Cyber Security Intern (Summer 2026)

Sargent & Lundy•Chicago, IL

1d•$18 - $27•Hybrid

About The Position

Are you energized by using data to solve complex security problems and improve an organization’s risk posture? Sargent & Lundy is seeking a Cyber Security Intern to support our Information Security team with a primary focus on helping the organization achieve ISO 27001 certification. In this role, you will work closely with the Security Team to plan, implement, upgrade, and monitor security controls for the protection of Sargent & Lundy’s systems and data. You will assess system vulnerabilities for security risks, support internal and external audits, and transform raw security and IT data into meaningful, actionable insights. You will also assist in the development and oversight of information security applications, procedures, and policies and be part of a team that collaboratively monitors and responds to computer security events, including incident response. This position offers the flexibility of a hybrid schedule with the expectation of 3 days per week in our downtown Chicago, IL office, and 2 days remote from home.

Requirements

Currently pursuing a college/university degree in computer science, software engineering, cyber security, information systems, data analytics, risk management, or another related field.
Demonstrated strength in data analytics, including comfort working with datasets, performing data validation and quality checks, and drawing clear conclusions from quantitative information.
Experience with Excel or other data analysis tools (e.g., pivot tables, lookups, basic formulas; experience with tools like Power BI, Tableau, or basic SQL is a plus).
Self-motivated with a passion for learning and problem solving, and an interest in both cybersecurity and data-driven decision-making.
Strong written and verbal communication skills, including the ability to summarize technical findings in a clear and concise way for non-technical audiences.

Nice To Haves

Previous technical or cybersecurity-related experience through internships, projects, labs, or coursework.
Basic systems knowledge (e.g. Windows, Office365, file systems).
Familiarity with penetration testing or security assessment tools and common attack techniques.
Exposure to security and risk frameworks such as ITIL, NIST, and ISO 27001.
Experience or familiarity with identity and access management concepts and tools (e.g., LDAP, multi-factor authentication, privileged identity management).
Awareness of common web application risks, such as the OWASP Top 10.

Responsibilities

Support Sargent & Lundy’s ISO 27001 readiness and certification efforts by gathering evidence, organizing documentation, and tracking control implementation progress.
Perform access reviews for key systems and applications, including collecting access data, validating appropriateness with business owners, and documenting results and remediation items.
Assist in IT and security audits by compiling evidence, analyzing control performance, and preparing clear, well-structured responses for internal and external stakeholders.
Analyze raw security and IT data (e.g., logs, identity and access data, vulnerability data, configuration data) and convert it into meaningful, impactful reports and metrics that support decision-making.
Promptly handle and escalate security support tickets, and assist in documenting, triaging, and escalating issues as appropriate.
Assist in conducting third‑party risk assessments for new and existing software and critical vendors, focusing on security, privacy, and compliance controls.
Help implement and tune software tools used to detect, prevent, and analyze security threats, including contributing to dashboards and analytics used by the security team.
Review and assist in responding to client security assessments and questionnaires, including collecting supporting documentation and data-driven evidence.
Assist with risk assessments and execute tests of key controls to validate the effectiveness of security controls and data protection measures.