Name: Sayee Bandishte
Pronouns: She/her
Semester of Internship: Fall 2025
Major: Masters in Cybersecurity
Current Class Level: Master's Student
This semester I completed a(n)...: Co-op
Internship, Co-op, or Research Site (Company/Organization Name): UMBC DoIT - Maryland Public Service Commission
Location of the Organization (City, State): Baltimore, MD
Title of position: GRC Analyst
Tell us about your internship, co-op, or research opportunity, including your day-to-day responsibilities: I am currently working as a GRC Analyst Intern with UMBC DoIT supporting the Maryland Public Service Commission (PSC), where I contribute to cybersecurity governance and regulatory oversight for critical infrastructure. My day-to-day work involves supporting risk assessments and control evaluations aligned with frameworks such as NIST CSF 2.0, NIST SP 800-53, and NIST SP 800-30, particularly for Distributed Energy Resources (DERs), Virtual Power Plants (VPPs), and third-party vendors operating within Maryland’s energy ecosystem. I assist with documenting security expectations, mapping control evidence, identifying control gaps, and contributing to audit-ready documentation used for regulatory review. Through this experience, I’ve gained hands-on exposure to how cybersecurity governance, risk management, and compliance operate in a real-world public-sector and critical-infrastructure environment.
Describe the process of obtaining your position. When did you hear of the position and submit your application?
I learned about this opportunity through an email shared by the UMBC Cybersecurity Department, which highlighted the role as a hands-on governance and risk experience supporting the Maryland Public Service Commission. Given my academic focus in cybersecurity governance and my interest in public-sector and critical-infrastructure security, the role aligned strongly with my goals. I applied shortly after receiving the email and progressed through the interview process, where I discussed my coursework, framework knowledge, and interest in regulatory cybersecurity. The process reinforced the value of staying engaged with departmental communications and leveraging UMBC-specific opportunities.
What resources did you use to find your current experience?
UMBC Career Center, Career Fairs, Networking events (UMBC Connects, Info Sessions, Arts With a Purpose, etc.)
What have you enjoyed the most about your position and organization?
What I’ve enjoyed most is the opportunity to see how cybersecurity decisions directly impact public trust, regulatory compliance, and critical infrastructure resilience. Working at the intersection of UMBC DoIT and the Maryland PSC has allowed me to understand how cybersecurity governance is applied at a statewide level, balancing technical risk, policy considerations, and stakeholder coordination. I’ve also appreciated working with professionals who value structured frameworks, documentation quality, and risk-based decision-making, which has significantly strengthened my understanding of GRC in practice.
How do you believe you have made an impact through your work?
Through my work, I’ve helped strengthen audit readiness and risk visibility by contributing to structured risk assessments, control gap identification, and evidence mapping efforts. I’ve supported the development of documentation that helps standardize how cybersecurity risks are evaluated and communicated across stakeholders, improving clarity and consistency. By aligning technical risks with recognized frameworks and regulatory expectations, I’ve contributed to more informed decision-making around cybersecurity oversight for energy-related systems and vendors.
What advice would you give to another student who is seeking an internship or similar experience?
I would encourage students to actively engage with their academic departments, career emails, and UMBC-specific opportunities, as many impactful roles are shared directly through these channels. It’s also important to connect coursework to real-world applications when applying—understanding frameworks and concepts is valuable, but being able to explain how they apply in practice makes a strong difference. Finally, don’t hesitate to pursue roles that may feel challenging; internships are meant to be learning experiences.