Summer Associate Internship

The Security Governance & Risk's (SG&R) Security/Cyber Standards & Assurance provides services to test and confirm compliance with the Security Standards by developing, advocating for, and reviewing compliance with Security Control Requirements. Teams include Standards, Standards Compliance & Authorization, Assurance Monitoring and Analytics, and Controls Testing/Regulatory Compliance. Summer Associates working within this area will be aligned with a respective team and be provided opportunities to collaborate and be exposed to the other teams through daily operations and a meaningful project. 

The Summer Associate – Standards Compliance & Authorizations will develop a working knowledge of Navy Federal’s Security Standards and understand how and why they apply to the business, thereby supporting the need for security controls. The Associate will assess Security Non-Compliance Issue (NCI) requests and determine their residual risk through assessment of inherent risk and effective controls. The Summer Associate will support daily operations, including reviewing, assessing, and processing requests for NCIs and Authorizations in alignment with Navy Federal Security Standards, enterprise risk appetite, and industry best practices. The Associate will be expected to perform research, participate in team and stakeholder meetings, and aid business units in ensuring the completeness, accuracy, and validity of their respective requests. The Associate will assist in the evaluation of previously-approved NCIs and Authorizations as they come due for recertification or resubmittal.

In addition to participating in day-to-day operations as described, the Associate will complete a project that includes elements of these operations, which will be presented to the team and leadership at the conclusion of the Associate’s term. Details on the project will be identified in collaboration with the Associate at the commencement of their term of employment.

The Summer Associate Program is a 12-week internship program beginning in May 2026 and ending in August 2026. Students will work on impactful projects and meaningful work during their internship. To qualify for this position, applicants must be currently pursuing a degree from an accredited college or university and have an anticipated graduation date of December 2026 or later.

• Academic and/or practical knowledge of cybersecurity risks, processes, and controls
• Knowledge of data security controls and procedures including authentication, access, network security, event logging/monitoring, and encryption
• Effective planning, writing, and organizational skills
• Strong analytical, research, and problem-solving skills
• Strong verbal, written and interpersonal communication skills, including technical writing and a high level of confidence in dealing with executives in technical discussions

Hours: Monday – Friday 8:00AM – 4:30PM

Location: Remote | 820 Follin Lane, Vienna, VA 22180

• Review, assess, and process Security Standard Non-Compliance Issue requests based on residual risk, justification, and remediation plan.
• Review, assess, and process Security Authorization requests where business activities require approval in alignment with Security Standards.
• Participate in peer reviews of requests for completeness, accuracy, and validity using established review processes.
• Leverage various communications channels and participate in meetings with stakeholders to obtain required information.
• Keep current with Cybersecurity best practices and industry trends and apply these practices as appropriate.
• Perform other duties as assigned.