Information Security (GRC) Intern - Summer 2023

Information Security (GRC) Intern - Summer 2023

Valvoline Inc. | Lexington, KY, 40598, US
Salary Range:$29,000 – $38,000 Salary range estimated by Zippia

Posted 10 days ago

Apply Now

Description

Overview

Valvoline™ has been in the car business for more than 150 years, starting with the invention of the world's first branded motor oil. Today, we're a global leader in automotive services and lubricants, driven every day by a people-centered focus on innovation and service excellence.

As we often say, it starts with all of our people - and that's where you come in. We're looking for humble, hungry and smart people to help us power the future of mobility. If you're looking for a collaborative and flexible work environment that invests in your growth and success, you've come to the right place.

The IT GRC Intern will partner with and support the IT Governance, Risk, and Compliance Team on responsibilities such as supporting the third-party risk management, security awareness and compliance training, data privacy, and vulnerability management programs. This internship will offer a great opportunity to gain an understanding of the dynamic and vast field of Information Security. Responsibilities include:

* Collaborating on identified program deficiencies from internal and external stakeholders, assisting with performance of ITGCs and other ad hoc tasks, and reviewing evidence/material provided by other internal members for completeness and accuracy
* Conducting vulnerability and policy scanning, effectively communicating identified risks and recommending remediation, and tracking progress
* Performing and evaluating risk assessments, including third-party security and privacy impact assessments
* Supporting the Data Privacy program through responding to Data Subject Request (DSR) and other related efforts
* Generating and tracking security metrics, developing scorecards for the metrics, and communicating results to appropriate members
* Assisting with periodic security awareness training and simulated phishing campaigns


* Maintaining and updating Information Security site and related collaboration sites where communications, documentation, and artifacts are held
* Driving progress towards outcomes for GRC-related continuous improvement projects

What You'll Need

* Pursuing Bachelor's Degree in Accounting, Business Administration, Information Technology or other related field


* Proficient with Microsoft Office suite
* Knowledge of cybersecurity frameworks, such as NIST and ISO
* Familiarity with vulnerability and other security scan tools is a plus
* Ability to maintain confidentiality and appropriately handle sensitive information
* Experience developing presentations, reporting, and analyzing
* Ability to solve complex issues within a team environment
* Strong verbal/written communication abilities and effective interpersonal skills
* Strong sense of urgency
* Strong work ethic and emphasis on attention to detail
* Must be authorized to work in the U.S.

Females and minorities encouraged to apply.

Valvoline provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Are you good at what you do? Join us.

The Company endeavors to make its recruitment process accessible to any and all users. Reasonable accommodations will be provided, upon request, to applicants with disabilities in order to facilitate equal opportunity throughout the recruitment and selection process. Please contact Human Resources at 1-800-Valvoline or email 1-800Valvoline@valvoline.com to make a request for reasonable accommodation during any aspect of the recruitment and selection process. The contact information is for accommodation requests only; do not use this contact information to inquire about the status of applications.