Governance, Risk, and Compliance (GRC) Intern
About The Position
Neurocrine Biosciences, Inc. (NASDAQ: NBIX) is offering the opportunity to gain hands-on experience in cybersecurity governance, risk, and compliance (GRC) in the world of biotechnology. Our internship program provides exposure to enterprise-level cybersecurity operations, compliance frameworks, and risk management processes. The Cybersecurity GRC team has a strong reputation for promoting security awareness, driving compliance maturity, and enabling secure business innovation within a regulated pharmaceutical environment. As a GRC Intern, you will work directly with Neurocrine’s Cybersecurity GRC Lead to support critical initiatives across third-party risk management, control assessments, audit support, and cybersecurity metrics development. This is an excellent opportunity to build foundational knowledge in cybersecurity governance and develop practical skills applicable to future roles in information security and risk management.
Requirements
- Pursuing an undergraduate degree in Cybersecurity, Information Technology, Computer Science, Business, or a related field.
- Interest in cybersecurity governance, risk management, compliance frameworks, or audit processes.
- Strong attention to detail, organization, and analytical thinking skills.
- Effective written and verbal communication abilities.
- Ability to work independently and collaboratively on multiple projects simultaneously.
- Passion for learning and a willingness to contribute to a fast-paced, mission-driven environment.
- Commitment to a 10-week, full-time summer internship program.
Nice To Haves
- Familiarity with NIST Cybersecurity Framework (CSF), ISO 27001, or SOC reporting is preferred but not required.
Responsibilities
- Third-Party Risk Management Conduct cybersecurity assessments for third-party relationships and escalate findings to GRC leadership.
- Maintain due diligence documentation supporting third-party processes (e.g., SOC 1 & 2, ISO 27001 certifications, audit attestations).
- Track and follow up with third parties on identified security gaps and remediation timelines.
- Compliance & Framework Support Support quarterly NIST 2.0 maturity assessments and control validation efforts.
- Assist with internal and external audit coordination, including evidence collection, initial review, and recommendations to the GRC Lead.
- Monitor and track IT and cybersecurity risks through established risk registers and compliance tools.
- Process Improvement & Metrics Identify opportunities for control optimization and best practice implementation in GRC processes.
- Support automation initiatives for evidence collection, control mapping, and compliance monitoring.
- Contribute to the continued development of cybersecurity KPI/KRI dashboards and reporting metrics.
- Professional Development Collaborate with cross-functional teams across IT, Security, and Compliance functions.
- Work closely with your mentor and the Cybersecurity GRC Lead to gain real-world insight into security risk management in a pharmaceutical setting.
- Complete a special project and present your findings and recommendations to senior management upon program completion.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Intern
Number of Employees
1,001-5,000 employees
