Co-Op – June-December 2026 - InfoSec

About The Position

Requirements

• Must be actively pursuing a Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Computer Engineering, or a closely related discipline, with coursework and practical experience relevant to hardware systems and embedded platforms.
• Demonstrated proficiency in technical communication and collaboration, including the ability to articulate hardware security risks, compliance requirements, and mitigation strategies to both technical and non-technical stakeholders.
• Proven ability to prioritize and manage multiple technical projects and deadlines, especially in environments involving hardware development and integration.
• Capable of working independently, as well as collaborating within diverse, geographically distributed engineering teams focused on hardware product security.
• Familiarity with hardware-specific compliance regulations and security frameworks (such as NIST CSF, SOC 2, ISO 27000), or a strong interest in learning how these standards apply to hardware products and embedded systems.
• Interest or experience in vulnerability management, secure hardware design, and risk assessment for physical systems is highly desirable.
• Must be available to work up to 40 hours per week throughout the internship, including hands-on activities in hardware labs and engineering environments.
• Must be able to commute to and from the Rockleigh, NJ area for the duration of the internship, with flexibility to participate in onsite hardware testing and review sessions.
• Must possess permanent, unrestricted work authorization in the United States at present and for future employment.
• Strong analytical and problem-solving abilities with a keen eye for detail, essential for identifying and addressing security vulnerabilities in hardware products.
• Foundational knowledge of hardware system architectures, operating systems, networks, and security protocols, enabling effective evaluation of product risk from a computer engineering perspective.
• Basic familiarity with prevalent hardware attack methods and corresponding defensive measures, such as intrusion prevention and incident response, to inform secure hardware design and implementation.
• Understanding of cybersecurity practices and principles that mitigate risk throughout the hardware product lifecycle, from initial design to deployment and ongoing maintenance.
• Ability to assess hardware security controls, pinpoint deficiencies, and clearly communicate risk implications to engineering teams and leadership for informed decision-making.
• Basic grasp of hardware and software integration concepts to support security assurance, regulatory compliance, and audit preparedness for embedded platforms and physical systems.
• Proficiency in translating technical security findings into actionable evidence that supports assurance goals and risk reduction strategies for hardware products.
• Must be responsible, self-motivated, creative, have a solid work ethic and have a desire to produce a quality product.
• Strong communication skills (verbal, non-verbal, written, and listening) with the ability to articulate work at different levels of the organization.
• Strong problem-solving skills.
• Inquisitive individual with a desire to learn, possessing a long-term desire to work in the Cybersecurity or Information Security Compliance field.
• Ability to prioritize tasks and handle numerous assignments simultaneously.
• Positive, personable, and able to work cohesively with other across various divisions.
• Must have a desire to work in a fast-paced collaborative environment.

Nice To Haves

• Interest or experience in vulnerability management, secure hardware design, and risk assessment for physical systems is highly desirable.

Responsibilities

• Support the security of embedded hardware products.
• Play a key role in Governance, Risk, and Compliance (GRC) activities, focusing on evaluating and enhancing security controls for hardware platforms.
• Collaborate with stakeholders across engineering, information security, and legal teams to develop and refine engineering security policies and standards specifically for embedded hardware products.
• Advise internal and external customers regarding Crestron’s adherence to hardware security controls through assessments, questionnaires, and addressing general inquiries.
• Participate in vulnerability management, threat analysis, and incident response, including triage of hardware-related reports, working with engineering teams to assess risks, and recommend mitigation strategies for embedded systems.
• Monitor and track emerging security trends relevant to hardware and embedded platforms, contributing to timely updates of security policies.
• Support remediation planning for hardware security findings by assisting with documentation, tracking progress, and following up on action items.
• Partner with the project management office (PMO) and development teams to ensure timely delivery of agreed-upon solutions for embedded hardware security initiatives.
• Participate in and support security assessments of hardware products, under the guidance of senior team members.
• Contribute to security initiatives that address the unique challenges of embedded hardware systems, ensuring GRC activities are tailored to physical product security requirements.
• Work closely with engineering teams to evaluate, implement, and improve security controls for hardware and embedded platforms, supporting both proactive and reactive security measures.
• Engage in vulnerability management, threat analysis, and incident management for both hardware and software components of embedded systems.