Cyber Risk Analyst – Risk Management Intern

Job Description:

The Cybersecurity Risk Management Internship at Leidos offers a unique opportunity for an entry-level university student to engage in meaningful work with our enterprise cybersecurity risk management team. The intern will assist in enhancing our information security program and risk management framework, contributing to the development and refinement of tools, policies, procedures, and best practices. This role is perfect for someone who is passionate about cybersecurity and eager to apply their knowledge in a complex enterprise setting, working alongside experienced professionals in identifying risks and developing mitigation strategies.

Key Opportunities:

• Engage in hands-on activities to mature Leidos' cybersecurity infrastructure.
• Apply cybersecurity and network security concepts in a real-world, complex enterprise environment.
• Utilize critical thinking to contribute significantly to the cyber health of Leidos.
• Gain practical experience in identifying and managing security risks at an enterprise level.

Primary Responsibilities:

• Assist in identifying security vulnerabilities within the network architecture, evaluate risk levels, and recommend mitigation strategies.
• Prepare comprehensive cybersecurity risk assessment reports and internal risk management documentation.
• Analyze and manage risks in complex IT environments, providing security recommendations.
• Contribute to risk management processes and communicate risk-related information to stakeholders effectively.
• Collaborate with cross-functional teams in assessing and communicating risks.

Basic Qualifications:

• Currently enrolled in a bachelor’s or master’s degree program. Majoring in a cybersecurity, information technology, or related field and maintaining a minimum 3.0 GPA.
• Must have completed at least Sophomore year in a bachelor’s degree program.
• Must have U.S. Citizenship.
• Obtained at least one relevant professional security industry certification (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), any certification from ISC2, any certification from ISACA, etc.)
• Proven self-motivation, proactive approach, and the ability to independently analyze technical issues and formulate solutions.
• Demonstrated strong interest in cybersecurity, supported by relevant academic projects, coursework, or certifications.
• Proficient in computer networking and network security, including understanding of ports, protocols, encryption, and ability to analyze architectural designs and data flow diagrams.
• Capable of effectively working remotely, maintaining accountable and efficient use of time, ensuring appropriate delivery of assignments and projects.
• Strong communication skills, capable of explaining technical concepts to varied audiences.
• Basic understanding of cyber risk management concepts.
• Some experience with cybersecurity tools and technologies.

Preferred Qualifications:

• Additional relevant security certifications (e.g., from DoD, ISC2, ISACA, SANS, AWS, Microsoft).
• Knowledge of federal standards like NIST SP 800 series and FIPS 199/200.
• Understanding of cloud deployment models (SaaS, IaaS, PaaS).
• Familiarity with programming languages for cybersecurity (Python, Java, PowerShell).
• Knowledge of Windows, Linux, MacOS operating systems from a security perspective.
• Proficient in Microsoft Office applications, in particular expertise with Excel spreadsheets.
• Basic experience developing solutions with Power Platform (Power BI, Power Apps, and Power Automate) to enhance the efficiency of our cybersecurity operations
• Proven experience leading successful initiatives/projects.
• Experience in incident response and threat resolution.
• Willingness to conduct cybersecurity assessments of suppliers and software according to prescribed evaluation criteria.
• Strong writing ability to produce quality technical reports and internal procedure documentation.
• Awareness of possible cybersecurity risks and threats to provide security recommendations for complex IT environments & sourcing decisions.

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.