Duties
Internship positions are located the Department of Technology Services, Information Technology Security Office (ITSO). ITSO oversees the Judiciary's IT security program, managing cybersecurity operations, digital forensics, malware analysis, and forensic investigations in support of both cybersecurity and law enforcement efforts.
All AO internships are onsite at the Thurgood Marshall Federal Judiciary Building in Washington, DC, or the Northwest Center in San Antonio, TX. Telework is not permitted.
Interns
may be assigned to one of the following offices:
Security Mission Integration Division, Data Analytics Branch
Duties of a Cybersecurity Data Analyst Intern may include, but are not limited to:
- Generating, analyzing, and interpreting metrics on the validity of signatures to support risk-based signature modifications.
- Developing and tuning machine learning models to improve the identification of malicious activity.
- Working as part of a team to continuously create, deploy, and tune risk-based security detections to identify risky or potentially adversarial behavior within Judicial networks.
- Working within an agile development environment supporting the security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.
Security Mission Integration Division, Security Automation Branch
Duties of a Cybersecurity Detection Engineer Intern
may include, but are not limited to:
- Generating, analyzing, and interpreting metrics on the validity of signatures to support risk-based signature modifications.
- Coordinating across multifunctional teams to create and validate security alerts from security devices.
- Investigating new alerts to determine the impact to analyst's workflows and any expected security impact.
- Managing enhanced analytic logging configurations including Sysmon and Auditd.
- Developing, testing, and deploying new detections.
- Tuning existing detections based on available data, changes in data sources, and modifications to actor tactics, techniques, and procedures (TTPs).
- Working as part of a team to continuously create, deploy, and tune risk-based security detections to identify risky or potentially adversarial behavior within Judicial networks.
- Working within an agile development environment supporting the security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.
Security Operations Division, Incident Response Branch
Duties of an Incident Responder Intern may include, but are not limited to:
- Conducting thorough analysis of network, endpoint, and application logs to identify and assess intrusions, determine their impact, and implement appropriate containment strategies to mitigate threats.
- Providing timely and accurate incident status updates to key stakeholders, including the incident commander, security operations center leaders, and executives.
- Developing and testing enterprise-wide detection and response capabilities.
- Maintaining and enhancing the incident response framework by defining and refining incident declaration processes, updating the Judiciary's Incident Response Plan, and identifying gaps in existing procedures.
- Driving continuous improvement through the development and validation of readiness exercises, standard operating procedures, and playbooks.
Security Operations Division, Incident Response Branch
Duties of a Digital Forensic Analyst Intern may include, but are not limited to:
- Conducting thorough analysis of network, endpoint, and application logs to identify and assess intrusions, determine their impact, and implement appropriate containment strategies to mitigate threats.
- Performing network forensics from log files and packet captures.
- Performing endpoint forensics, including volatile memory, log files, disk, user behavioral, and data integrity analyses.
- Performing malware analysis to disassemble and reverse engineer potential malware.
- Identifying indicators of compromise from digital forensic and malware samples for more effective intrusion prevention and detection.
- Participating in activities to detect, investigate, and analyze lateral movement and threat persistence.
- Following on activities by threat actors to harm the Judiciary.
Security Operations Division, Threat Detection Branch
Duties of a Cybersecurity Data Analyst Intern may include, but are not limited to:
- Conducting thorough analysis of previous cybersecurity incidents to identify trends and drive continual improvement of security operations center processes.
- Creating briefings and visualizations to highlight identified trends that may impact the security of the Judiciary.
- Mapping existing cybersecurity incidents to MITRE ATT&CK framework.
- Enhancing the organization's incident response process by identifying gaps in existing procedures.
Requirements
Conditions of Employment
CONDITIONS OF EMPLOYMENT:
- All information is subject to verification. Applicants are advised that false answers or omissions of information on application materials or inability to meet the following conditions may be grounds for non-selection, withdrawal of an offer of employment, or dismissal after being employed. Selection for this position is contingent upon completion of OF-306, Declaration of Federal Employment during the pre-employment process and proof of U.S. citizenship. For a list of documents that may be used to provide proof of citizenship or authorization to work in the United States, please refer to Form I-9, Employment Eligibility Verification.
- All new AO interns will be required to complete an FBI fingerprint-based national criminal database and records check and pass a public trust suitability check.
Qualifications
All students in the Volunteer Student Internship Program must be enrolled or accepted for enrollment as a degree-seeking student, taking at least a half-time academic or technical course load in an accredited 2 year or 4 year program, or in a post-secondary level program. Students must also be in good academic standing, maintaining a GPA of 3.0 or higher.
Additional Qualification Requirements:
In addition to meeting the BASIC QUALIFICATIONS REQUIREMENTS, applicants must also:
- Work well in a team environment.
- Have strong organization and communication skills and be detailed oriented.
- Have a working knowledge of computer applications such as Microsoft Word, Microsoft Excel, or WordPerfect.
- Have excellent writing, reading, and interpersonal skills.
- Be able to organize a variety of assignments simultaneously and meet tight deadlines.
The
ideal candidate has a strong academic background in
technical cybersecurity and/or data analytics.
The Volunteer Student Internship Program requires all participants to be an active student. Therefore, seniors graduating at the end of the current semester will not be considered unless they are continuing to pursue advanced studies as a degree-seeking student at the beginning of the next semester.
Education
All students in the Volunteer Student Internship Program must be enrolled in an accredited school, and must be working toward a degree, diploma, certificate, etc. on a full-time or part-time basis. Students must maintain a minimum 3.0 GPA. You can receive credit for education received outside the United States if you provide evidence that it is comparable to an accredited educational institution in the United States. A transcript is required at the time of application for proof of enrollment and education.
Benefits
Student interns in the Washington, DC area are eligible for up to $320 in commuting benefits to cover travel to and from their AO internship.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
We will review your resume and supporting documentation and compare this information to your responses on the occupational questionnaire to determine if you meet the minimum qualifications for this job. If you meet the minimum qualifications for this job, we will evaluate your application package, to assess the quality, depth, and complexity of your accomplishments, experience, and education as they relate to the requirements listed in this vacancy announcement.
You should be aware that your ratings are subject to evaluation and verification. If a determination is made that you have rated yourself higher than is supported by your resume and/or narrative responses, you will be assigned a rating commensurate to your described experience. Failure to submit the mandatory narrative responses will result in not receiving full consideration and/or rating credit. Deliberate attempts to falsify information may be grounds for not selecting you, withdrawing an offer of the internship opportunity, or dismissal after the internship begins.
How to Apply
As indicated above, to apply for this position, you must complete an Application Package, which includes:
- Your resume - including your college, major/area of study, and anticipated graduation date.
- Citizenship - include country of citizenship on resume.
- A completed Occupational Assessment Questionnaire.
- Transcripts showing you are currently enrolled or accepted for enrollment as a degree-seeking student in either an undergraduate or graduate level program and must have completed at least one year of undergraduate education beyond high school. The transcript must show an overall GPA of at least 3.0.
The complete application package must be submitted by 08/04/2025 to receive consideration.
Apply Online to access an online application. Follow the prompts to select your USAJOBS resume and/or other supporting documents. You will need to be logged into your USAJOBS account or you may need to create a new account.
You will be taken to an online application. Complete the online application, verify the required documentation, and submit the application. You will receive an email notification when your application has been received for the announcement.
To verify the status of your application, log into your
USAJOBS account, select the Application Status link and then select the More Information link for this position. The Application Status page will display the status of your application, the documentation received and processed, and your responses submitted to the online application. Your uploaded documents may take several hours to clear the virus scan process.
Click the following link to view and print the occupational questionnaire
https://apply.usastaffing.gov/ViewQuestionnaire/12766030.
Next steps
After a review of your complete application is made, you will be notified of your rating and referral to the hiring official if determined qualified. If further evaluation or interviews are required, you will be contacted.