C
Risk Management Intern
Riyadh, Riyadh Province, Saudi Arabia • Teilzeit
1 Bewerber
- Erfahrung
- Beliebig
- Gehalt
- —
- Stellenangebote
- 1
- Veröffentlicht
- vor 1 Woche
- Arbeitsmodus
- Im Büro
- Ausbildung
- Bachelor's or Master's degree
- Teilnahmeberechtigung
- Currently enrolled Bachelor’s or Master’s students in Cybersecurity, Information Technology, MIS, Business, Law, or a related discipline. Junior, senior, and master’s students are preferred.
- Wieder aufnehmen
- Bewerbung erforderlich
Wo Sie arbeiten werden
Stellenbeschreibung
Role Overview
This part-time on-site internship is based in Riyadh and offers practical exposure to governance, risk management, and compliance work within a semi-government environment. The position is designed for students who want to build a strong foundation in cybersecurity and enterprise risk practices while supporting day-to-day GRC activities.
Governance
- Contribute to the review, formatting, and upkeep of information security policies, standards, and procedures.
- Assist with the organization-wide security awareness program by helping draft newsletters, monitoring training completion, and supporting phishing simulation setup.
- Prepare presentation decks and management reports covering security metrics.
Risk Management
- Observe senior team members as they carry out IT and cybersecurity risk assessments.
- Support third-party risk management by reviewing basic vendor security questionnaires and arranging vendor-related records.
- Maintain the risk register by recording new risks and following up on remediation actions.
Compliance
- Help collect and organize supporting evidence for audits such as SOC 2, ISO 27001, and HIPAA.
- Track remediation progress for audit observations and findings.
- Keep a central, well-organized repository of compliance documents and certifications.
What You Will Learn
- How industry frameworks such as NIST, ISO 27001, and SOC 2 are applied in real business settings.
- Ways to convert technical IT and cybersecurity issues into business risk language.
- Practical experience with GRC tools and platforms.
- How third-party vendor risk reviews are performed.
Qualifications
- Applicants should be currently enrolled in a Bachelor’s or Master’s program in Cybersecurity, Information Technology, Management Information Systems, Business, Law, or a similar field.
- Rising juniors, seniors, and master’s students are preferred.
- A basic grasp of IT fundamentals and introductory cybersecurity concepts is expected.
Fähigkeiten
Datenorganisation
Compliance Reporting
Managementberichterstattung
Cybersecurity Fundamentals
Risk assessment support
Security Awareness Training
Third-Party Risk Management
Governance, Risk and Compliance (GRC)
Information Security Documentation
Audit Evidence Management
Vendor Questionnaire Review