Summary The Administrative Office of the U.S. Courts (AO) is seeking motivated students for our Volunteer Student Internship Program. This unpaid opportunity offers meaningful work experience, professional development, and prepares students for a potential career in public service. Interns benefit from networking with fellow interns, AO staff, and professionals across the federal government. This opportunity is ideal for students interested in federal service and information technology. Responsibilities Internship positions are located the Department of Technology Services, Information Technology Security Office (ITSO). ITSO oversees the Judiciary's IT security program, managing cybersecurity operations, digital forensics, malware analysis, and forensic investigations in support of both cybersecurity and law enforcement efforts. All AO internships are onsite at the Thurgood Marshall Federal Judiciary Building in Washington, DC, or the Northwest Center in San Antonio, TX. Telework is not permitted. Interns may be assigned to one of the following offices: Security Mission Integration Division, Data Analytics Branch Duties of a Cybersecurity Data Analyst Intern may include, but are not limited to: Generating, analyzing, and interpreting metrics on the validity of signatures to support risk-based signature modifications. Developing and tuning machine learning models to improve the identification of malicious activity. Working as part of a team to continuously create, deploy, and tune risk-based security detections to identify risky or potentially adversarial behavior within Judicial networks. Working within an agile development environment supporting the security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms. Security Mission Integration Division, Security Automation Branch Duties of a Cybersecurity Detection Engineer Intern may include, but are not limited to: Generating, analyzing, and interpreting metrics on the validity of signatures to support risk-based signature modifications. Coordinating across multifunctional teams to create and validate security alerts from security devices. Investigating new alerts to determine the impact to analyst's workflows and any expected security impact. Managing enhanced analytic logging configurations including Sysmon and Auditd. Developing, testing, and deploying new detections. Tuning existing detections based on available data, changes in data sources, and modifications to actor tactics, techniques, and procedures (TTPs). Working as part of a team to continuously create, deploy, and tune risk-based security detections to identify risky or potentially adversarial behavior within Judicial networks. Working within an agile development environment supporting the security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms. Security Operations Division , Incident Response Branch Duties of an Incident Responder Intern may include, but are not limited to: Conducting thorough analysis of network, endpoint, and application logs to identify and assess intrusions, determine their impact, and implement appropriate containment strategies to mitigate threats. Providing timely and accurate incident status updates to key stakeholders, including the incident commander, security operations center leaders, and executives. Developing and testing enterprise-wide detection and response capabilities. Maintaining and enhancing the incident response framework by defining and refining incident declaration processes, updating the Judiciary's Incident Response Plan, and identifying gaps in existing procedures. Driving continuous improvement through the development and validation of readiness exercises, standard operating procedures, and playbooks. Security Operations Division , Incident Response Branch Duties of a Digital Forensic Analyst Intern may include, but are not limited to: Conducting thorough analysis of network, endpoint, and application logs to identify and assess intrusions, determine their impact, and implement appropriate containment strategies to mitigate threats. Performing network forensics from log files and packet captures. Performing endpoint forensics, including volatile memory, log files, disk, user behavioral, and data integrity analyses. Performing malware analysis to disassemble and reverse engineer potential malware. Identifying indicators of compromise from digital forensic and malware samples for more effective intrusion prevention and detection. Participating in activities to detect, investigate, and analyze lateral movement and threat persistence. Following on activities by threat actors to harm the Judiciary. Security Operations Division, Threat Detection Branch Duties of a Cybersecurity Data Analyst Intern may include, but are not limited to: Conducting thorough analysis of previous cybersecurity incidents to identify trends and drive continual improvement of security operations center processes. Creating briefings and visualizations to highlight identified trends that may impact the security of the Judiciary. Mapping existing cybersecurity incidents to MITRE ATT&CK framework. Enhancing the organization's incident response process by identifying gaps in existing procedures. Requirements Conditions of Employment CONDITIONS OF EMPLOYMENT: All information is subject to verification. Applicants are advised that false answers or omissions of information on application materials or inability to meet the following conditions may be grounds for non-selection, withdrawal of an offer of employment, or dismissal after being employed. Selection for this position is contingent upon completion of OF-306, Declaration of Federal Employment during the pre-employment process and proof of U.S. citizenship. For a list of documents that may be used to provide proof of citizenship or authorization to work in the United States, please refer to Form I-9, Employment Eligibility Verification. All new AO interns will be required to complete an FBI fingerprint-based national criminal database and records check and pass a public trust suitability check. Qualifications All students in the Volunteer Student Internship Program must be enrolled or accepted for enrollment as a degree-seeking student, taking at least a half-time academic or technical course load in an accredited 2 year or 4 year program, or in a post-secondary level program. Students must also be in good academic standing, maintaining a GPA of 3.0 or higher. Additional Qualification Requirements: In addition to meeting the BASIC QUALIFICATIONS REQUIREMENTS, applicants must also: Work well in a team environment. Have strong organization and communication skills and be detailed oriented. Have a working knowledge of computer applications such as Microsoft Word, Microsoft Excel, or WordPerfect. Have excellent writing, reading, and interpersonal skills. Be able to organize a variety of assignments simultaneously and meet tight deadlines. The ideal candidate has a strong academic background in technical cybersecurity and/or data analytics. The Volunteer Student Internship Program requires all participants to be an active student. Therefore, seniors graduating at the end of the current semester will not be considered unless they are continuing to pursue advanced studies as a degree-seeking student at the beginning of the next semester. Education All students in the Volunteer Student Internship Program must be enrolled in an accredited school, and must be working toward a degree, diploma, certificate, etc. on a full-time or part-time basis. Students must maintain a minimum 3.0 GPA. You can receive credit for education received outside the United States if you provide evidence that it is comparable to an accredited educational institution in the United States. A transcript is required at the time of application for proof of enrollment and education. Additional Information The AO is an Equal Opportunity Employer. Benefit: Student interns in the Washington, DC area are eligible for up to $320 in commuting benefits to cover travel to and from their AO internship. Eligibility for benefits depends on the @type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
