Cyber Risk Intern – Supply Chain Risk Management

Overview:

The Cyber Risk Intern – Supply Chain Risk Management position at Leidos is open to current undergraduate or graduate students who have completed at least their junior year in a bachelor’s degree program. The internship offers the opportunity to engage in meaningful work with Leidos’ Cyber Supply Chain Risk Management (C-SCRM) team. The intern will assist with assessing cybersecurity risks posed by third-party suppliers who store, process, or otherwise handle key information assets. The role involves collaborating with staff across the organization and suppliers to ensure established procedures are met and to drive process improvements.

Key Opportunities:

• Gain practical experience in identifying and managing cyber risks posed by third-party suppliers.
• Assess and manage AI-related risks in the supply chain.
• Leverage critical thinking to identify and deliver opportunities for process improvement.
• Develop expertise in streamlining procedures and implementing automation.

Primary Responsibilities:

• Assist with the supplier cyber risk assessment process, including evaluating risk levels, recommending risk mitigations, and tracking supplier risk remediation plans.  
• Prepare comprehensive supplier risk assessment reports and work instructions.
• Contribute to supplier risk management processes and communicate risk-related information to stakeholders effectively.
• Collaborate with cross-functional teams in assessing and communicating risks.

​

Basic Qualifications:

• Currently pursuing a bachelor’s or master’s degree in information technology, cybersecurity, or a related field, maintaining a minimum 3.5 GPA.
• Must have completed junior year in a bachelor’s degree program.
• U.S. Citizenship.
• Ability to work effectively in a remote setting while ensuring timely completion of projects and assignments.
• Self-motivated with a strong ability to independently analyze technical issues and develop effective solutions.
• Excellent written and verbal communication skills.
• Strong passion for cybersecurity, demonstrated through academic projects, coursework, or relevant certifications.
• Obtained at least one relevant cybersecurity certification such as CompTIA Security+, Certified Ethical Hacker (CEH), Cisco Certified CyberOps Associate, etc.
• Proficient in computer networking and network security, including understanding of ports, protocols, encryption, and ability to analyze network security diagrams and data flow charts.

Preferred Qualifications:

• Additional relevant security certifications (e.g., from ISC2, ISACA, SANS, AWS, Microsoft).
• Knowledge of federal standards like NIST SP 800-53. 800-171, CMMC, NIST CSF, etc.
• Understanding of cloud deployment models (SaaS, IaaS, PaaS).
• Experience with cybersecurity tools and technologies.
• Knowledge of operating systems from a security perspective.
• Experience in incident response and threat resolution.
• Strong communication skills, capable of explaining technical concepts to varied audiences.
• Familiarity with programming languages for cybersecurity (Python, Java, PowerShell) is a plus.

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.