You are viewing a preview of this job. Log in or register to view more details about this job.

GRC/SOC Intern

Dialight Corporation
Email

Position Overview

The GRC/SOC Intern will support the organization’s cybersecurity governance, risk, compliance, and security operations activities. This role is ideal for a student or early-career professional interested in learning how organizations manage cyber risk, monitor security events, maintain compliance readiness, and strengthen security controls across the enterprise.

The intern will work closely with members of the Information Security team to assist with security documentation, risk assessments, control reviews, audit support, alert triage, and continuous improvement initiatives.

Key Responsibilities

  • Assist with Governance, Risk, and Compliance activities, including maintaining policy documentation, security standards, risk registers, and control evidence.
  • Support internal and external audit readiness by gathering documentation, organizing evidence, tracking remediation items, and following up with stakeholders.
  • Help perform basic risk assessments for vendors, systems, applications, and business processes.
  • Assist with mapping security controls to common frameworks such as NIST Cybersecurity Framework, ISO 27001, SOC 2, CIS Controls, or other applicable standards.
  • Support Security Operations Center activities by reviewing security alerts, documenting observations, and escalating potential incidents according to established procedures.
  • Participate in vulnerability management activities, including tracking findings, validating remediation status, and preparing summary reports.
  • Contribute to phishing awareness, security training, and other cyber hygiene initiatives.
  • Help create dashboards, reports, metrics, and presentations for security leadership and business stakeholders.
  • Research cybersecurity threats, compliance requirements, and industry best practices to support ongoing security improvements.
  • Collaborate with IT, Legal, Procurement, and business teams to support security and compliance projects.

Required Qualifications

  • Currently pursuing a degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Business, Risk Management, or a related field.
  • Strong interest in cybersecurity, governance, risk management, compliance, and security operations.
  • Basic understanding of cybersecurity concepts such as access control, vulnerability management, incident response, network security, and data protection.
  • Strong analytical, organizational, and problem-solving skills.
  • Excellent written and verbal communication skills.
  • High attention to detail and ability to handle confidential information responsibly.
  • Ability to work independently while also collaborating effectively with a team.
  • Proficiency with Microsoft Office applications, including Word, Excel, PowerPoint, Outlook, and Teams.

Preferred Qualifications

  • Coursework, projects, or certifications related to cybersecurity, risk management, audit, or compliance.
  • Familiarity with frameworks or regulations such as NIST, ISO 27001, SOC 2, PCI DSS, or SOX.
  • Exposure to security tools such as SIEM platforms, vulnerability scanners, endpoint protection tools, ticketing systems, or GRC platforms.
  • Experience using Excel or other tools to organize data, create reports, and track action items.
  • Interest in pursuing certifications such as Security+, Network+, ISC2 Certified in Cybersecurity, or similar credentials.

What You Will Learn

  • How cybersecurity governance, risk, compliance, and security operations work together in a practical business environment.
  • How to support audit readiness, evidence collection, control testing, and remediation tracking.
  • How security teams monitor alerts, document findings, and escalate potential incidents.
  • How common cybersecurity frameworks and standards are applied to policies, controls, and business processes.
  • How to communicate cybersecurity risks, metrics, and recommendations to technical and non-technical stakeholders.

Work Environment and Schedule

This internship is intended to provide hands-on exposure to cybersecurity, risk management, compliance, and security operations in a professional setting. The intern will report to a designated Information Security leader or team member and may support both project-based and operational activities. Schedule, duration, and work location may vary based on business needs and candidate availability.

Ideal Candidate Profile

The ideal candidate is curious, detail-oriented, dependable, and eager to learn. They should be comfortable asking questions, documenting their work clearly, following established processes, and handling sensitive information with professionalism.