Cybersecurity GRC Intern

Mayville Engineering Company, Inc.•Byron Township, MI

22h•Hybrid

About The Position

The Cybersecurity GRC Intern will support the organization’s Governance, Risk, and Compliance program by assisting with documentation development, compliance activities, security exercises, and ongoing cybersecurity research. This role is ideal for students or early‑career professionals who want hands‑on experience in real‑world security program operations. The intern will collaborate closely with Cybersecurity, IT, Audit, and business teams to help strengthen the organization’s security posture, support audit readiness, and contribute to executive‑level reporting and communication. Part Time, Hybrid Internship (on site in Byron Center, Michigan)

Requirements

Currently pursuing a degree in Cybersecurity, Information Technology, Computer Science, Business, or a related field.
Strong written communication skills with the ability to translate technical topics into business‑friendly language.
Interest in governance, risk, compliance, audit, or cyber program development.
Ability to manage multiple tasks, stay organized, and work both independently and collaboratively.
Basic understanding of cybersecurity concepts, threats, and terminology.

Nice To Haves

Familiarity with frameworks such as NIST, ISO 27001, CIS Controls, or SOX (preferred but not required).

Responsibilities

Participate in cybersecurity documentation review including policies, standards, procedures, and process guides.
Learn how GRC documentation repositories are organized by helping assess materials for clarity, accessibility, and audit readiness.
Support the development of diagrams, workflows, and templates to improve documentation quality while gaining experience with security documentation best practices.
Observe and assist with ongoing SOX ITGC audit activities, including evidence collection, controls tracking, and remediation follow‑up to gain an understanding of audit processes.
Assist with maintaining risk and compliance tracking tools, dashboards, and reporting artifacts while developing familiarity with GRC tools.
Observe and contribute to control review activities by helping document findings, observations, and recommendations alongside experienced team members.
Participate in tabletop exercises and cybersecurity drills to simulate incident response scenarios to better understand incident response roles, communication, and decision‑making processes.
Conduct threat intelligence research to learn how emerging vulnerabilities, threat actor activity, and cybersecurity trends are monitored.
Summarize research findings and contribute to weekly intelligence reporting for internal distribution and risk discussions.
Contributing to newsletter ideas and content (security tips, recent threats, program updates).
Gaining hands‑on experience visualizing data to help communicate cybersecurity risk and security posture to leadership audiences through drafting charts, metrics and summary narratives alongside experienced team members.