CrawlJobs Logo

Information Security Intern

United States, Reston · Job Posted May 16, 2026
Apply Position
Job Link Share

Job Description

This internship will offer hands-on experience in cybersecurity governance, risk, and compliance at a global financial-sector ISAC. The intern will support FS-ISAC's external audit and risk programs, with a primary focus on member audit and assessment responses. The role provides broad exposure to FS-ISAC's control environment, security policies, and the teams that operate them.

Job Responsibility

  • Assist with end-to-end responses to member-issued security questionnaires and assessments, drafting answers based on FS-ISAC policies, prior responses, and current control evidence
  • Coordinate with subject-matter experts across FS-ISAC (security, engineering, legal, operations) to validate questionnaire responses and gather supporting evidence
  • Organize and maintain the information security evidence library, ensuring artifacts are current, properly tagged, and easy to retrieve for future audits
  • Support the self-identified risk program, including intake, documentation, and tracking of risks through the information security platform
  • Assist with reviewing and updating information security policies and standards
  • Shadow external audit activities and contribute to audit preparation and follow-up
  • Present work and findings to the information security team and senior leadership at the end of the program

Requirements

  • Must be a rising junior or senior currently enrolled in an accredited undergraduate program, with a concentration in cybersecurity, information systems / MIS, accounting, business administration, risk management, or a closely related discipline
  • Strong interest in cybersecurity, governance, risk, and compliance, or audit
  • Excellent written and verbal communication skills, with strong attention to detail
  • Comfort working with structured documents, policies, and evidence
  • ability to read carefully and write precisely
  • Demonstrated professionalism, discretion, and ability to handle confidential information
  • Must be authorized to work in the United States

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Information Security Intern

8 matching positions

Information Security Engineering Intern

We're looking for an Information Security Intern to join our team for 6 months i...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
corsearch.com Logo
Corsearch
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Currently pursuing or recently completed a Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related technical field
  • A deep, demonstrable interest in the technical side of cybersecurity (e.g., CTFs, Home Lab projects, or security certifications)
  • A solid understanding of networking (TCP/IP), operating systems (Linux/Windows), and cloud fundamentals
  • Basic proficiency in at least one scripting language (Powershell/Bash is a major plus)
  • Strong problem-solving skills and the ability to 'think like an attacker' to build better defenses
  • Excellent English speaking and writing skills, with the ability to explain technical concepts to non-technical stakeholders
  • The ability to work in a dynamic, fast-paced environment and pivot quickly when priorities shift
Job Responsibility
Job Responsibility
  • Assist the security engineering team in maintaining our core defense stack
  • Managing and fine-tuning alerts within MDR Tools (Managed Detection and Response) and monitoring DNS Provider security events to protect our edge
  • Actively monitor security alerts and health across our multi-cloud environment, spanning AWS, Azure, and GCP
  • Assist in creating and updating technical playbooks, network diagrams, and engineering standards
  • Take the lead on executing our simulated phishing campaigns
  • Help design realistic scenarios, analyze 'click rates,' and help educate our employees on how to spot the latest social engineering tactics
  • Conduct research on emerging threats and technologies to help keep our defenses one step ahead of attackers
Read More
Arrow Right

Information Security – GRC Intern

Join our Information Security Services (ISS) UK team as an Information Security ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have graduated in the past 18 months with a minimum of a 2:1 or equivalent
  • SQL and database querying capabilities
  • Strong analytical and problem-solving mindset with an automation-first thinking approach
  • Ability to work independently within established guidelines and procedures
  • Excellent interpersonal and communication skills, including tact and diplomacy
  • Ability to build effective working relations with users and colleagues
  • Ability to deliver various tasks within tight deadlines
  • Good knowledge of cybersecurity risks and data analytics tools
  • Advanced proficiency in Excel, VBA, and Power BI
  • Working knowledge of automation tools such as Power Automate, Python, and PowerShell
Job Responsibility
Job Responsibility
  • Map existing security controls to the CIS Critical Security Controls framework to identify coverage gaps and prioritize remediation efforts
  • Support the alignment and documentation of security policies and procedures with CIS Controls, ensuring the implementation of foundational safeguards across Implementation Groups
  • Build automated data collection and validation for key Security controls including access re-certifications, reconciliations, and periodic security routines
  • Develop scripts and workflows to eliminate manual, repetitive security tasks
  • Create automated sanity checks and data quality monitoring for security metrics
  • Produce KPIs, dashboards, and detailed reports for the team and business stakeholders
  • Identify automation opportunities within the security controls catalogue
  • Streamline existing manual processes through scripting or workflow automation
  • Measure and report on efficiency gains from automation initiatives
What we offer
What we offer
  • Dynamic and collaborative work environment
  • CSR embraced in day-to-day business operation
  • Innovation encouraged
  • Diversity celebrated
  • Commitment to sustainability and corporate responsibility
  • People-centric culture where everyone is valued
  • Opportunities for personal and professional growth
Read More
Arrow Right

Senior Information Security Cyber Security Data Analyst

Senior Information Security Cyber Security Data Analyst – Assistant Vice Preside...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-12 years of relevant experience in Cyber Security, Information security, primarily into building data pipelines, Data collection and management, Data transformation etc.
  • Building Data Pipelines: Creating systems for collecting, storing, and transforming data from various sources. Impala, Hive
  • Data Collection and Management: Data engineers are responsible for gathering data from various sources, ensuring its quality, and making it accessible for analysis.
  • Data Transformation: They convert raw data into usable formats, often using ETL (Extract, Transform, Load) processes, to big data platform of Hadoop, Cloud technologies like DataBricks and Snowflake to make it suitable for analysis and reporting.
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision.
  • Fulltime
Read More
Arrow Right

Sr. Manager, Information Technology and Information Security Risk

Sr. Manager, Information Technology and Information Security Risk Hybrid Work Sc...
Location
Location
United States , Reston
Salary
Salary:
Not provided
tier4group.com Logo
Tier4 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Cybersecurity, Risk Management, or related fields (or equivalent work experience) preferred
  • 8–10 years of relevant experience in information security or risk management roles with experience in financial services, banking, payments, fintech, or related regulatory environments preferred
  • Experience with data analytics and visualization tools (e.g., Power BI, Tableau, or Python)
  • Experience working in a regulated financial services or technology environment
  • CRISC, CISSP, CISM, Security+ or CGEIT or similar certifications
Job Responsibility
Job Responsibility
  • Evaluate and provide independent challenge regarding the alignments of the organization’s IT and IS strategy with enterprise business objectives, risk appetite, and regulatory expectations
  • Review and assess the adequacy of information technology and security risk assessments across applications, infrastructure, and business processes
  • Partner with IT project teams to influence decisions related to technology architecture, cybersecurity controls, system implementations, and operational risk mitigation strategies
  • Evaluate new and existing systems, platforms, and SAAS integrations for cybersecurity risks and regulatory compliance impacts
  • Conduct third party and vendor security risk assessments, including review of SOC 1/SOC 2 reports, SIG questionnaires, penetration testing results, and remediation plans to ensure vendor information security practices align with OF expectations
  • Provide effective second-line oversight and credible challenge related to cybersecurity incidents, operational disruptions, and emerging technology risks, including analysis of potential impacts to customer data, financial systems, and regulatory obligations
  • Collaborate with business units and technology teams to identify, document, and monitor risks, ensuring remediation activities meet regulatory timelines and internal risk appetite
  • Oversee the implementation of information technology and security risk management policies and the Cyber-Security Incident Response Plan
  • Conduct cyber security awareness training and education through periodic email phishing tests, in-person and computer-based training, presentations to employees, and security related tabletop exercises
  • Monitor the status of remediation for IT and IS related issues and ensure that the remediation documentation is complete and adequate
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Engineer - Firewall Micro-segmentation

Wells Fargo is seeking a Micro-segmentation Senior Information Security Engineer...
Location
Location
United States , Irving; Chandler; Charlotte
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 12, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • Experience with Micro-Segmentation security solutions including policy management
  • Experience with scripting
  • Strong understanding of APIs and proficiency in working with JSON, including the ability to interpret, construct, and troubleshoot queries and payloads in support of automation and integration efforts
  • Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium
  • Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels)
  • Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper
  • Scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD
  • ServiceNow IntegrationHub
  • Telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic
Job Responsibility
Job Responsibility
  • Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to Micro-Segmentation
  • Implement requirements and engage teams to create automation / orchestration for the enterprise's Micro-Segmentation solution
  • Help identify new tools and/or features to strengthen enterprise Micro-Segmentation capabilities
  • Serve as a POC for enterprise Micro-Segmentation deployment
  • Implement security designs on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement components of information security
  • Collaborate and provide influence with all members of the microsegmentation team
  • Define and coordinate automation strategies to integrate micro-segmentation with CMDB and user-facing portals, translating business and security requirements into actionable deliverables for development teams
  • Fulltime
Read More
Arrow Right
New

Information Security Specialist

Robert Half's client in Sacaton, Arizona is seeking an InfoSec Specialist. This ...
Location
Location
United States , Sacaton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Associates degree in Computer Science or related field required
  • Bachelor's degree preferred
  • 3 years of relevant technology experience required
  • demonstrated experience with administering and securing Microsoft technologies and services, including Active Directory
  • OR 2 years of experience with administering network security devices and solutions, including firewalls, active monitoring, vulnerability detection and auditing tools preferred
  • Relevant Information Security industry certifications, (i.e., CompTIA Security+, Certified Information Systems Security Professional (CISSP) preferred)
  • Demonstrates ability to relate to diverse cultures and specifically the Gila River Community and/or other Native American cultures and community health services.
Job Responsibility
Job Responsibility
  • Oversees the information technology security assurance programs
  • Reports on compliance levels and identifies non-compliance issues, suspicious activities or behavior, and vulnerabilities
  • Manages remediation activities and logs security assessments
  • Ensures that information created, acquired, or maintained by Gila River Health Care is used for its intended purpose and complies with privacy requirements
  • Implements effective and innovative technology solutions and processes that prevent internal and external users from compromising data integrity
  • Creates security checks in the infrastructure that help deter hackers, spyware, and other malware from being installed on endpoints while working with internal information technology support team to mitigate detected vulnerabilities
  • Works with network and systems team to perform tests and uncover network vulnerabilities
  • Investigates security breaches and other cyber security incidents while assessing the damage and documents assessments
  • Reports serious incidents to leadership
  • Trains and educates staff in proper computer use and security awareness while providing tips to avoid data lass or corruption
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • company 401(k) plan
Read More
Arrow Right

Principal Information Security Manager

This is not a build-from-scratch role. It is a step up in maturity: fewer manual...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
What we offer
What we offer
  • attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models and the option of hybrid work
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one day off per year for supporting a social project (Volunteers Day)
  • Fulltime
Read More
Arrow Right

Client Information Security Manager (ISM)

The NTT DATA Services Information Security Manager (ISM) oversees and coordinate...
Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of relevant experience
  • Strong knowledge of standards / regulations impacting information security (e.g., NIST, ISO, PCI)
  • Experience with information security internal & external audits, contract compliance, and quality initiatives
  • Significant experience in identifying and utilizing a global risk based management model.
Job Responsibility
Job Responsibility
  • Ensure the delivery of information security services to the customer is in compliance with the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
  • Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and configurations in order to ensure confidentiality, integrity and availability of client’s environment and data
  • Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
  • Evaluate new / emerging security products and technologies and make recommendations to customer leadership in regards to the security posture impact on the organization
  • Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
  • Manage and drive remediation efforts related to information security
  • remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
  • Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
  • Participate and represent IT Security in Delivery/Operational meetings
  • conduct an information security operational review meeting with account (e.g., Customer Delivery Executive) and customer (e.g., CISO) key stakeholders with topics including information security status and performance
  • Fulltime
Read More
Arrow Right