Cybersecurity Risk And Compliance Intern

Summary

Join AC Disaster Consulting as a Cybersecurity Risk & Compliance Intern and gain hands-on experience in governance, risk, and compliance (GRC). This temporary, remote internship will have you supporting the Digital Technology & Innovation (DTI) team in aligning organizational practices with the NIST Cybersecurity Framework (CSF) 2.0, conducting risk assessments, and developing security policies. You will participate in incident response planning, collaborate on security documentation, and shadow cross-functional meetings. The internship offers professional development through exposure to real-world cybersecurity operations. Compensation is $18/hour, but the position is not benefits eligible.

Requirements

• Ability to read, interpret, and contribute to security policies, procedures, and compliance documentation
• Strong written and verbal communication skills, with the ability to document findings clearly and present to non-technical audiences
• Research skills to analyze cybersecurity frameworks, best practices, and emerging threats
• Ability to manage time independently and stay organized on multi-week projects with limited supervision
• Interest in GRC (Governance, Risk, and Compliance), audit readiness, or security operations
• Team-oriented mindset with the desire to learn from professionals across departments and contribute to a mission-driven environment
• Ability to maintain confidentiality with sensitive customers and internal information
• Capable of multi-tasking when necessary
• Excellent critical thinking, strategic planning, and problem-solving skills
• Highly organized and detail oriented
• Ability to remain flexible and adapt quickly to changes in roles and projects
• Currently pursuing a degree or recent graduate in Cybersecurity, Computer Science, Information Systems, or related field
• Can demonstrate foundational knowledge in at least two areas: Introduction to Cybersecurity, Networking and Systems, Information Security Policies, Risk Management or Governance, Risk, and Compliance (GRC)
• Demonstrates interest or experience in cybersecurity through one or more of the following: Completion of relevant certifications (e.g., Security+, SSCP, GFACT), Participation in cyber competitions (e.g., NCL, CCDC), Hands-on labs, home labs, or personal cybersecurity projects, Volunteer or work experience in IT, cybersecurity, or tech-related support
• Familiarity with the NIST Cybersecurity Framework (CSF) and foundational cybersecurity principles (e.g., CIA triad, risk management)
• Completed coursework in Intro to Cybersecurity, Networking & Systems, Security Policies, or Risk Management
• 0-2+ years’ beginner-level knowledge/experience in Cybersecurity, Computer Science, or Information Systems principles
• Beginner-level customer service experience
• Proficient in Microsoft Office 365, particularly Excel
• Must be 18 years of age or older
• Eligibility to work in the United States without employer sponsored visa is required. We are not able to employ those located outside of the US
• Must pass company and any applicable client background check and reference check upon offer of employment

Responsibilities

• Support the DTI team in aligning organizational practices with the NIST Cybersecurity Framework (CSF) 2.0
• Assist with risk assessments by identifying, documenting, and evaluating current security controls and processes
• Conduct a gap analysis comparing the company’s security posture to industry standards and NIST requirements
• Research and draft or revise security policies, procedures, and documentation in preparation for hurricane season
• Participate in internal discussions or working groups related to incident response readiness and disaster recovery
• Shadow cross-functional meetings and virtual client engagements, where appropriate, to understand cybersecurity’s role in business continuity
• Contribute to an internal incident response checklist or escalation process document
• Collaborate with staff to understand how cybersecurity principles apply in real world operations
• Prepare and deliver a final capstone project summarizing key findings, takeaways, and recommendations to company leadership
• Maintain accurate records of research, documentation, and project progress throughout the internship using Confluence
• Work on projects that have a direct impact on clients if available/needed
• Perform other duties as assigned

Preferred Qualifications

• Current GPA of 3.0 or higher
• Participation in a cyber competition (e.g., CCDC, NCL) or equivalent hands-on challenge is a plus
• Experience with hands-on labs or simulations involving security tools, risk assessments, or incident response
• 1 year of previous emergency management-related internship, volunteering, or work experience