Four elite certifications. Fifteen thousand secured endpoints. Four thousand ATMs. A fraud prevention plan tied to an FBI-reported $16.6 billion problem. Approved as a self-petitioner, without a U.S. job offer.
In short: A senior information security consultant with 14 years of financial sector cybersecurity experience
including large-scale endpoint and ATM security deployments across major banks was approved for an EB-2
NIW as a self petitioner. Based in Saudi Arabia, working for a U.S.-headquartered company. No
U.S. job offer. The case was approved under Matter of Dhanasar on the strength of a proposed AI-driven
cybersecurity and fraud prevention infrastructure directly aligned with documented U.S. government priorities and
recent federal executive orders on digital financial security.
The petitioner’s name has been withheld for privacy. Profession, employer, and outcome are real.
Start with the Number
In 2024, reported cybercrime losses in the United States reached $16.6 billion, according to the FBI’s annual Internet Crime Report. That is a 33% increase over the year before. And it almost certainly undercounts reality, because the vast majority of fraud is never reported.
That is the problem. This is the story of the person who spent 14 years learning how it works, and what happens when someone with that background files a National Interest Waiver petition.
What He Actually Does
He is a senior information security consultant specializing in financial sector cybersecurity. Not generic IT security, the specific, high-stakes work of keeping banks, ATM networks, and digital payment systems safe from fraud and cyberattack.
Over 14 years across multiple major financial institutions, he secured more than 15,000 enterprise endpoints and 4,000 ATMs. He built the systems that decide which software is allowed to run on bank machines and which is blocked. He designed the fraud detection frameworks that flag unusual transaction behavior before money leaves the account. He ran the disaster recovery programs that kept financial systems available when everything went wrong.
His credentials are specific and hard-earned. He holds the CISSP widely considered the most rigorous certification in cybersecurity, requiring five years of verified experience across multiple security domains. He also holds the CISM (governance and risk-based security management), the CISA (information systems audit and control), and the Associate CCISO (executive-level security leadership). Holding all four is uncommon. It signals someone who operates across the technical, governance, and strategic layers of financial cybersecurity simultaneously.
Most recently, he worked as a senior security consultant for NCR Atleos (a publicly traded U.S. company and global leader in ATM technology) serving one of the largest banks in the region.
The Fear He Couldn’t Shake
When he came to Immignis, the concern was straightforward: he was based in Saudi Arabia, working on bank security in the Gulf. His experience was real, his credentials were strong, but he had one persistent doubt. Was security work done for foreign banks, in foreign countries, actually relevant to the national interest of the United States?
The question people in this situation ask us is whether work done abroad counts. In this case, the more precise
answer is: the problem he solves does not have a nationality.
Cyber fraud, ransomware, and ATM malware are not regional issues. The fragmentation problem in financial cybersecurity (where different banks use different, disconnected tools, creating gaps that attackers exploit) is exactly the same in the United States as it is anywhere else. And the U.S. government has said so, repeatedly, in executive orders.
Why the Case Was Built on Solid Ground
His EB-2 NIW proposed endeavor was an AI-driven cybersecurity and fraud prevention infrastructure for U.S. financial institutions built on four practical pillars: a unified cross-institution defense architecture, behavioral intelligence for early fraud detection, integrated endpoint and data integrity protection, and automated incident response and compliance alignment.
Every part of that plan was tied to documented U.S. need. The EB-2 NIW national importance argument came directly from federal sources.
The FBI’s 2024 cybercrime data showed $16.6 billion in reported losses and a 33% year-over year increase. The FTC reported consumer fraud losses of $12.5 billion, up 25% from 2023. Identity fraud losses reached $27 billion. LexisNexis research found that every dollar lost to fraud generates $4.41 in total costs once investigation, remediation, and service disruption are included. In 2024, 65% of financial organizations reported experiencing ransomware related incidents.
On the policy side, the White House issued an executive order in January 2025 on strengthening U.S. leadership in digital financial technology. The U.S. Treasury had already demonstrated, using machine learning, that it could prevent and recover more than $4 billion in fraudulent payments in a single fiscal year. CISA, the Federal Reserve, and the Department of the Treasury have all published explicit priorities around building secure, resilient, and interoperable financial infrastructure.
His EB-2 NIW proposed endeavor matched those priorities specifically. The petition made that connection explicit, with named sources and named documents.
What Immignis Built Into the Petition
His track record was already there. This was a direct EB-2 NIW petition no profile-building phase was needed. What the petition required
was translating 14 years of specialized work into the exact language the Dhanasar test uses.
Letters of recommendation, full evidence dossier, and the I-140 prepared and filed as an EB-2 NIW self-petition.
EB-2 NIW Proposed endeavor drafted around all three Dhanasar prongs, tied to real executive orders, CISA priorities, Treasury
initiatives, and FBI fraud statistics. Every claim was sourced.
National importance built from specifics: named federal policies, published loss figures, and the structural fragmentation
problem that his architecture is designed to solve.
Well-positioned argument drawn from his actual career: the 15,000 endpoints, the 4,000 ATMs, the multi-institution project
record, the four elite certifications, the professional memberships in ISC², ISACA, and EC-Council.
The Outcome
Approved.
He self-petitioned. No U.S. employer behind the application, no job offer, no labor certification. The petition was approved because the proposed endeavor addressed a real, documented, and urgent national need, and because 14 years of hands-on financial cybersecurity work across major institutions made him a credible person to advance it.
The Dhanasar test does not ask where you have been working. It asks whether what you know is nationally important
and whether you can prove you are positioned to use it. Those are answerable questions.
For Cybersecurity Professionals Working Abroad
If you work in cybersecurity (particularly in financial services, critical infrastructure, or digital payments) and you have assumed the EB-2 NIW does not apply because your experience is in another country, this case is worth reading carefully.
The skill set required to fight financial fraud and defend banking infrastructure is the same whether the bank is in Riyadh or New York. The U.S. government has a documented and growing need for people with exactly these capabilities. What determines whether you qualify is whether your proposed endeavor is credible, specific, and aligned with that documented need and whether your background gives you a real basis for doing the work.
That case can be made. But it takes a petition written with the right precision, and evidence organized to answer the right questions.
Questions Cybersecurity Professionals Ask Us
Can a cybersecurity consultant qualify for an EB-2 NIW?
Yes, in the right circumstances. Cybersecurity is explicitly listed as a critical and emerging technology domain by the U.S. government. When a cybersecurity professional can show a specific proposed endeavor addressing a documented national gap, backed by real experience proving they can execute it, the Dhanasar test can be satisfied. This approval is an example of exactly that.
Does experience working for foreign banks or abroad count toward U.S. national interest?
It can count significantly. What USCIS evaluates under Dhanasar is whether the applicant is positioned to advance the proposed endeavor in the U.S. Work done abroad for major financial institutions (particularly for a U.S.-headquartered employer, or using methods directly applicable to U.S. systems) demonstrates real, practical expertise. The geography of past work matters less than its relevance to the proposed endeavor.
What makes CISSP, CISM, CISA, and CCISO relevant to an NIW petition? These are not entry-level credentials. CISSP requires five years of verified multi-domain security experience and is considered a benchmark for senior cybersecurity professionals. CISM and CISA validate governance, risk, and audit expertise. Associate CCISO reflects executive-level security leadership. Holding all four carries weight in a well-positioned argument because they confirm advanced professional standing independently of what any employer says. USCIS recognizes membership and credentials from organizations with real eligibility requirements as meaningful evidence.
What is the difference between a generic cybersecurity job and a nationally important proposed endeavor?
The difference is specificity and scope. A job focuses on one employer’s systems. A nationally important endeavor addresses a structural problem affecting an entire sector and in financial cybersecurity, that problem (fragmented, inconsistent defenses across institutions that attackers exploit) is well-documented and acknowledged by the U.S. government. The petition needs to connect the applicant’s work to that specific documented need, not just describe competence in a field.
If you work in cybersecurity and want an honest assessment of whether your background and experience could support an NIW, start there. Immignis offers a free profile review with no obligation.
Free assessment: immignis.us/contact-us