Cybersecurity Analyst

Applicants will be considered based on their knowledge, skills or abilities related to project needs. Specifically, applicants should have: Understanding of AI/machine learning concepts Ability to design experiments and analyze results Programming language such as Python preferred. Make an impact while you learn. The Semester of Service Program offers students a volunteer project-based opportunity to support Federal missions, gaining hands-on experience & valuable career-ready skills. Students must be enrolled at least half-time in an accredited trade school, technical or vocational institute, junior college, college, university, or other accredited educational institution, & participation must be with the permission of the institution at which the student is enrolled.

• This vacancy announcement will be open from May 13, 2026 to May 19, 2026 or when 25 applications have been received. The vacancy will close on whichever day the first of these conditions are met. If the application limit is reached on the same day the announcement opened, the open and close date will be the same. Candidates are encouraged to read the entire announcement before submitting their application packages. Project Description This project supports the Office of Technology Innovation and Engineering by assisting with the development of a structured, repeatable threat modeling and threat indexing capability for integration into cybersecurity assessments. The student volunteer will help refine the Threat Disruption Index (TDI), map threats to safeguards, and support the modernization of the current Cybersecurity Assessment framework through structured data analysis, research, and the application of cybersecurity concepts. • Assist in developing, validating, and refining the Threat Disruption Index (TDI) model, including likelihood, exposure, exploit pressure, and impact scoring into the Cybersecurity Assessment application. • Conduct research on MITRE ATT&CK techniques, known exploited vulnerabilities (KEVs), and cyber threat actors to support threat categorization. • Support mapping of threats to safeguards using structured taxonomies (e.g., Cybersecurity Risk Foundation (CRF) Threat Taxonomy and CRF Safeguards). • Analyze cybersecurity assessment data to identify gaps, trends, and prioritize findings for remediation. • Assist in building documentation, job aids, or visualizations that integrate the threat index into assessment workflows.