Intern - IT Security

The Information Security team at UFCU is seeking a Summer IT Security Intern to gain hands-on experience across enterprise cybersecurity, including secure software development (SDLC), DevSecOps practices, AI security and governance guardrails, vulnerability management, and regulatory compliance within a financial services environment. This role is designed to provide practical exposure under close supervision while supporting the security and development teams in strengthening UFCU's security posture. Effective Communication, Teamwork and a passion for supporting our business partners and members are critical to success at UFCU.The 10-week internship program begins May 26, 2026 through August 14, 2026.About UFCUOur Credit Union was founded in 1936 and has grown to serve members throughout Texas and beyond. At UFCU, we are more than just a financial institution, and our people are more than just employees. We are dedicated to our purpose of empowering our Members to achieve financial success and build brighter futuresIn pursuit of our aspiration that UFCU isloved by millions of Members and built to thrive for generations, we are guided by our values:Purposefully Member-ObsessedWe are driven by a profound sense of empathy to deeply understand our Members' needs and preferences, what brighter futures means to them, and the obstacles in their way. We act in our Members' best interests, forever seeking to empower their financial success.Possibilities ReimaginedWe are inspired to courageously experiment, learn, and iterate in pursuit of positive impact for our Members, UFCU, and coworkers. We challenge assumptions, embrace diverse perspectives, and make use of data and insights.Performance Excellence Rooted in Unwavering IntegrityWe do the right thing, always. We champion teamwork, accountability, continuous improvement, and celebrate successful outcomes of others, fostering an inclusive environment of excellence and collaboration.Essential FunctionsAssist with reviewing and updating information security policies, procedures, standards, and guidelines.Support secure SDLC and DevSecOps activities, including documentation of secure coding standards and integration of security checks into CI/CD pipelines.Assist with vulnerability scanning, validation of findings, and remediation tracking under supervision.Support AI security and governance initiatives, including documentation of AI guardrails, data protection considerations, and misuse prevention controls.Assist with compliance activities by gathering evidence and mapping controls to frameworks such as NIST CSF and NIST 800-53.Support security operations tooling including SIEM, DLP, email security, and endpoint protection platforms.Assist with incident response preparation, fact gathering, and post-incident documentation under guidance of senior staff.Collaborate with security, development, and business teams to support security objectives and learning outcomes.Performs other duties as assignedAdhere to all company policies, procedures and business ethics codesMaintain strict adherence and compliance to all laws, rules, regulations, policies, procedures and internal controls specific to the roleKnowledge/Skills/AbilitiesBasic understanding of information security principles and secure SDLC conceptsStrong written and verbal communication skillsAbility to manage time, prioritize tasks, and work independently or as part of a teamInterest in cybersecurity, DevSecOps, and emerging technologies such as AIMust be able to pass a financial and criminal background checkBuilding Member LoyaltyBuilding PartnershipsCommunicationFocus on ResultsExperienceMinimum QualificationsCurrently enrolled as a full-time student with an accredited college or universityBasic knowledge and awareness of information security technologies and compliance principles (SOX, NIST CSF, NIST 800-53, ISO 27001)Ability to work well independently and with coworkers to share knowledge as part of a teamExperience managing time independently and prioritizing tasksStrong problem-solving ability with the desire to take ownership of challenges and follow through to resolutionMust uphold, enforce, and abide by all institutional policies.Must be bondablePreferred RequirementsCoursework or experience in computer science, information technology, or cybersecurityFamiliarity with Python, cloud platforms (Azure), or security automation conceptsAwareness of OWASP Top 10 and common application security risksThings You Need to Know Before You ApplyPhysical DemandsThe physical demands described are representative of those that must be met by an employee, with or without accommodation, in order to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.FrequentWhile performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle or feel; reach with hands and arms; and talk or hear.Specific vision abilities required by this job included close vision, distance vision, peripheral vision and ability to adjust focus.The employee is frequently required to stand and walk.Employee will make extensive use of the telephone requiring the ability to effectively and accurately explain complex information.The employee must regularly lift and/or move up to 10 pounds and frequently lift and/or move up to 25 pounds.The work environment characteristics described are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.This position may involve periodic stressful conditions.May occasionally require an adjusted work schedule, overtime, and evening/weekend hours.This is a hybrid work schedule and will require onsite work at least 2 days a week.Public contact position, requiring appropriate professional appearance.Frequent computer use at a workstation up to two hours at a time.The noise level in the work environment is usually moderate.QualificationsSkillsBehaviorsMotivationsEducationExperienceLicenses & CertificationsEqual Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThis employer is required to notify all applicants of their rights pursuant to federal employment laws.For further information, please review the Know Your Rights notice from the Department of Labor.J-18808-Ljbffr