The candidate will work with the Security, Risk, and Compliance team to manage the security assessment lifecycle of systems, networks, and applications and create process and policy-related documentation.
- Using existing education and training, and knowledge learned on the job, the incumbent will work with various security technologies to support the audit and assessment of networked endpoints, servers, and network equipment.
- The incumbent will create original, and modify existing, policy and process documentation to cover the Risk and Compliance Analyst role.
- Attends team and any other meetings as appropriate.
- Other duties as assigned.
- Educate, Train, Do
For each task, the intern will be provided information to read, experience a one-on-one training session, and will have the opportunity to perform a task related to the training. As appropriate, the intern will be assigned routine tasks and project activities.
Provided an overview of the following Frameworks, Regulations, Standards:
- NIST Cyber Security Framework (CSF)
- NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
- Payment Card Industry Data Security (PCI/DSS)
- Health Insurance Portability and Accountability Act (HIPAA)
Exposed to the following ACS IT Programs/Processes:
- Payment Card Industry Data Security (PCI/DSS) Standard Compliance
- Internal Audit Compliance
- Supplier Risk Management Program
- Business Continuity/Disaster Recovery Program Management
- Policy Program Management
- Risk Management (including but not limited to responding to security requests for firewall changes, additions to whitelist controls, processing lost/stolen incidents)
- Application Security Program• Incident Response
- Vulnerability Management
- Firewall and other security device management
- To accomplish tasks, the intern will utilize the following technologies:
- SharePoint – Updating task lists, creating and formatting pages, updating a Wiki
- Microsoft products: Excel, Word, Outlook, OneDrive, One Note
- Skype – Scheduling and conducting Skype meetings (with both data and voice components)
- LANDesk – Client Service Support System
- Experience administering Windows systems, Unix systems, or network devices (firewalls, routers, etc.) a plus.
- Commitment to cooperative working.
- Excellent verbal and written communication skills.
- Troubleshooting and root cause analysis skills
- System/networking diagramming and documentation skills• Ability to work under tight time constraints and deadlines.
SPECIALIZED TRAINING OR KNOWLEDGE:
- The ideal candidate will have experience with Enterprise versions of Microsoft Office software to include PowerPoint, Visio, and Project.
All Interns Must meet the following requirements:
- Full-time student, If you are an undergraduate student you have completed your freshman year of college;
- Have a minimum of a B average (cumulative 3.0 on 4.0 scale);
- Plan to continue their education in the following term/semeste
- Note: an internship assignment may coincide with the student’s last term/trimester, but student must disengage upon graduation.