We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Fearless Solutions jobs

IT Security & Compliance Intern

Fearless Solutions
sick time, 401(k)
United States, Maryland, Baltimore
8 Market Place (Show on map)
May 02, 2026
Job Requirements

IT Security & Compliance Intern

Fearless is excited to launch our internship program in partnership with the Maryland Lighthouse AI Initiative. This program provides college students, recent graduates, and career changers with real-world experience in the government technology industry. Interns will gain hands-on technical skills alongside a broad set of professional skills - including interviewing, resume building, and networking - to support job readiness and long-term career growth. This internship will begin on June 1 and end August 14, 2026.

As an IT Security & Compliance Intern, you will work alongside the Fearless IT team to assess our security posture and document our readiness for the Cybersecurity Maturity Model Certification (CMMC) and NIST SP 800-171 requirements. You'll help build the foundational artifacts every federal contractor needs - accurate asset inventories, clearly mapped policy gaps, and well-structured Plans of Action and Milestones (POA&Ms). This role is ideal for someone who is curious about cybersecurity, enjoys careful documentation, and wants hands-on exposure to the compliance frameworks that shape the government technology industry.

Your Responsibilities in this Role:

Security Posture Assessment

  • Assist the IT team in assessing Fearless's current IT security posture against CMMC Level 2 and NIST SP 800-171 controls
  • Review existing security policies, procedures, and technical configurations to evaluate alignment with required practices
  • Help conduct interviews with system owners and stakeholders to understand how controls are implemented in practice
  • Support evidence collection - including screenshots, configuration exports, and policy artifacts - that demonstrates control implementation

Asset Inventories

  • Conduct and maintain inventories of in-scope assets, including hardware, software, cloud services, and information systems that store, process, or transmit Controlled Unclassified Information (CUI)
  • Document asset attributes such as owner, location, classification, and data sensitivity
  • Use AI tools to accelerate inventory normalization, deduplication, and gap analysis while validating results against authoritative sources
  • Help establish a repeatable process for keeping the asset inventory current as the environment evolves

Compliance Documentation

  • Map existing policies and practices to specific CMMC and NIST SP 800-171 control families and identify documentation gaps
  • Draft, edit, and organize compliance artifacts including System Security Plans (SSPs), policies, procedures, and supporting evidence
  • Use AI tools to accelerate first-draft documentation while ensuring accuracy, consistency, and alignment with framework language
  • Maintain version control, traceability, and clear audit trails across compliance artifacts

POA&M & Remediation Planning

  • Contribute to Plans of Action and Milestones (POA&M) documentation that captures identified gaps, planned remediations, owners, and target completion dates
  • Help prioritize findings based on risk, control criticality, and effort required
  • Track remediation progress and update POA&M entries as work moves forward
  • Support the IT team in preparing materials for internal reviews and assessor readiness conversations

Collaboration & Professional Development

  • Partner with IT, Security, and business stakeholders to gather information and validate findings
  • Present work in team reviews and contribute to a culture of continuous improvement
  • Participate in program activities focused on interviewing, resume building, networking, and career readiness in the gov tech industry


Work Experience

Project Skill and Experience Requirements:

  • Currently enrolled in or recent graduate of an associates, bachelor's or master's program - OR a career changer with relevant transferable experience or self-directed learning in cybersecurity, IT, information systems, risk management, audit, or a related field
  • Familiarity with basic cybersecurity or IT concepts through coursework, certifications, bootcamps, lab work, or self-study (you don't need prior professional experience)
  • Strong attention to detail with a commitment to accuracy, traceability, and clear documentation - you take pride in getting the small things right
  • Comfort with spreadsheets (Excel or Google Sheets) for tracking lists, simple calculations, and basic data organization (or eagerness to build these skills quickly)
  • Curiosity about AI tools (e.g., Claude, ChatGPT, Copilot) and willingness to learn how to use them responsibly for documentation and analysis
  • Strong written communication skills - able to explain technical concepts clearly and write step-by-step instructions someone else can follow
  • Discretion and trustworthiness - understands that handling sensitive information requires care and confidentiality
  • Ability to work a full-time, hybrid schedule from the Baltimore area for the program duration

Nice-to-Have Skills

  • Coursework, capstone projects, internship, or club/competition experience (e.g., CyberPatriot, Collegiate Cyber Defense Competition, hackathons) related to cybersecurity, information assurance, IT risk, audit, or compliance
  • Familiarity with cybersecurity frameworks such as NIST SP 800-171, NIST SP 800-53, CMMC, ISO 27001, or the NIST Cybersecurity Framework - even at an introductory level
  • Awareness of common IT environments - endpoints, identity providers, cloud platforms (AWS, Azure, GCP), and SaaS applications
  • Pursuit of or interest in entry-level certifications such as CompTIA Security+, ISC2 Certified in Cybersecurity (CC), Google Cybersecurity Certificate, or equivalent (already earned is a plus, but not required)
  • Exposure to GRC platforms (e.g., Hyperproof, Vanta, Drata, Archer) or compliance tracking tools - through demos, tutorials, or trial accounts is fine
  • Interest in or familiarity with government technology, defense industrial base work, or public-interest mission-driven work

Fearless Skills and Competencies

  • Synthetic Thinking: The ability to combine different ideas, information, or concepts to create a new, complex understanding or solution by integrating disparate elements into a new, meaningful whole.
  • Adaptability: Comfort with change, flexibility in the face of shifting demands and resilience to setbacks.
  • Ownership & Accountability: Committed to taking responsibility for outcomes, ensuring that all commitments are met with a focus on enhancing service delivery.

Required Level of Proficiency:

  • Fundemental Awareness: You possess common knowledge or an understanding of basic techniques and concepts. Experience has been gained in a "classroom" and experimental scenarios or as an on-the-job trainee. You are expected to need help when performing skills. You understand and can discuss terminology, concepts, principles, and issues associated with this competency/skill.

Physical Requirements:

  • Ability to sit for extended periods while working on a computer or during meetings.
  • Must be able to travel occasionally to client sites or company meetings, which may involve driving or flying.
  • Ability to communicate effectively via phone, email, and in-person, requiring clear speech, listening, and written communication skills.
  • Ability to move within an office environment, including reaching for files, using office equipment, and occasional light lifting (up to 10 pounds).


Benefits

Life at Fearless

We're a digital integration consultancy on a mission to build a better tomorrow. At Fearless, we combine technology, people, and organizational development to solve meaningful problems. Through iterative development, we deliver smart, user-friendly solutions that make tech work better-for everyone.

But great tech is just part of the story. What really makes us Fearless is our Purple Culture.

What Makes Us Purple?
Being Purple means you:

  • Are valued as a whole person-not just a job title
  • Get matched with work that plays to your strengths and passions
  • Are supported by coaches, not micromanagers
  • Have the autonomy and clarity to make decisions and drive impact
  • Join a community that celebrates equity, curiosity, and innovation
  • Do work that matters-every day

We believe in flexibility, growth, and balance. Our benefits and culture are designed to support you in doing your best work-while making space for what matters to you outside of it.

We're proud to be an equal opportunity employer. At Fearless, we're building a workplace that welcomes and respects everyone-across race, gender, age, religion, identity, background, and ability. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Compensation at Fearless
Fearless is committed to providing a competitive compensation package that will meet your current and future needs. Our philosophy is aimed at rewarding team member contributions, supporting long-term financial growth and security, and overall well-being.

We believe in paying people fairly, so we've established a compensation model aimed to ensure everyone at Fearless - regardless of race, ethnicity, gender, sexual orientation, disability, religion, age, nationality, or willingness/ability to negotiate - is consistently paid fairly based on alignment to the needs and requirements of the role.

The hourly rate for this position is $20.00 per hour.

Benefits at Fearless

At Fearless, we take care of our team-because when you're supported, you can do your best work. We offer a flexible, family-friendly environment with benefits designed to support your health, growth, and life outside of work.

For Full-Time Team Members (Starting Day One):

  • Flexible, life-friendly schedules
  • 401(k) with 4% match & immediate vesting
  • Sick Leave

Reasonable Accommodations
Fearless is committed to providing reasonable accommodations for applicants and candidates with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please contact the Human Resources Department at hr@fearless.tech.

So, What's Next?

We've refined our hiring approach to make sure every team member is a great fit for Fearless-and that we're a great fit for you, too. If there's alignment, we'll reach out to kick off the interview process. Depending on the role or project, your experience may vary slightly, but it typically includes:

Introductory Interview
You'll connect with a recruiter to:

  • Build rapport and get to know each other
  • Review your experience and skills
  • Talk through salary expectations and role details
  • Set expectations for the rest of the process

Skills + Business Fit Interview
This is where we dig deeper to:

  • Review findings from any technical assessments
  • Walk through situational and values-based questions
  • Explore how your approach aligns with Fearless culture and project needs

Some roles may also include customer interviews based on specific project requirements in addition to background check and security clearance requirements.



Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-rddb7)