The Security and Mission Assurance Strategic Support Unit provides discriminating support to the business to ensure success. We focus on threat identification, risk assessment, and mitigation while improving the efficiency of the business through effective governance and analysis of process, data and overall business knowledge.
We’re committed to building a more diverse and representative Ball Aerospace. The GO BEYOND® Diversity Internship is a paid fall internship program for undergraduate and graduate students who are enrolled in degree-seeking programs and interested in working in the Aerospace industry. Students from any university who identify with a group that is historically underrepresented, including but not limited to Black, Hispanic, Asian, Native American, and women/gender minorities, are encouraged to apply.
Technical Intern – Governance, Risk, and Compliance
The Governance, Risk, and Compliance (GRC) office is responsible for assessing and documenting Ball Aerospace’s compliance and risk posture as they relate to company information system assets. The intern will grow their knowledge of technical and information security with responsibilities in planning, upgrading, and supporting the products in our enterprise network. Ball is looking for a team-oriented person that is self-motivated, detail-oriented and enjoys working against aggressive delivery goals in a fast-paced, dynamic, and technically complex environment. This individual will also enjoy building and maintaining cross-organization relationships, drive process simplification and end-user satisfaction. This candidate would also conduct vulnerability scanning and reporting, as needed, to the appropriate IT support groups.
What You’ll Do:
- Learn Ball Exception Request Process by shadowing subject matter expert.
- Evaluate Exception Request Process flow, suggest possible improvements, and partner with other process stakeholders.
- Perform database baselining (ServiceNow true up).
- Analyze and interpret US Government and industry cyber security requirements and trends.
- Adhere to relevant company information security policies, standards, and work instructions.
- Conduct system control risk assessments that may require opening internal trouble tickets to resolve infrastructure problems.
- Develop, maintain, and consolidate report information into spreadsheets or other supporting documentation that will be used to supports actions/resolutions required to be performed by Information Technology Solutions.
- Be a stakeholder within cybersecurity incident response tabletop exercises.
- Perform duties that align with the Continuous Monitoring Plan operations and evaluate compliance posture.
- Participate in internal/external audits and assessments.
- Perform other duties/functions as necessary or delegated by the CISO.
- Maintain a regular and predictable work schedule.
- Establish and maintain effective working relationships within the department, the Strategic Business Units, Strategic Support Units and the Company. Interact appropriately with others in order to maintain a positive and productive work environment.
- Perform other duties as necessary.
What You’ll Need:
- Must have completed your sophomore or junior year and be enrolled in a degree-seeking programs. We will also accept students enrolled in a graduate program.
- Degree must be from a university, college, or school which is accredited by an agency recognized by the US Secretary of Education, US Department of Education.
- Pursuing a degree in in a field related to information security or risk management is preferred.
- Have a track records of highly collaborative working skills in a team environment.
- Demonstrate excellent interpersonal skills, strong written, communication, oral presentations skills, and ability to lead group discussions.
- Ability to learn quickly and adapt to change.
- Ability to document analysis results and write reports.
- Ability to contribute to the success of small teams through excellent teamwork.
- Desire to learn and grow skills as a GRC cybersecurity professional.
- Basic awareness of information security standards (e.g., NIST, ISO, PCI), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, FISMA, GLBA, FFIEC) and desktop, server, application, database, network security.
- Basic awareness of concepts and implementations of identity and access control, change management, vulnerability management, patch management, data loss prevention, SDLC, cloud environments, vendor management, business continuity and disaster recovery, SaaS services, etc.
- Basic understanding of IPv4 networking including addressing, routing, network protocol stack, DNS, DHCP, and routing.
- Work is performed in an office environment, laboratory, cleanroom, or production floor.
- Travel and local commute between Ball campuses and other possible non-Ball locations may be required.
Relocation for this position is available.
Compensation & Benefits:
- HIRING SALARY RANGE: $19.30 – $27.50 per hour (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data.)
- Temporary positions typically are not eligible for benefits. For details, copy and paste https://bit.ly/3pNSnxv into your browser or visit our careers site.
US CITIZENSHIP MAY BE REQUIRED
Ball Aerospace is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.