes of this article, a security clearance is an official determination that an individual may access some level of classified information, as determined by an agency of the United States government.

Of course, other governmental and non-governmental bodies around the world offer security clearances, but for the sake of this discussion, the scope will be limited to clearances provided by federal government agencies in the United States.

How to Get a Security Clearance?

When it comes to understanding security clearance, the “Who, What, Where, and Why” is not always so obvious. If you’ve recently applied for a position that requires you to obtain a security clearance, there are a few steps you need to prepare for. Here is a guide for everything you need to know about getting a security clearance. 

Overview of Security Clearances

Everyone who works for the federal government in the United States is subjected to a basic background check that includes their criminal and credit histories. All federal employees must be “reliable, trustworthy, of excellent behaviour and character, and of complete and unshakable loyalty to the United States,” according to this policy.

A security clearance is also required for federal jobs that need access to sensitive information. Individuals who work for private companies as federal government contractors are included in this category. Before allowing access to national security information, this clearance must be obtained to assess the applicant’s trustworthiness and reliability.

Security clearances are organised in a hierarchical framework, with each designation denoting the maximum level of classified material to which the clearance holder has access. The classification levels are as follows, from least stringent to most restrictive:

  • Private and confidential This level of security clearance grants access to material that, if disclosed without authority, could jeopardise national security. Every 15 years, it must be re-examined.
  • A national agency check, as well as a local agency check and a credit check, are required for a confidential clearance (NACLC).
  • a mystery This level of security clearance grants access to material that, if disclosed without authority, could jeopardise national security. Every ten years, it must be reexamined.
  • A NACLC and a Credit investigation are required for a secret clearance, which must be re-investigated every 10 years. Part C3.4.2 of the Personnel Security Program issuance known as DoD Regulation 5200.2-R contains investigative standards for Department of Defense (DoD) clearances, which apply to most civilian contractor circumstances.
  • Top-secret information (TS) This level of security clearance grants access to material that, if exposed without authorisation, might pose a serious threat to national security. Every five years, it must be re-examined.

Top Secret is a higher level of security clearance. A Single Scope Background Investigation is frequently used to obtain a TS clearance (SSBI). In general, TS clearances grant access to material affecting national security, counterterrorism/counterintelligence, or other highly sensitive information. Individuals having TS clearances are much fewer than those with Secret clearances. A person having Top Secret clearance is usually re-examined every five years.

Obtaining a certain level of security clearance does not imply that the bearer has automatic access to or is allowed access to information cleared for that level of clearance. To handle classified material legally, the clearance holder must have a clear “need to know” as well as the appropriate level of clearance for the material. A disclosure officer attached to the office of origin for the classified material determines the need to know in most cases.

Additionally, there are two types of classified information that require special handling and access controls:

  • Intelligence sources, methods, and processes are all part of sensitive compartmented information (SCI).

A SCI clearance is only given after the candidate has gone through the rigours of an SSBI and a unique adjudication process for reviewing the investigation, just as a TS clearance. SCI access, on the other hand, is only granted in “compartments.” In terms of the organisation, these compartments must be kept separate such that a person who has access to one compartment does not necessarily have access to another. Each compartment may have its own set of unique requirements and clearance procedures. For any amount of time, an individual may be granted access to or read into a compartment.

  • Special access programmes (SAPs) are projects and activities that are extremely sensitive.
SEE ALSO:
Is Cybersecurity Boring?

When the vulnerability of certain information is deemed extraordinary and the standard standards for evaluating eligibility for access are deemed insufficient to protect the information, the DoD creates SAPs. SAPs are commonly used to improve security by tightly enforcing the need-to-know principle. The number of participants approved for such initiatives is usually kept small. For example, information regarding new military technologies frequently necessitates such exclusive access.

SCI and SAPs clearances have tougher eligibility standards and investigative procedures than other clearances because they deal with classified information that has been judged highly risky.

Security clearances are only valid for the duration of the person’s employment in the initial position for which the clearance was granted. A clearance holder may be re-investigated at any time, but after the prescribed number of years, a formal review is necessary.

In some situations, a clearance can be reactivated without having to go through the entire investigation procedure again. For the top secret, secret, and confidential categories, the candidate’s job gap must be less than two years, and the original inquiry cannot be older than five, ten, or fifteen years.

History of Security Clearances

Executive Orders (EOs) and US federal legislation provide jurisdiction for categorising information and giving security clearances to access it. The Pendleton Act of 1883 established security clearances by requiring applicants for government employment to have the proper character, reputation, trustworthiness, and fitness for job.

Executive Order 8781 mandated that all federal employees be fingerprinted and probed by the FBI, and in 1948, the Department of Defense unified the military security programme and instituted standards and procedures comparable to those enacted for civilians under Executive Order 9835.

Executive Order 10450 (1953) replaced E.O. 9835 and required federal employees to undergo investigations to determine their reliability, trustworthiness, good behaviour and character, and devotion to the United States. It stipulated that employment must be “clearly consistent with national security interests.”

National Security Information (NSI) is currently classified under Executive Order 13526, with Security Executive Agent Directive 4, National Security Adjudicative Guidelines, providing some further leeway.

Jobs that Require a Security Clearance

In order to execute their jobs, many federal agencies and federal contractors working with those agencies require their personnel to have security clearances.

The need for a security clearance is dictated by a necessity to handle sensitive or classified information rather than a specific job description.

Employment within specific government agencies is more likely to require a security clearance, regardless of the job description. A security clearance is also required for employment in a government-secured institution. The following are some examples of agencies that may demand higher degrees of clearance:

Anyone with access to classified material must have clearance equal to or higher than the level of classification of the data they must handle. As a result, security clearances are necessary for a variety of positions, ranging from top management to janitorial. Secretaries, security officers, librarians, system administrators, and computer-support personnel who have access to classified documents or systems may require a security clearance.

“As of October 1, 2015, the latest date for which data are available,” according to the December 2017 United States Government Accountability Office (GAO) Report to Congress, “approximately 4.2 million government and contractor employees, at nearly 80 executive branch agencies, were eligible to hold a security clearance.”

The Process for Obtaining a Security Clearance

Before the process of acquiring a security clearance can begin, the individual requesting the clearance must have a demonstrable need for one. While corporations with federal government contracts or grants may require personnel to have a security clearance, no company without a federal government contract can seek a security clearance on its own.

Only people employed by a federal agency or federal contractor can obtain a security clearance.

Once the agency or contractor has decided on a candidate to hire, the applicant will be given a job offer, which may or may not be conditional on receiving a security clearance. Following the acceptance of the offer and completion of the appropriate forms, a thorough background investigation is conducted.

The extent of the background research required is determined by the job requirements as well as the level of security clearance required. Depending on the backlog, the need for more information, the thoroughness of the inquiry process, and other considerations, this process might take several months or even a year.

SEE ALSO:
RMM IT Software

“The scope of the investigation shall be determined… according to the degree of adverse effect the occupant of the position sought to be filled could have on national security, by virtue of the nature of the position, but in no event shall the investigation include less than a national agency check (including a check of the fingerprint files of the occupant of the position sought to be filled),” says Executive Order 10450.

The time it takes to get a security clearance is increasing, which is a major worry for federal agencies and contractors. Many previous residencies, having residences in foreign countries, having relatives outside the United States, or extensive links with non-US citizens are all examples of situations where an individual’s investigation would take longer than usual.

An candidate may be granted an interim security clearance within a few weeks after submitting a complete security package if a hiring office requests it. All candidates for a personnel security clearance provided by a cleared contractor will be routinely reviewed for temporary eligibility, according to the Defense Security Service (a Department of Defense entity). Only when access to classified information is obviously in the national security interests of the United States is an interim eligibility granted. The interim eligibility is provided at the same time as the investigation begins and is normally valid until the investigation is finished. At that point, the applicant’s ultimate eligibility is determined.

If an applicant believes they are a serious candidate for a security clearance-required job, they can speed up the process by gathering crucial information before obtaining a job offer from the recruiting agency or contractor. The applicant might be directed to the proper forms for the level of clearance required for the position for which they are being considered by the hiring agency or contractor.

The Security Clearance Background Investigation

The background inquiry is the most important step in acquiring a security clearance. The process begins with the applicant registering on the US Offices of Personnel Management’s (OPM) Electronic Questionnaires for Investigations Processing (e-QIP) application web site and filling out the necessary documents. Depending on the job, the OPM, the Department of Defense, and the Office of the Director of National Intelligence (ODNI) or another investigative service provider (ISP) undertake an investigation.

There are five levels of inquiry standards that apply to security clearance applications. The classification and risk associated with the information that the applicant will need to manage determine the precise tier of investigation that is appropriate for a certain candidate. The table below lists the OPM e-QIP forms required for each tier.

Tier 1Low Risk, Non-Sensitive, including HSPD-12 CredentialingForm SF85
Tier 2Moderate Risk Public Trust (MRPT)Form SF85P
Tier 3Non-Critical Sensitive National SecurityForm SF86
Tier 4High-Risk Public Trust (HRPT)Form SF85P
Tier 5Critical Sensitive and Special Sensitive National Security, including Top Secret, and SCIForm SF86

 

According to Tier 3 and Tier 5 investigative criteria, the SF-86 is the e-QIP form utilised for sensitive or national security posts. SF85 and SF85P are appropriate for government jobs that require public trust rather than national security considerations.

Many investigations will involve an interview as a standard element of the investigation process, in addition to and after the verification of the responses to the questions given by the OPM e-QIP form. The candidate may be prompted to respond to questions about their completed application. This aids the investigator in deciphering any incomplete or ambiguous responses on the form. If you decline the interview, your investigation and security clearance application may be cancelled.

In addition to the questions on these forms, the investigator may inquire about the applicant’s adherence to security requirements, their honesty and integrity, their potential vulnerability to exploitation or coercion, or any other behaviour that could indicate that the candidate is not reliable, trustworthy, or loyal to the United States government.

The Diplomatic Security Service (DSS) of the Department of State conducts personnel security background investigations for the department and other federal agencies. The background investigation procedure, according to the DSS, consists of the following steps:

  • A job candidate is given a conditional offer of employment and must complete and submit the appropriate form – either a Questionnaire for National Security Positions, a
  • Questionnaire for Non-Sensitive Positions, or a Questionnaire for Public Trust Positions – as well as any other required forms to the appropriate hiring office.
  • DSS receives the completed questionnaire and other relevant paperwork – referred to as the security package – from the hiring office.
  • The Department of Homeland Security examines the security package and initiates a formal background check.
  • Records and fingerprints are checked against commercial and government databases by the DSS.
  • DSS verifies and confirms crucial events and information from the candidate’s past and recent history. This may include interviews with persons who are familiar with the candidate. As part of the procedure, the investigator may conduct a face-to-face interview with the candidate.
  • DSS adjudicates and evaluates the candidate’s national security eligibility when the inquiry is completed, using the Security Executive Agent Directive (SEAD) 4: National Security Adjudicative Guidelines.
  • Background investigations may be sent to a Department of State Human Resources suitability panel in some situations.
  • DSS contacts the appropriate hiring authority after determining the candidate’s national security eligibility.
SEE ALSO:
Top 10 Best Free Proxy Sites

According to the United States Criminal Code (title 18, section 1001), knowingly fabricating or concealing a substantial fact is a felony punishable by penalties and/or up to five (5) years in prison.

Furthermore, persons who have substantially and willfully misrepresented these papers are often fired, denied security clearance, or disqualified by federal agencies, and this information is kept on file for future placements.

Throughout the inquiry, the Defense Security Service offers the following statuses to let candidates know what is going on:

  • Received The investigative service provider (ISP) has acknowledged receipt of the investigation request and will be reviewing it for acceptability.
  • Unacceptable The ISP determined the investigation request to be deficient. The applicant will then receive a message with the reason why the request was rejected. If the employee still requires a clearance, a new investigation request will need to be initiated and submitted with the corrected information.
  • Scheduled The ISP has determined the investigation request to be acceptable and the investigation is currently ongoing/open.
  • Closed The ISP has completed the investigation and the investigation has been sent for adjudication.

Why an Applicant may be Denied a Security Clearance

There are a variety of reasons why a security clearance application may be denied. The individual’s honesty, sincerity, and thoroughness in filling out their security clearance paperwork are the most important factors to evaluate throughout an examination.

Every effort is taken to examine whether granting or maintaining security clearance eligibility is consistent with national security interests. A wide range of factors can be looked into.

The following personal characteristics, tendencies, and conduct are likely to be investigated as part of a security clearance background investigation. Any hint that the applicant may have significant issues in any of these areas will very certainly raise a red flag, requiring more examination and possibly denial of the clearance.

  • Allegiance to the United States
  • Potential for foreign influence
  • A foreign preference
  • Sexual behavior
  • Personal conduct
  • Financial considerations
  • Alcohol consumption
  • Drug involvement and substance misuse
  • Emotional, mental, and personality disorders
  • Criminal conduct
  • Handling protected information
  • Outside activities
  • Misuse of information technology

Unpaid invoices, as well as criminal accusations, are frequently grounds for rejection. Bankruptcy, on the other hand, will be considered on a case-by-case basis and will not automatically disqualify you. The most prevalent reason for rejection is a poor financial history, however overseas activities and criminal records are also significant reasons for rejection.

Investigators may take into account publicly available social media information when evaluating an application for a security clearance. The Security Executive Agent Directive 5, “Collection, Use, and Retention of Publicly Available Social Media Information in Personnel Security Background Investigations and Adjudications,” codifies federal background investigative authority to use publicly available social media information in the security clearance process.

According to the Office of the Director of National Intelligence, this policy allows investigators to consider an applicant’s history on Twitter, Facebook, Instagram, and other similar sites.

Agencies can target publicly visible social media posts if they think it necessary, but they cannot force users to hand over their passwords for secret accounts or offer pseudonyms for any profiles, according to these guidelines.

According to the regulation, social media data gathered as part of a background check will not be kept unless it is deemed “relevant” to the person’s security status.

Resources for Obtaining a Security Clearance

Guidelines and updates related to security clearances from the U.S. Department of State.

The Government’s web-based portal for accessing Electronic Questionnaires for Investigations Processing (e-QIP) forms.

The Department of Defense (DoD) Personnel Security Program Regulation.

Guide for the Standard Form (SF) 86.

The information contained in this article is not legal advice and is not a substitute for such advice. State and federal laws change frequently, and the information in this article may not reflect your own state’s laws or the most recent changes to the law. 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
How to Start a Career in Cybersecurity

How to Start a Career in Cybersecurity ?

Next Post
Tor Browser

Top 11 Cyber Security Best Practices For Your Business

Related Posts