You are viewing a preview of this job. Log in or register to view more details about this job.

Cybersecurity Co-op Intern - GRC Team

National Basketball Association (NBA)
Email

Job Title: NBA Summer Internship - Cybersecurity Co-op Intern (GRC Team)

 

Program Overview:  The NBA Summer Internship is a 10-week program that runs from early June to mid-August. The program provides participants with the opportunity to learn about the business of basketball, develop critical career skills, and contribute to meaningful projects across a range of departments within the NBA.

 

Position Summary: Do you like solving problems and thinking about how to keep information safe? Are you curious how a major sports league protects its systems and data every day? We have internship positions focused on Cybersecurity Governance, Risk, and Compliance (GRC).

 

As a Cybersecurity GRC Intern, you will help with policies, risk assessments, and basic compliance tasks related to ISO 27001 and SOC2. You don’t need to be an expert, but you should bring strong analytical skills, attention to detail, and the ability to communicate clearly as you help translate security and privacy requirements into practical controls, processes, and documentation across the organization.

 

Major Responsibilities: Help maintain cybersecurity policies, procedures, and documentation to support ISO 27001, SOC2, and our overall security program.

  • Assist with risk management by collecting information, updating risk lists, and tracking follow-up actions.
  • Support disaster incident response work by helping improve guidelines, playbooks, and communication templates.
  • Help review internal and external security, privacy, and compliance requirements to keep our program up to date.
  • Prepare clear summaries, reports, and presentations to communicate security activities, risks, and progress to management and other teams.

What You Will Learn

  • How cybersecurity governance, risk, and compliance (GRC) work in a real-world organization.
  • The basics of ISO 27001 and SOC 2 frameworks and how they are applied in practice.
  • How to identify, document, and track security and privacy risks.
  • How incident response processes are planned, tested, and improved.

How to communicate technical security topics clearly with both technical and non-technical stakeholders.

 

Required Education/Professional Experience:

Recommended Areas of Study 

  • Information Technology 
  • Software Engineering 
  • Computer Science 
  • Cybersecurity

 

Required Skills/Knowledge Attributes:

 

  • Basic familiarity with core cybersecurity concepts (how data, systems, and accounts are protected).
  • Basic understanding of networking fundamentals (e.g., TCP/IP, DNS, HTTP, firewalls) through coursework or self-study.
  • Familiarity with security and privacy frameworks or regulations (e.g., NIST, ISO 27001, SOC2, GDPR) is a plus, but not required.
  • Comfort working with Windows, macOS, and/or Linux; awareness of basic security features is helpful.
  • Strong analytical and problem-solving skills, with the ability to think critically about security, risk and controls.
  • Strong written and verbal communication skills, with the ability to explain technical topics clearly.
  • Proficiency with Microsoft Office (Excel, PowerPoint, Outlook); data analytics or data visualization experience is a plus.
  • Excellent time management, organization, and follow-through.
  • Certifications such as Network+, Security+, or CySA+ are a plus (not required).