Information Security Compliance Intern
Sprinto
IT, Legal
Bengaluru, Karnataka, India
The Audit Experience function manages Sprinto’s relationship with its audit partner ecosystem. This role offers a structured pathway to building genuine subject matter expertise in GRC and audit — not just theoretical familiarity, but the kind of depth that comes from working directly alongside an SME on real programs. The intern will engage hands-on with compliance frameworks like SOC 2 and ISO 27001, audit partner lifecycle management, and the product-led GRC environment that Sprinto operates in.
This role is designed for someone who wants to develop into a domain expert in GRC and audit — you’ll build deep working knowledge of how audit programs function, how compliance controls are evaluated, and how information and cybersecurity requirements translate into real audit expectations. Day-to-day program support provides the applied context that accelerates this learning, grounding abstract frameworks in live, operational decisions.
What Your Impact Will Look Like:
- Audit Partner Enablement Operations - Track and drive audit partners through the onboarding and enablement lifecycle. Maintain internal trackers, coordinate across teams to unblock dependencies, and flag partners stalling at any stage.
- Auditor Directory Maintenance - Keep the auditor directory accurate and current — verify accreditation status against relevant accreditation bodies, update partner profiles, and ensure listing information remains factually accurate.
- Evidence Mapping Support - Assist the SME in mapping audit evidence requirements to platform capabilities. This includes preparing reference data, identifying gaps, and documenting findings that feed into product improvement workflows.
- Audit Partner Vetting - Run the verification process for new audit partner candidates.
- Query Management - Serve as the first responder for routine auditor and internal team queries. Escalate non-routine matters to the SME.
- AI-Assisted Workflow Building - Build and iterate on AI agents to handle routine Audit Experience tasks — including audit partner queries, periodic auditor directory reviews, and evidence mapping lookups. Working with GenAI platforms such as Claude, ChatGPT, or Gemini, you’ll design prompts, test agentic workflows, and help establish repeatable automation patterns that reduce manual effort over time.
- Ad Hoc Audit Experience Support - Assist the SME with other Audit Experience initiatives as they arise — including research, documentation, process improvement, and cross-functional coordination.
What You’ll Bring To The Team:
Completed a graduation or master’s degree in GRC, Information Security, Risk Management, Computer Science, or a related field — candidates with an academic background directly in GRC or audit are strongly preferred
Prior exposure to audits — whether through academic projects, internships, or professional experience — is a strong plus; candidates who have worked in or adjacent to audit functions are particularly encouraged to apply
Genuine interest in exploring information and cybersecurity — you’re curious about how audit and compliance frameworks connect to real-world security posture, not just ticking boxes
Comfortable working with spreadsheets, trackers, and data — a lot of the learning here happens through doing, not just observing
Strong attention to detail — verification and mapping reviews are precision work
Good written communication — you’ll be documenting processes and responding to audit partner queries
Comfortable using GenAI tools — Claude, ChatGPT, Gemini, or any equivalent platform; prior experience building agents or automating workflows with AI is a strong plus, but a genuine appetite to learn and experiment is what matters most
Self-directed — the SME will provide guidance and review, but you’re expected to own the operational cadence independently