INTERNSHIP SUMMARY:

The CIS Risk Management program deploys, implements, and adopts business continuity and disaster recovery / contingency plans to manage business disruptions. The program also manages internal policies, training, and communications to promote a security-minded workforce. Additionally, the Risk Management program monitors and supports compliance with industry standards and regulations and provides input regarding the CIS program to Thermo Fisher Scientific customers. The program manages the policy exception and risk acceptance lifecycle and performs IT Cybersecurity, Third Party and Data Privacy assessments and authorizations. Finally, the team manages and maintains the company’s Cybersecurity and IT Operational Risk Registers and utilizes the registers to help drive risk remediation over time.

As an intern, you will sit within the Corporate Information Security (CIS) Team but will have interactions across all business units and corporate functions.

The Corporate Infrastructure and Security (CIS) Risk Management Intern will be supporting the Risk Management team as part of the CIS Program, as assigned by the CIS Risk Management Director.

The Risk Management Intern is responsible for executing various functions within the Risk Management team including:

• Disaster Recovery / Business Continuity
• Compliance
• Policy
• Assessments and Authorizations
• Risk Analysis

The CIS Risk Management Intern will assist the other analysts on the team with larger Company initiatives, as well as performance of ongoing data gathering, analysis, metrics and reporting.

KEY RESPONSIBILITIES:

• Develop disaster recovery and business continuity planning templates that that will be utilized by the IT BC/DR Program and provided to key stakeholders.
• Design and develop training and awareness materials.
• Compile, analyze, and report on metrics related to business functions, applications, testing and other data associated with Business Continuity and Disaster Recovery Plans.
• Serve as a project manager for the completion of BC/DR Program deliverables and tasks.
• Research of laws and regulations, analysis of business applicability, and recommendations to leadership for a path forward.
• Assist with internal audits and assessments, learning how a complex organization utilizes tools and strategies to achieve global security and compliance.
• Edit and manage policies throughout the documentation lifecycle.
• Coordinate feedback on policies from various stakeholders within CIS as well as the rest of the IT organization, Legal and Human Resources, as needed.
• Support A&A team operational activities by assisting/performing control assessments within Cybersecurity, 3rd party and Data Privacy domains.
• Assist in maintaining the control assessment workflow and ensure all tickets are actioned according to team procedures.
• Identify, collect and mine data required for various facets of the A&A team (e.g. control assessments, CMDB relevant data, metrics and reports).
• Gather and analyze and store artifacts in accordance with corporate CIS standards to ensure programs can prove and track compliance.
• Assist with analysis of identified risks from a variety of sources including audits, compliance checks, automated vulnerability systems, and other internally or externally reported risks.
• Complete analyses and reports and work with the Senior Manager of Risk Analysis and other security risk analysts
• Review and track action plans developed by risk owners and ensure plans are completed appropriately.
• Perform other Risk Management duties as assigned.
• Become a valued team member.

• Currently pursuing a Bachelor's degree in Cybersecurity, Informatics, Data Protection, Information Systems, Computer Science, Risk Management, Emergency Management or related degree
• To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status.
• Basic/Intermediate knowledge in cybersecurity/risk management or general IT domains.
• Basic/Intermediate understanding of BC/DR core concepts including BIA, BC and DR plan documentation, recovery time and point objectives, incident management, and testing/exercising.
• High level energy, creativity and flexibility
• Strong interpersonal, organizational, presentation, and excellent documentation skills are a must.
• Strong attention to detail and high organizational acumen.
• Strong writing and research skills
• Project management skills and the ability to manage multiple work products and deadlines

Please submit a resume and cover letter.

As the world’s leader in serving science, Thermo Fisher Scientific's professionals develop critical solutions—and build rewarding careers. They help customers in finding cures for cancer, protecting the environment, making sure food is safe, and so much more. When you #StartYourStory with Thermo Fisher, you are guaranteed meaningful work - both personally and professionally.