Information Security & Compliance Internship
About The Position
O.C. Tanner is the global leader in software and services that improve workplace culture through meaningful employee experiences. Our Culture Cloud is a suite of apps designed to enhance the employee experience with strategic recognition, service awards, wellbeing, leadership, and events that help people thrive at work. Our Culture by Design approach provides expert services to organizations looking to create great workplaces. Our global team of 1,500 people hail from 58 countries and speak 62 languages. As programmers, researchers, designers, client professionals and craftspeople we create the tech, tools and awards that connect employees to purpose at thousands of companies. Join us as we help people all over the world thrive at work. We are seeking a motivated Information Security & Compliance Intern to support our Information Security and Compliance teams. This role provides hands-on exposure to security governance, risk management, compliance operations, and security awareness, while working alongside experienced security engineers and compliance professionals. The intern will assist with SOC 2 compliance activities, policy documentation, risk assessments, vendor security reviews, and security awareness initiatives, gaining practical experience in how security and compliance function in a modern enterprise environment. This role is ideal for students pursuing a degree in Cybersecurity, Information Systems, Computer Science, or a related field who are interested in building a career in information security or compliance.
Requirements
- Strong interest in information security, compliance, or risk management
- Basic understanding of security principles (CIA triad, least privilege, access controls)
- Strong written and verbal communication skills
- Detail‑oriented with good organizational skills
- Ability to handle sensitive information with professionalism and discretion
- Comfortable working independently and in a team environment
Nice To Haves
- Coursework or familiarity with security frameworks (SOC 2, NIST, ISO 27001)
- Interest in governance, risk, and compliance (GRC) roles
- Experience with documentation tools (Confluence, SharePoint, Google Docs, etc.)
- Exposure to security awareness tools or phishing concepts
- Basic knowledge of cloud platforms (AWS, Azure) or identity systems
Responsibilities
- Assist with security and compliance documentation, including policies, standards, procedures, and evidence tracking
- Support SOC 2 and other compliance activities, including evidence collection and control validation
- Help maintain risk registers, audit trackers, and compliance artifacts
- Participate in vendor security assessments and third‑party risk reviews
- Assist with security awareness and phishing training programs
- Review and document access reviews, user account controls, and least‑privilege practices
- Help analyze security findings, gaps, and remediation status
- Contribute to runbooks, playbooks, and internal knowledge base documentation
- Collaborate with InfoSec, Compliance, IT, and Engineering teams on security initiatives
- Perform research on security frameworks, regulatory requirements, and emerging risks
Benefits
- Hands-on, real‑world InfoSec and Compliance experience
- Mentorship from experienced security and compliance professionals
- Exposure to enterprise security tools and audit processes
- Flexible schedule to support academic commitments
- A strong foundation for a future career in cybersecurity or compliance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Career Level
Intern
Education Level
No Education Listed
