Intern, Information Technology

About The Position

Requirements

• Foundational knowledge of cybersecurity concepts including the CIA triad, least privilege, defense in depth, and network security fundamentals.
• Basic familiarity with cloud computing concepts (IaaS, PaaS, SaaS) and at least introductory exposure to Microsoft Azure or another major cloud provider (AWS, GCP).
• Understanding of one or more security frameworks: CIS Controls, NIST CSF.
• Analytical mindset with attention to detail and ability to document findings clearly and concisely.
• Ability to work independently and manage time effectively in a remote or hybrid environment.
• Ability to handle confidential information responsibly and adhere to security policies.
• Currently enrolled in an accredited undergraduate or graduate program in Cybersecurity, Information Technology, Computer Science, Information Systems, or a closely related field.
• Cumulative 3.0 GPA or above; college transcript required.
• Currently enrolled in or newly graduated from an accredited college/university.
• Legally authorized to work in the U.S.
• At least 18 years of age prior to the scheduled start date.
• Must complete an application and provide a cover letter expressing interest and indicating best department to further learning goals.
• Must successfully pass a background check prior to the program start date.
• Successfully pass all compliance modules.
• Final presentation on learning during last week of the program.

Nice To Haves

• Hands-on experience with Microsoft Azure through coursework, labs, certifications, or personal projects (Azure portal, Azure CLI).
• Completion of or active pursuit of an entry-level certification such as CompTIA Security+, Microsoft AZ-900 (Azure Fundamentals), SC-900 (Security Fundamentals), AZ-500 (Azure Security Engineer), or equivalent.
• Familiarity with security tooling such as Microsoft Defender for Cloud, Microsoft Sentinel, Nessus/Tenable, Qualys, or similar.
• Familiarity with scripting languages (PowerShell, Python, Typescript or Bash) for automation and configuration management tasks.
• Exposure to GRC (Governance, Risk, and Compliance) platforms or tools.
• Participation in cybersecurity competitions (CTFs), clubs, or student organizations.

Responsibilities

• Assist in closing gaps against CIS Controls v8 Implementation Groups (IG1-IG2), mapping current-state configurations to target-state requirements.
• Assist in implementing or documenting controls across key CIS domains including asset inventory, data protection, access control, audit log management, and incident response.
• Support alignment activities between CIS Controls and NIST CSF 2.0 core functions: Govern, Identify, Protect, Detect, Respond, and Recover.
• Contribute to control evidence collection for compliance tracking and audit readiness.
• Evaluate Azure environment configurations using Microsoft Defender for Cloud (Secure Score, recommendations, and compliance dashboards), Purview, and other Microsoft security tools.
• Assist in implementing Azure Policy definitions and initiatives to enforce baseline security configurations.
• Review and help remediate findings related to identity and access management (IAM), storage security, and key management.
• Support implementation of Microsoft Entra ID (formerly Azure AD) security best practices including MFA, Conditional Access, and Privileged Identity Management (PIM).
• Assist with cloud workload protection configuration across Azure VMs, containers, and serverless functions.
• Develop and maintain control implementation documentation, evidence artifacts, and remediation tracking registers.
• Prepare concise status reports and briefings for IT leadership on control gaps, progress, and risk indicators.
• Contribute to the organization’s security policy library, including procedure updates aligned to framework requirements.
• Partner with IT team to identify security requirements and integrate controls into existing workflows.
• Participate in team meetings, tabletop exercises, and working groups.

Benefits

• Lunch provided onsite
• Academic credit may be available
• Onboarding provided