Accounting, Business Administration, Communication Skills, Detail Oriented, Documentation, External Audit, Finance, Global Financial Markets, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Leadership, Management of Information Systems/Technology (MIS), Presentation/Verbal Skills, Risk, Risk Analysis, Risk Management, Security Infrastructure, Writing Skills
Summer Intern – Information Security
Position Title: Information Security Intern
Department: Chief Security Officer
Job Type: Full-time (40 hours per week), non-exempt, hourly
Internship Duration: June 15 – August 7, 2026
Work Schedule: Hybrid/remote with at least two days in office per week
Location: Reston, VA
POSITION SUMMARY
This internship will offer hands-on experience in cybersecurity governance, risk, and compliance at a global financial-sector ISAC. The intern will support FS-ISAC's external audit and risk programs, with a primary focus on member audit and assessment responses. The role provides broad exposure to FS-ISAC's control environment, security policies, and the teams that operate them.
ESSENTIAL FUNCTIONS
- Assist with end-to-end responses to member-issued security questionnaires and assessments, drafting answers based on FS-ISAC policies, prior responses, and current control evidence
- Coordinate with subject-matter experts across FS-ISAC (security, engineering, legal, operations) to validate questionnaire responses and gather supporting evidence
- Organize and maintain the information security evidence library, ensuring artifacts are current, properly tagged, and easy to retrieve for future audits
- Support the self-identified risk program, including intake, documentation, and tracking of risks through the information security platform
- Assist with reviewing and updating information security policies and standards
- Shadow external audit activities and contribute to audit preparation and follow-up
- Present work and findings to the information security team and senior leadership at the end of the program
QUALIFICATIONS
- Must be a rising junior or senior currently enrolled in an accredited undergraduate program, with a concentration in cybersecurity, information systems / MIS, accounting, business administration, risk management, or a closely related discipline
- Strong interest in cybersecurity, governance, risk, and compliance, or audit
- Excellent written and verbal communication skills, with strong attention to detail
- Comfort working with structured documents, policies, and evidence; ability to read carefully and write precisely
- Demonstrated professionalism, discretion, and ability to handle confidential information
- Must be authorized to work in the United States
WORK ENVIRONMENT
This is a hybrid internship. The intern must report to Reston, VA office two days per week. Interns are expected to maintain a professional work environment and be able to perform the essential functions of the role. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions. This job description is intended to describe the general nature and level of work performed and is not an exhaustive list of all responsibilities, duties, or skills required. Responsibilities may be modified or assigned as business needs evolve.