GRC Analyst Intern

About The Position

Requirements

• Nevada Roots: You are either a student at a Nevada college with 2 years of tech experience, or you have completed 2 years of school toward a degree in Cyber, Business, or IT, and live in Nevada. Extra points for advanced education or certifications, such as CISA, CySA, Security+, or ISC2 Certified in Cybersecurity.
• Clear Communicator: You can research and explain a technical topic to a non-technical person without using confusing jargon.
• Self-Starter: You don't wait for a manual; you enjoy Googling a problem and figuring out the solution yourself.
• Critical Thinking and Problem Solving - ability to think beyond the instruction, ask questions, and clarify instructions to be able to act on the instruction and make progress.
• Baseline Understanding: of business processes, teams, and security and compliance basics.

Responsibilities

• Vendor Risk: When we buy software from another company, you’ll check their "security report card" to make sure they won't accidentally leak our data.
• Control Testing: You'll collect "evidence" (like server logs or door access reports) to prove our security locks are actually working.
• Risk Register: Help maintain a list of things that could hurt the company and track how we are proactively fixing them before they cause a problem.
• Team Work: Working with business and engineering teams, we will work to put controls in place that meet our compliance and security standards such as NIST-CSF, CIS benchmarks, Cloud Security Alliance standards, SOC 2, Type II and ISO 27001 standards.

Benefits

• Paid internship experience
• Founder and leadership speaker sessions
• Dedicated mentorship and cross-functional networking
• Industry and market education sessions
• Career development workshops (resume review, mock interviews, interview prep)
• Team-building events and intern socials
• Lunch & Learns with company leaders
• In-office perks including snacks and beverages