AI Risk Acceptance Intern - Summer 2026

About The Position

Requirements

• Candidates should demonstrate a thorough understanding of cybersecurity principles.
• Interns must be enrolled in an accredited degree program with a preference in a related field such as Computer Science, Data Science, or Information Security.
• Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.
• Due to the nature of work performed within our facilities, U.S. citizenship is required.
• Understanding of artificial intelligence (AI) and how it can be used as a tool to improve efficiency for operational improvements.
• Foundational understanding of cybersecurity and risk concepts (e.g., likelihood/impact, controls, mitigations) and familiarity with frameworks like NIST RMF/CMMC.
• Clear written/verbal communication for summarizing findings and drafting control/assessment documentation (SSP, risk entries).
• Comfort with data analysis (Excel/Sheets) and basic scripting (e.g., Python) to analyze findings or automate report formatting (helpful for risk/RA tasks).
• High attention to detail, curiosity, and the ability to learn and follow policy-driven workflows.

Nice To Haves

• Exposure to cloud security tooling and services: Azure Defender, AWS Security Hub, M365/Intune posture checks.
• Exposure with vulnerability and endpoint tooling (e.g., Tenable, CrowdStrike), secure web gateways (Zscaler), and container security basics.
• Awareness of privacy risk and data handling practices tied to enterprise SSP controls.

Responsibilities

• Assist with risk assessments for cloud and on-prem applications and services, due diligence, draft concise risk summaries, and proposed treatments for review.
• Help manage an AI driven Risk Assistant as a human in the loop or human on the loop (HITL/HOTL)
• Assist with AI Integration projects into GRC processes as well as look for other areas to apply AI
• Update and track entries in the enterprise Risk Register in coordination with risk owners and IT Governance.
• Support audit readiness and evidence collection (internal/external), including control documentation for CMMC and privacy controls in enterprise SSPs.
• Contribute to continuous monitoring and vulnerability oversight alongside engineers using tools such as Tenable and endpoint/cloud security services.
• Help with enclave and cloud security posture (Azure/AWS), including hardening checks, configuration reviews, and SSP updates.
• Document processes and variances to ensure consistency with the IT Cyber Security policy and related guidance.