Intern - Governance, Risk, and Compliance (GRC)

Location: Ashburn, VA - Onsite

Duration: This is a temporary, part-time position not to exceed 29 hours per week. 

Position Summary

We are seeking a motivated and detail-oriented Governance, Risk, and Compliance (GRC) Intern to support cybersecurity governance, compliance, risk management, and data protection initiatives across the organization. The intern will work closely with cybersecurity and IT teams to assist with policy management, audit readiness, compliance tracking, documentation management, and security governance operations supporting frameworks such as SOC 2 and CMMC 2.0. This role provides hands-on experience in enterprise security governance, compliance operations, and modern data protection initiatives.

Key Responsibilities

• Assist with reviewing, organizing, and maintaining security policies, standards, and procedures
• Support compliance tracking, audit preparation, and evidence collection activities
• Maintain risk registers, control documentation, and governance records
• Assist with security awareness and governance-related initiatives
• Support data governance and protection efforts including Microsoft Purview, Data Loss Prevention (DLP), Information Protection, and Insider Risk Management processes
• Help review and organize access control, documentation, and compliance-related records
• Assist with reporting, documentation updates, and process improvement initiatives
• Collaborate with cybersecurity and IT teams to support ongoing compliance and governance operations

Preferred Qualifications

• Pursuing or recently completed a degree in Cybersecurity, Information Systems, Information Assurance, Business, Risk Management, or a related field
• Strong written communication, analytical, and organizational skills
• Attention to detail and ability to manage documentation accurately
• Familiarity with Microsoft 365, Excel, SharePoint, and Teams
• Interest in governance, risk management, audit support, security controls, and compliance frameworks such as SOC 2 and CMMC 2.0
• Collaborate professionally across teams

Nice-to-Have Skills

• Exposure to Microsoft Purview, Data Loss Prevention (DLP), Information Protection, or Insider Risk Management concepts
• Familiarity with cybersecurity governance or compliance processes
• Understanding of security policies, audit procedures, or risk assessments
• Experience with documentation management
• Basic understanding of Microsoft Azure or cloud security concepts

Learning Opportunities

Interns will gain hands-on experience in:

• Governance, Risk, and Compliance (GRC) operations
• Security policy and standards management
• Audit readiness and compliance tracking
• Risk assessment and control documentation
• SOC 2 and CMMC 2.0 aligned governance processes
• Data protection and governance initiatives
• Microsoft Purview, DLP, Information Protection, and Insider Risk Management concepts
• Enterprise cybersecurity and IT governance collaboration

Example Projects

• Assisting with audit evidence collection and compliance tracking activities
• Organizing and updating cybersecurity policies and governance documentation
• Supporting data classification and information protection initiatives
• Reviewing shared file access and data governance reporting
• Supporting risk register maintenance and control documentation updates
• Helping improve documentation consistency and compliance readiness processes

Internship Details

• Duration: 3–6 months (flexible)

Bring your passion, expertise, and experience to IBTS, where we appreciate and are committed to our employees. We offer outstanding benefits, growth opportunities, and work hard to maintain a culture that values our employees. 

The Institute for Building Technology and Safety (IBTS) is a 501(c) (3) non-profit organization established to provide unbiased professional building code compliance services, while enhancing the communities in which we work. At IBTS, our mission is to deliver quality services to meet the challenges of governance at all levels while enhancing public safety, economic development, and the general welfare of the community. Our services include Building and Community Development, Energy and Sustainability Services, Disaster Planning and Recovery, Quality Assurance, as well as Compliance and Risk Monitoring.

IBTS is headquartered in Ashburn, VA, with additional offices in Louisiana, Missouri, New York, Puerto Rico, and Washington, DC.

We are committed to building a community of experts with diverse backgrounds, disciplines, and perspectives who are passionate about our mission. IBTS is proud to be an Equal Opportunity and Affirmative Action Employer that maintains a diverse and inclusive workforce.  All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, national origin, age, disability or sexual orientation. This opportunity is open to Section S3 Residents.  Veterans and individuals with disabilities are encouraged to apply.

Explore the opportunities!