Intern, Risk Management

Position Summary

Sony Corporation of America (SCA) is seeking a motivated and detail-oriented Intern Risk Management to support the Corporate Information Security Department (CISD). This internship provides hands-on exposure to information security risk management, governance, risk, and compliance (GRC) processes, and third-party security assessments. The intern will work closely with the Risk Management team to help protect Sony's information assets, systems, and services.

TheCISDsummer internship program is designed to provide skills, knowledge, and hands-on work experience in the information security and privacy industry, supporting the personal growth of our interns as well as Sony business results.

This 12week summer internship runs from June through August and offers a hybrid work option.

Responsibilities:

• Assist with information security risk assessments for systems, applications, projects, and third-party vendors.

• Support the preparation of risk assessment documentation and reports for internal stakeholders.

• Help with vendor security reviews, including gathering evidence and reviewing security questionnaires.

• Collaborate with security, technology, and business teams to track identified risks and mitigation actions.

• Support activities related to the global GRC platform, including data entry, intake tracking, and documentation.

• Assist in documenting business requirements, process flows, and enhancement requests for GRC initiatives.

• Participate in identifying gaps in processes or controls and proposing improvement ideas.

• Support testing activities, including test case execution and validation of results.

• Assist with training materials, presentations, and stakeholder communication.

• Provide general administrative and project support for risk management and GRC initiatives as needed.

• Honesty, trustworthiness, and ethical conduct are material requirements for the responsibilities outlined above.

Qualifications:

• Current student pursuing a bachelor's or master's degree in business, Information Systems, Cybersecurity, Engineering, or a related field.

• Interest in information security, risk management, or GRC.

• Basic understanding of information security concepts (e.g., access management, networking, cloud, or data protection) is a plus.

• Strong analytical, research, and documentation skills with attention to detail.

• Ability to communicate clearly with both technical and non-technical audiences.

• Comfortable working with data, spreadsheets, and documentation.

• Proficient in Microsoft Office (Excel, Word, PowerPoint).

• Self-motivated, eager to learn, and able to work both independently and in a team environment.

• Ability to manage multiple tasks and adapt in a dynamic environment.

• All candidates must be authorized to work in the USA.

The hourly rate for this internship depends on education level: $24.00 per hour for undergraduate candidates and $25.00-$27.00 per hour for graduate candidates. The individual will be paid hourly and eligible for overtime.