Opportunity sourced from the Official SkillBridge website. Not endorsed by the Department of Defense.
Cloud Security Engineer Intern supporting infrastructure and security engineering for defense-focused clients, with hands-on experience in NIST and CMMC frameworks. Interns contribute to Linux hardening, compliance validation, cloud monitoring, Infrastructure as Code, and Kubernetes operations alongside senior engineers. The role includes participation in daily standups and weekly mentorship focused on technical and professional development.
The Cloud Security Engineer Intern supports infrastructure and security engineering initiatives for defense-focused clients while gaining hands-on experience with cybersecurity frameworks such as NIST and CMMC. Interns participate in daily standups, contribute to active client projects, and receive weekly one-on-one mentorship focused on technical growth, certification preparation, and career development.Responsibilities include assisting with STIG-hardened Linux image development, validating compliance configurations with tools such as OpenSCAP, supporting endpoint monitoring and logging platforms, contributing to Infrastructure as Code deployments, and participating in Kubernetes and cloud infrastructure operations under senior engineer supervision. Candidates should possess Linux command-line proficiency, networking fundamentals, scripting experience, and a disciplined approach to change management. Required Skills:● Working Linux command line proficiency (any major distribution)● Networking fundamentals (TCP/IP, routing, firewalling, DNS)● Familiarity with virtualization concepts (VMware, KVM, Hyper-V, or equivalent)● Comfort with scripting in at least one language (Bash, Python, or PowerShell)● Disciplined change management approach (military signal or comms operations background translates well)Preferred Skills:● Active U.S. security clearance (Secret or above)● Hands-on Linux administration experience (RHEL, Rocky, or equivalent)● Exposure to Infrastructure as Code (Terraform, Ansible, Packer)● Container and orchestration experience (Docker, Kubernetes)● Prior work with DISA STIGs or FIPS configuration● Experience with VDI platforms or remote access architecturesDay in the Life:The participant joins the daily standup at 9 AM Eastern, then moves into supervised infrastructure and security engineering work. A typical day includes: building a STIG-hardened Rocky Linux 9 image with Packer, running an OpenSCAP scan to validate FIPS and STIG coverage, tuning Wazuh agent rules for a client tenant, contributing a Terraform module for a network security group, and pairing with the CEO on a Kubernetes RKE2 cluster operations task. The week closes with a 60 minute one-on-one mentorship session covering technical progress, certification prep, career planning, and the hiring discussion. All client-facing infrastructure changes go through CEO review.Company Overview:Hermathena Labs provides FedRAMP Moderate and CMMC Level 2 cloud infrastructure and cybersecurity compliance services. Clients are research universities, defense contractors, and federal agencies that need to protect Controlled Unclassified Information (CUI) and meet DoD security requirements. Hermathena operates a FIPS-validated, STIG-hardened secure cloud environment hosted at FedRAMP-authorized data centers.Certification: Hermathena funds the CMMC Certified Professional (CCP) or Certified CMMC Assessor (CCA) exam for each participant through CyberAB, the DoW-authorized CMMC accreditation body. Exam preparation is integrated into the training schedule.
25B, 25D, 17C, 1D7, 5C0, 1721, CTN
US Space Force, US Air Force, US Army, US Marine Corps, US Coast Guard, US Navy
Location: Remote and virtual. Delivered through Hermathena Labs secure VDI (Kasm Workspaces). Open to participants at any military installation nationwide. Participant must have a computer and internet service.
Send a professional application in seconds, created by prior SkillBridge POCs.
