IT Cybersecurity Compliance Intern

Oceaneering is a global provider of engineered services and products, primarily to the offshore energy industry. We develop products and services for use throughout the lifecycle of an offshore oilfield, from drilling to decommissioning. We operate the world's premier fleet of work class ROVs. Additionally, we are a leader in offshore oilfield maintenance services, umbilicals, subsea hardware, and tooling. We also use applied technology expertise to serve the defense, entertainment, material handling, aerospace, science, and renewable energy industries.

• Compliance & Governance:
  • Maintain compliance with relevant frameworks (e.g., NIST, CMMC, ISO 27001, CIS, SOC 2, GDPR, Cyber Essentials).
  • Conduct internal audits and risk assessments to ensure adherence to security standards.
  • Prepare documentation for regulatory and contractual compliance reporting.
• Vulnerability Management:
  • Oversee vulnerability scanning and remediation processes across systems and applications.
  • Collaborate with IT and development teams to prioritize and remediate findings.
  • Track and report vulnerability metrics, ensuring timely closure of critical issues.
• Policy Development & Enforcement:
  • Draft, update, and maintain cybersecurity policies, standards, and procedures.
  • Communicate policy changes and provide training to stakeholders.
  • Enforce compliance through monitoring, reporting, and corrective actions.
• Risk Management:
  • Identify and assess security risks related to systems, vendors, and business processes.
  • Recommend mitigation strategies and track implementation progress.
• Collaboration & Reporting:
  • Work closely with IT Security, Legal, and Risk Management teams.
  • Prepare compliance dashboards and present findings to leadership.
  • Support incident response and post-incident compliance reviews.

LOCATION:

Hybrid out of the Clear Lake Office.

• Collaboration & Reporting:
  • Work closely with IT Security, Legal, and Risk Management teams.
  • Prepare compliance dashboards and present findings to leadership.
  • Support incident response and post-incident compliance reviews.
• Contract Review:
  • Review vendor and third-party contracts for cybersecurity and data protection clauses.
  • Ensure compliance with organizational security requirements in procurement processes.
  • Advise Cybersecurity teams on risk mitigation strategies.

• Required
  • Bachelor's degree in progress for Cybersecurity, Information Technology, or related field.
  • Excellent written and verbal communication skills for policy documentation.
  • US Citizen or green card holder qualification.
• Preferred
  • 3 Months of experience in cybersecurity compliance or governance.
  • Knowledge of regulatory frameworks (NIST, ISO, SOC, GDPR, HIPAA).
  • Experience with vulnerability management tools (e.g., Qualys, Tenable, Rapid7).
  • Familiarity with contract language related to Cybersecurity and data protection.
  • Certifications or coursework preferred: CISSP, CISM, CRISC, or similar.

KNOWLEDGE, SKILLS, ABILITIES, AND OTHER CHARACTERISTICS:

• Analytical thinking and attention to detail.
• Ability to manage multiple compliance initiatives simultaneously.
• Strong stakeholder engagement and negotiation skills.

This position is Hybrid - Remote and will require commuting to a designated office. Hybrid work schedules are determined by the hiring manager based on business need.

All qualified candidates will receive consideration for all positions without regard to race, color, age, religion, sex (including pregnancy), sexual orientation, gender identity,national origin, veteran status,disability, genetic information, or other non-merit factors.

Regular full-time employees who apply will be considered along with external candidates. Employees with less than six months with their current position are not eligible to apply for job postings. Please discuss your interest in the position with your current manager/supervisor prior to submitting your completed application. It is highly recommended to apply through the PeopleSoft or Oceanet portals.