Opportunity sourced from the Official SkillBridge website. Not endorsed by the Department of Defense.
Cybersecurity Analyst Intern role supporting compliance and security operations for defense-focused clients, with hands-on experience in CMMC and NIST frameworks. Responsibilities include assisting with client projects, validating controls, triaging alerts, maintaining compliance documentation, participating in daily standups, and joining client calls, along with weekly one-on-one mentorship.
Cybersecurity Analyst Intern supporting compliance and security operations for defense-focused clients, gaining hands-on experience with frameworks like CMMC and NIST. This role is designed for transitioning service members with cyber, intelligence, or IT backgrounds who want to build practical skills in a real-world consulting environment. Interns will participate in daily standups, contribute to active client projects, and receive weekly one-on-one mentorship. Work may include control validation, alert triage, compliance documentation, and participation in client calls. All deliverables are reviewed by senior leadership.Key Responsibilities: - Assist in reviewing and assessing client security controls against CMMC Level 2 requirements - Draft and update System Security Plan (SSP) documentation and supporting materials - Monitor and triage alerts from SIEM tools (e.g., Wazuh, Splunk) - Contribute to vulnerability assessment activities and reporting - Support client engagements through research, documentation, and note-taking - Handle sensitive information in accordance with security and compliance standardsRequired Qualifications: - Foundational knowledge of information security principles (CIA triad, access control) - Familiarity with Linux or Windows command line environments - Strong written communication skills - Experience handling sensitive or classified information - Ability to work independently in a structured remote environmentPreferred Qualifications: - Active U.S. security clearance (Secret or higher) - CompTIA Security+ or equivalent certification (DoD 8570 IAT II) - Exposure to NIST RMF, NIST 800-171, or DoD STIGs - Experience with SIEM platforms or vulnerability scanning tools - Background in technical documentation (SOPs, accreditation packages, COMSEC)Objective:Prepare for CMMC Certified Professional (CCP) or Certified CMMC Assessor (CCA) exam. Exam preparation begins formally in Week 13 and concludes in Weeks 21 to 25. In addition, the intern gains applied experience in CMMC and FedRAMP environments, positioning them competitively for roles across the defense industrial base, federal agencies, and cleared contractors.Training Delivered byHector Velez - CEO and Cyber Security Analyst with 25 years experience in both public and private sectors. US Army Combat VeteranGrading Rubric:30 Day Checkpoint (10%): - Hermathena environment fluency confirmed - One 800-171 family mapped end-to-end - Comfort with Linux command line, SELinux concepts, and STIG framework - Initial career conversation: target roles, geographic preferences, clearance status60 Day Checkpoint (25%): - One hardened baseline image built and documented - One vulnerability scan executed end-to-end - Wazuh rule authoring exercise completed - Shadow participation in at least one client meeting - Resume draft started; LinkedIn profile reviewed90 Day Checkpoint (25%): - First independent client deliverable contribution (CEO-reviewed) shipped - CCP or CCA exam study plan in progress; first practice exam taken - One mock interview completed - Mid-program career check: confirm post-program target, named employer list180 Day Checkpoint (40%): - CCP or CCA exam scheduled or taken - Capstone project delivered - Resume final, reflecting program work - Exit checklist signed offCertification:Hermathena Labs funds the CMMC Certified Professional (CCP) or Certified CMMC Assessor (CCA) exam for each participant through CyberAB, the DoD-authorized CMMC accreditation body operating under 32 CFR Part 170. Exam preparation is integrated into the training schedule.CCP is the foundational credential and the default track. Most participants will take CCP. CCA is offered to participants who already hold strong assessment fundamentals (typically those with prior 800-171 or RMF assessment experience) and who pass an internal readiness check.
17C, 17E, 25B, 25D, 35T, 1D7, 1N4, 9S1, 5C0, 1721, 0689, CTN
US Space Force, US Air Force, US Army, US Marine Corps, US Coast Guard, US Navy
Participant must have a computer and internet service.
Send a professional application in seconds, created by prior SkillBridge POCs.
