Summer Associate Internship

The Adversarial Security Practice (ASP) team is tasked with executing penetration tests against Navy Federal applications and infrastructure. The ASP performs penetration testing leveraging a variety of manual and automated testing techniques to assess NFCU’s applications and systems for resilience against various types of attack and to identify exploitable weaknesses. Penetration testers present findings and recommendations for remediation to application and system owners and act as subject matter experts to help engineering teams understand findings and potential impact from security vulnerabilities that have been identified. Types of assessments conducted include application, network, wireless, and mobile application penetration tests.

The Adversarial Security Practice (ASP) Summer Associate will assist in the full lifecycle for a penetration test, including:

• Pre-engagement
  • Information Gathering
  • Threat Modeling
• Execution
  • Vulnerability Identification
  • Exploitation
  • Post-exploitation & Lateral Movement
• Reporting
  • Drafting Penetration Test Report

The Adversarial Security Practice (ASP) Summer Associate will also work on projects that could involve pre-engagement, testing infrastructure, remediation validation, reporting, and/or penetration testing governance. Projects will be determined based upon specific interests of the Summer Associate and needs of the ASP.

The Summer Associate Program is a 12-week internship program beginning in May 2026 and ending in August 2026. Students will work on impactful projects and meaningful work during their internship. To qualify for this position, applicants must be currently pursuing a degree from an accredited college or university and have an anticipated graduation date of December 2026 or later.
 

• Knowledge of MITRE ATT&CK and/or CAPEC Frameworks
• Experience testing against or working with Active Directory environments 
• Experience using both Linux based and Windows based systems
• Experience coding in languages and on frameworks such as: Rust, Go, Python, JavaScript, Bash, PowerShell, Java, C#, C++, Springboot, React, NodeJS
• Networking knowledge spanning: IPv4/6, DNS, TCP/UDP, TLS/SSL, SSH, HTTP, Proxies
• Knowledge of modern cryptographic hashing & encryption methods and best practices
• Communication, presentation, and analytical skills

Hours: Monday – Friday 8:00AM - 4:30PM
Location: Remote | 5550 Hertiage Oaks Dr. Pensacola, FL 32526

• Perform application, network, wireless, and/or mobile application penetration tests
• Complete projects related to building, managing, and running a penetration testing program