Summer Associate Internship (Security Governance & Risk - Standards Management)

Overview

Team Overview:

Standards Management is a team within the Security Governance & Risk (SG&R) Division of the NFCU's Security Department. The SG&R Division focuses on advancing the department's mission by enabling the business, helping to develop secure, quick-to-market products, and managing security risks across the enterprise.

The Standards Management Team works to ensure that NFCU Information Security Documents (Policies, Instructions, Standards, and Procedures) are effectively managed to help guide the continued security and confidentiality of member and employee information. In addition, we provide guidance to the enterprise around selecting and implementing appropriate security controls to reduce associated risks. In doing so, we continuously partner with the various business units throughout NFCU in the interest of continuously improving NFCU's security posture.

Potential Project(s) Description:

The Standards Management Team continues to mature and iterate upon documented security requirements in NFCU's Security Standards and evaluate the content against security industry inputs. During the engagement, we plan on leveraging the summer associate's support for various activities associated with these initiatives. Time permitting, there will also be opportunities to apply critical thinking skills, perform research on emerging technologies and risks, and identify additional activities that leverage a candidate's background and expertise.

The Summer Associate Program is a 12-week internship program beginning in May 2026 and ending in August 2026. Students will work on impactful projects and meaningful work during their internship. To qualify, applicants must be currently pursuing degree from an accredited college or university and have an anticipated graduation date of December 2026 or after.

Responsibilities

• Work with team members to enhance Standards by evaluating various industry frameworks and identifying opportunities for enhancements to foster continuous security improvements in the interest of protecting the confidentiality of member and employee information.
• Communicate and socialize proposed updates with stakeholders from across NFCU to ensure that updates to the Standards are balanced with current or proposed operational practices and needs.
• Research and provide recommendations for the selection of security controls and assist with the tailoring of those controls to accurately reflect NFCU's needs.
• Support the migration between the old and new technology platforms (e.g., SharePoint Online) and assist team with documentation management while maintaining confidentiality and accessibility.
• Assist in short and long-term strategic planning and implementation for various team initiatives.
• Proactively research areas of emerging technologies and risks applicable to NFCU and develop potential solutions and recommendations in the interest of addressing the associated risks.

Qualifications

Total Professional and Educational Experience 4+ years of which Information Technology/Security is 1+ years.

Soft Skills:

• Excellent communication skills
• Self-starter / self-directed
• Understanding of general Information Technology concepts
• Experience with business process definition and optimization
• Strong analytical skills with experience creating reports and analyses
• High level proficiency with Microsoft Office
• Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management
• Advanced skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy and tact
• Advanced organizational, planning and time management skills
• Advanced skill developing and implementing programs in a leadership role
• Effective skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes
• Advanced skills in taking initiatives and using good judgment to make sound decisions
• Ability to work collaboratively within a team environment
• Curiosity and eagerness to learn new technologies and security practices

Preferred Technical Skills:

• Coursework, projects, and/or work experience related to security risk and controls management and/or cybersecurity frameworks (such as NIST, FedRAMP, PCI DSS, HIPAA, ISO, etc.)
• Knowledge of Federal banking safety and soundness regulations and familiarity of examination approaches from regulatory bodies such as the: FFIEC, NCUA, OCC, FHFA and the CFPB.
• Knowledge of industry leading risk and security program management frameworks (such as COSO, COBIT, NIST CSF, ITIL)
• Knowledge of data protection and/or privacy frameworks (e.g., GDPR, CCPA, NIST Privacy Framework)
• Experience in the development and/or implementation of security risks and controls management frameworks
• Experience with information technology systems, project processes, and application development (e.g., SharePoint Online

Hours: Monday - Friday 8:00AM - 4:30PM

Location: 820 Follin Lane, Vienna, VA 22180

About Us