Name: AmishaNathile
Pronouns: She/her
Semester of Internship: Spring 2026
Major: Cybersecurity
Current Class Level: Master's Student
This semester I completed a(n): Internship
Internship, Co-op, or Research Site (Company/Organization Name): UMBC CYBER CLINIC
Location of the Organization (City, State): Baltimore
Title of position: Cybersecurity Intern
Tell us about your internship, co-op, or research opportunity, including your day-to-day responsibilities:
During my internship at the UMBC Cybersecurity Clinic, I worked on applied cybersecurity governance and regulatory compliance projects focused on critical infrastructure, particularly Distributed Energy Resources (DERs), Virtual Power Plants (VPPs), and Distributed Energy Resource Aggregators (DERAs). On a day-to-day basis, I conducted research on emerging threats to energy-sector systems and mapped security requirements to frameworks such as NIST 800-53 and other federal guidelines. I assisted in performing risk assessments and risk quantification exercises to evaluate potential operational and cybersecurity impacts on distributed energy environments. I also supported the development of audit programs and compliance documentation aligned with Maryland Public Service Commission (PSC) challenges. My responsibilities included analyzing policy gaps, drafting governance recommendations, and collaborating with team members to ensure alignment with regulatory expectations. Throughout the internship, I adhered to strict professional standards, including confidentiality, ethical conduct, and secure communication practices, while gaining hands-on experience in governance, risk management, and critical infrastructure cybersecurity.
Describe the process of obtaining your position. When did you hear of the position and submit your application?
I learned about the opportunity at the UMBC Cybersecurity Clinic through faculty and departmental communications within the cybersecurity program. After developing an interest in governance, risk, and compliance—particularly in critical infrastructure security—I decided to pursue the position to gain applied experience beyond the classroom. I submitted my application shortly after the position was announced, providing my resume and highlighting my background in NIST frameworks, risk assessments, and prior security internships. During the process, Laura Mateczun and Director of Cybersecurity Richard Forno were instrumental in guiding and supporting me. Their mentorship and insight into the clinic’s mission and expectations helped me better understand how the role aligned with my academic and professional goals. Following discussions about my experience and interest in regulatory compliance and energy-sector cybersecurity, I was selected for the position and began contributing to applied research and governance-focused projects.
What resources did you use to find your current experience?
Faculty Connections, Handshake
What have you enjoyed the most about your position and organization?
What I have enjoyed most about my position at the UMBC Cybersecurity Clinic is the opportunity to work on real-world cybersecurity challenges that directly impact critical infrastructure. Contributing to projects focused on Distributed Energy Resources (DERs), Virtual Power Plants (VPPs), and regulatory compliance has allowed me to see how cybersecurity governance translates from theory into practical, high-impact solutions. I particularly value the applied nature of the work—conducting risk assessments, supporting audit design, and aligning recommendations with federal and state frameworks—which has strengthened both my technical and analytical skills.
I have also greatly appreciated the collaborative and mentorship-driven environment within the organization. Working closely with faculty leaders and peers has created a supportive space where professional standards such as ethical conduct, confidentiality, and secure communication are emphasized. The experience has not only enhanced my understanding of governance and compliance in the energy sector but has also reinforced my confidence in pursuing a career in cybersecurity focused on risk management and critical infrastructure protection.
How do you believe you have made an impact through your work?
Through my work at the UMBC Cybersecurity Clinic, I believe I have made an impact by contributing to meaningful cybersecurity governance efforts that support the resilience of critical infrastructure systems. By conducting risk assessments and participating in risk quantification exercises for Distributed Energy Resources (DERs) and Virtual Power Plant (VPP) environments, I helped identify potential vulnerabilities and operational risks that could affect energy reliability and security. My research and analysis supported the development of practical, compliance-aligned recommendations tailored to regulatory expectations, including alignment with federal frameworks and Maryland Public Service Commission (PSC) considerations.
What advice would you give to another student who is seeking an internship or similar experience?
My advice to another student seeking an internship or similar experience would be to start early and be intentional about aligning opportunities with your long-term career goals. Take time to identify the area of cybersecurity that genuinely interests you—whether it’s governance, risk and compliance (GRC), security operations, cloud security, or another domain—and then tailor your resume, coursework, and projects to reflect that focus. Employers value students who can clearly articulate why they are interested in a specific role and how their skills apply.
I would also strongly encourage building relationships with faculty, mentors, and professionals in the field. Many valuable opportunities come through networking, referrals, or faculty recommendations. Don’t hesitate to attend department events, career fairs, and workshops, and actively engage with professors whose work aligns with your interests. Seeking feedback on your resume and interview skills can significantly improve your confidence and competitiveness.
Finally, focus on developing practical skills alongside theoretical knowledge. Work on hands-on labs, participate in research projects, contribute to security assessments, or complete relevant certifications. Even small projects can demonstrate initiative and applied understanding. Most importantly, stay persistent—rejections are part of the process. Each application and interview is a learning opportunity that brings you closer to the right experience.