IT Intern

Bigelow Tea is the number one specialty tea company in the United States. We are a family-owned and operated business and a Certified B Corporation. Being a certified B Corp officially recognizes a commitment that has been part of the company’s DNA since it was founded 80 years ago. Our purpose has always been about much more than making profits. We are committed to good citizenship, ethical business practices, accountability, transparency, protecting the environment, sustainability and supporting our communities. We pride ourselves in caring about each and every one of our employees. We have a long-term outlook and are constantly working to create an environment that inspires people to make positive contributions every day. Bigelow is currently looking for a select, talented individual, that shares our values, to join our growing team. Information Technology Department Intern – Spring/Summer 2026 Objective: Join our Information Technology team and play a hands-on role in strengthening our cybersecurity posture. You will help implement Center for Internet Security (CIS) Controls across our infrastructure, working directly with modern Microsoft identity, and endpoint security technologies. This internship is designed for a rising junior or rising senior who is passionate about cybersecurity and eager to apply what they have learned in the classroom to real-world systems. Area of Focus/Project Details Because cybersecurity is a rapidly evolving field, specific assignments may change by June 2026. However, you can expect to work on initiatives such as: Identity & Access Management (IAM) Convert eligible applications and portals to Single Sign-On (SSO) to secure user authentication. Migrate on-premises AD groups to Microsoft Entra groups to improve cloud-based identity management. Review and clean up Active Directory security groups to ensure appropriate and least-privilege access. Help define and document an IAM process to keep authentication and authorization systems current. Infrastructure Security Identify and remediate reused and weak credentials on network devices to harden access Implement and refine policies to lock down USB mass-storage usage using CrowdStrike controls. Contribute to a proof of concept (PoC) for password-less login to enhance security and user experience. Perform VLAN compliance audits and assist with remediation to maintain a secure and segmented network. Audit our Microsoft 365 environment and recommend actions to improve our M365 Security Score.