Security Analyst I – 4 Month Internship/Co-op (Fall 2026)

Intact FC•Vancouver, BC

1d•$57,000 - $71,200•Remote

About The Position

Launching your tech career at Intact means joining a diverse team of more than 3,000 Digital, Data and Tech experts working at the intersection of what exists and what’s possible. Here, you’ll be supported by forward-thinking leaders who celebrate shared success, and you’ll help push the industry forward with digital solutions that go beyond insurance to offer everyday value to millions of people. You’ll grow personally and professionally with access to cutting-edge technology-driven learning platforms and make lasting connections near and far. Most importantly, you’ll discover how exciting the “real world” can be. Here, your career will take off 🚀 We are looking for interns to join our specialized security teams. Depending on your team assignment, here’s what you’ll do here: Cyber Supply Chain Risk Management: Collaborate to perform cybersecurity risk assessments of vendors, focusing on identifying vulnerabilities and evaluating adherence to security standards. Support documentation and updates of Standard Operating Procedures using knowledge of relevant standards and processes. Ability and eagerness to quickly learn team processes, support daily activities, and being open to acquiring knowledge and understanding from cross-functional teams. Familiarity with Cybersecurity TPRM Due Diligence Questionnaire, NIST CSF, SOC 2 Type 2, and ISO 27001 is a plus. Cyber Risk Oversight and Monitoring: Work with the team to process cybersecurity risk oversight & reporting requests, support the maintenance of a metrics library, assist in preparing cybersecurity reports, and manage risk assessment tools. Conduct research and development for quantitative risk analysis, enhance reporting through automation, and stay informed on security trends and detection methods. Strong understanding of Risk and Statistics modeling techniques and ability to present visualizations on the analysis. Support the team to maintain and upkeep documentation. Global Red Team Support: Purple Team breach-and-attack simulations to assess and strengthen the security posture of IFC and its affiliates. Assist with manual, real-world TTP assessments across scenarios like supply chain, insider/external threat, social engineering, and application/network/infrastructure testing. Shadow Red Team operators to learn offensive security workflows, tools, and career skill paths. Support “Red Team as a Service” requests by contributing to adversarial operations, TTP assessments, and security consulting tasks.

Requirements

Currently pursuing a Bachelor’s (or Master’s, if applicable) degree in Cybersecurity, Information Technology, Computer Science, Computer Engineering, or Software Engineering, or anything relevant.
Available to work full-time, 35 hours per week, for the Fall 2026 Term (September to December).
Must be an active student during your internship and/or returning to school in Winter 2027 following your internship.
No Canadian work experience required, but must be eligible to work in Canada.
Microsoft Office Suite and PowerBI.
Microsoft Excel, PowerBI, SQL, R, and Python, Jira.
Basic knowledge of offensive security operations, tools, and techniques, with interest in hands-on (manual) testing beyond automated scanners.
Excellent oral and written communication skills.
Ability and desire to learn/adapt quickly to a changing environment.

Nice To Haves

Familiarity with Cybersecurity TPRM Due Diligence Questionnaire, NIST CSF, SOC 2 Type 2, and ISO 27001.
Strong understanding of Risk and Statistics modeling techniques and ability to present visualizations on the analysis.
Project Management experience.
Able to communicate technology and cybersecurity risks in business-friendly language.
Familiarity with Technology and Cybersecurity Risk Management framework, best practices.
Strong interest/experience in Governance, Risk, and Compliance (GRC).
Communicate technical security findings in clear, business-friendly language.
Familiar with OWASP Top 10, MITRE ATT&CK, and CVSS.
Exposure to penetration testing.
Interest/experience in red team concepts.
Past internship experience in security is considered an asset.

Responsibilities

Perform cybersecurity risk assessments of vendors, focusing on identifying vulnerabilities and evaluating adherence to security standards.
Support documentation and updates of Standard Operating Procedures using knowledge of relevant standards and processes.
Quickly learn team processes, support daily activities, and acquire knowledge and understanding from cross-functional teams.
Process cybersecurity risk oversight & reporting requests.
Support the maintenance of a metrics library.
Assist in preparing cybersecurity reports.
Manage risk assessment tools.
Conduct research and development for quantitative risk analysis.
Enhance reporting through automation.
Stay informed on security trends and detection methods.
Maintain and upkeep documentation.
Conduct Purple Team breach-and-attack simulations to assess and strengthen the security posture of IFC and its affiliates.
Assist with manual, real-world TTP assessments across scenarios like supply chain, insider/external threat, social engineering, and application/network/infrastructure testing.
Shadow Red Team operators to learn offensive security workflows, tools, and career skill paths.
Contribute to adversarial operations, TTP assessments, and security consulting tasks for "Red Team as a Service" requests.